Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs

WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs


Plagegeister aller Art und deren Bekämpfung: WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 02.01.2014, 23:00   #1
kostikko
 
WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs - Standard

WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs


hm ich habe durch winpatrol plus mal diese daten bekommen

-------------------------------------------------------------
[CODE]Log created by WinPatrol PLUS version 29.1.2013.0:29.1.2013.0
Scan saved at 10:47:57 PM, on 1/02/2014
Platform: Windows 7 Home Edition
6.1 x64 Build 7601 2 Service Pack 1
MSIE: Internet Explorer (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\NVIDIA UPDATE CORE\NvTmru.exe
H:\WINPATROL\WINPATROL.EXE
C:\PROGRAM FILES (X86)\Intel\INTEL(R) USB 3.0 EXTENSIBLE HOST CONTROLLER DRIVER\APPLICATION\iusb3mon.exe
H:\SAMSUNG MAGICIAN\SAMSUNG MAGICIAN.EXE
H:\ADOBE ACROBAT\Acrobat\acrotray.exe
C:\PROGRAM FILES (X86)\HOSTS_ANTI_ADWARES_PUPS\HOSTS_ANTI-ADWARE_MAIN.EXE
C:\Users\kostik\Desktop\mbar\mbar.exe
C:\PROGRAM FILES (X86)\MALWAREBYTES' ANTI-MALWARE\mbam.exe
C:\PROGRAM FILES (X86)\MALWAREBYTES' ANTI-MALWARE\mbamgui.exe
C:\PROGRAM FILES\Intel\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORICON.EXE
C:\PROGRAM FILES (X86)\Google\Chrome\APPLICATION\chrome.exe
H:\WINPATROL\WINPATROLEX.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
O1 - Hosts: 127.0
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RTHDVCPL]C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [RtHDVBg_DTS]C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P
O4 - HKLM\..\Run: [IAStorIcon]C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60
O4 - HKLM\..\Run: [Nvtmru]C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
O4 - HKLM\..\Run: [ShadowPlay]C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
O4 - HKCU\..\Run: [dualmonitor]H:\Dual Monitor\DualMonitor.exe
O4 - HKCU\..\Run: [WinPatrol PLUS]H:\WinPatrol\winpatrol.exe -expressboot
O4 - HKU\..\Run: [USB3MON]C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKU\..\Run: [AmIcoSinglun64]C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKU\..\Run: [Acrobat Assistant 8.0]H:\Adobe Acrobat\Acrobat\acrotray.exe
O4 - HKU\..\Run: [HOSTS Anti-Adware_PUPs]C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
O4 - Startup: Samsung Magician.lnk=H:\Samsung Magician\Samsung Magician.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O11 - Options group: [Accelerated graphics] Accelerated graphics - C:\Windows\System32
O11 - Options group: [] -
O23 - Service: Adobe Acrobat Update Service - Adobe Systems Incorporated - C:\PROGRAM FILES (X86)\COMMON FILES\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FLASHPLAYERUPDATESERVICE.EXE
O23 - Service: ASUS Com Service - - C:\PROGRAM FILES (X86)\ASUS\AXSP\1.00.12\ATKEXCOMSVC.EXE
O23 - Service: ASUS System Control Service - - C:\PROGRAM FILES (X86)\ASUS\ASSYSCTRLSERVICE\1.00.11\ASSYSCTRLSERVICE.EXE
O23 - Service: Defragmentation-Service - mst software GmbH, Germany - H:\ASHAMPOO UNINSTALLER 5\DfSdkS64.exe
O23 - Service: DTSAudioSvc - DTS, Inc - C:\PROGRAM FILES\Realtek\Audio\HDA\DTSU2PAUSRV64.EXE
O23 - Service: Google Update-Dienst (gupdate) - Google Inc. - C:\PROGRAM FILES (X86)\Google\Update\GOOGLEUPDATE.EXE
O23 - Service: Google Update-Dienst (gupdatem) - Google Inc. - C:\PROGRAM FILES (X86)\Google\Update\GOOGLEUPDATE.EXE
O23 - Service: HOSTS Anti-PUPs - - C:\PROGRAM FILES (X86)\HOSTS_ANTI_ADWARES_PUPS\HOSTS_ANTI-ADWARE.EXE
O23 - Service: Intel(R) Rapid Storage Technology - Intel Corporation - C:\PROGRAM FILES\Intel\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORDATAMGRSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\PROGRAM FILES\Intel\ICLS CLIENT\HECISERVER.EXE
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\PROGRAM FILES\Intel\ICLS CLIENT\SOCKETHECISERVER.EXE
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\WINDOWS\SYSTEM32\IPROSETMONITOR.EXE
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service - Intel Corporation - C:\PROGRAM FILES (X86)\Intel\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL\JHI_SERVICE.EXE
O23 - Service: Intel(R) Management and Security Application Local Management Service - Intel Corporation - C:\PROGRAM FILES (X86)\Intel\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\PROGRAM FILES (X86)\MALWAREBYTES' ANTI-MALWARE\MBAMSCHEDULER.EXE
O23 - Service: MBAMService - Malwarebytes Corporation - C:\PROGRAM FILES (X86)\MALWAREBYTES' ANTI-MALWARE\MBAMSERVICE.EXE
O23 - Service: Net Driver HPZ12 - Hewlett-Packard - C:\WINDOWS\SYSTEM32\HPZINW12.DLL
O23 - Service: NVIDIA Streamer Service - NVIDIA Corporation - C:\PROGRAM FILES\NVIDIA CORPORATION\NVSTREAMSRV\NVSTREAMSVC.EXE
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\NVVSVC.EXE
O23 - Service: NVIDIA Update Service Daemon - NVIDIA Corporation - C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\NVIDIA UPDATE CORE\daemonu.exe
O23 - Service: Pml Driver HPZ12 - Hewlett-Packard - C:\WINDOWS\SYSTEM32\HPZIPM12.DLL
O23 - Service: Steam Client Service - Valve Corporation - C:\PROGRAM FILES (X86)\COMMON FILES\Steam\STEAMSERVICE.EXE
O23 - Service: NVIDIA Stereoscopic 3D Driver Service - NVIDIA Corporation - C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\3D VISION\NVSCPAPISVR.EXE
O23 - Service: TuneUp Utilities Service - TuneUp Software - H:\TUNEUP 2014\TUNEUPUTILITIESSERVICE64.EXE
O23 - Service: TuneUp Designerweiterung - TuneUp Software - C:\Windows\System32\uxtuneup.dll

--- Additional WinPatrol Info ---
Browser: Unable to find default browser.
MSIE: Internet Explorer (11.00.9600.16428)
0 IE Cookies in Folder: C:\Users\kostik\AppData\Roaming\Microsoft\Windows\Cookies\

WP00 - HKLM\CS1: BootExecute = autocheck autochk *
WP00 - HKLM\CCS: BootExecute = autocheck autochk *
WP00 - HKLM\CS2: BootExecute = autocheck autochk *
WP02 - HKLM\CCS: Command = C:\Windows\system32\cmd.exe


WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix: Default = hxxp://
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes: www = hxxp://

WP31 - Scheduled Tasks: [GoogleUpdateTaskMachineUA.job]C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 01/02/2014 10:23 PM
WP31 - Scheduled Tasks: [GoogleUpdateTaskMachineCore.job]C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 01/02/2014 10:45 PM
WP31 - Scheduled Tasks: [Adobe Flash Player Updater.job]C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 01/02/2014 9:53 PM

WP16 - ActiveX: {25336920-03F9-11CF-8FD0-00AA00686F13} [HTML Document] C:\Windows\System32\mshtml.dll 11.00.9600.16428
WP16 - ActiveX: {6BF52A52-394A-11D3-B153-00C04F79FAA6} [Windows Media Player] C:\Windows\System32\wmp.dll 12.0.7601.18150
WP16 - ActiveX: {8856F961-340A-11D0-A96B-00C04FD705A2} [Microsoft Web Browser] C:\Windows\System32\ieframe.dll 11.00.9600.16428
WP16 - ActiveX: {88D96A05-F192-11D4-A65F-0040963251E5} [XML DOM Document 6.0] C:\Windows\System32\msxml6.dll 6.30.7601.17988
WP16 - ActiveX: {88D96A0A-F192-11D4-A65F-0040963251E5} [XML HTTP 6.0] C:\Windows\System32\msxml6.dll 6.30.7601.17988
WP16 - ActiveX: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [Microsoft Url Search Hook] C:\Windows\System32\ieframe.dll 11.00.9600.16428
WP16 - ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Shockwave Flash Object] C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH64_11_9_900_170.OCX 11,9,900,170
WP16 - ActiveX: {F5078F32-C551-11D3-89B9-0000F81FE221} [XML DOM Document 3.0] C:\Windows\System32\msxml3.dll 8.110.7601.17988
WP16 - ActiveX: {F6D90F16-9C73-11D3-B32E-00C04F990BB4} [XML HTTP] C:\Windows\System32\msxml3.dll 8.110.7601.17988
WP16 - ActiveX: {05589fa1-c356-11ce-bf01-00aa0055595a} [ActiveMovieControl Object] C:\Windows\System32\wmpdxm.dll 12.0.7601.17514
WP16 - ActiveX: {52A2AAAE-085D-4187-97EA-8C30DB990436} [HHCtrl Object] C:\Windows\System32\hhctrl.ocx 6.1.7600.16385
WP16 - ActiveX: {54CE37E0-9834-41ae-9896-4DAB69DC022B} [Microsoft RDP Client Control (redistributable) - version 5a] C:\Windows\System32\mstscax.dll 6.2.9200.16398
WP16 - ActiveX: {72C24DD5-D70A-438B-8A42-98424B88AFB8} [Windows Script Host Shell Object] C:\Windows\System32\wshom.ocx 5.8.7600.16385
WP16 - ActiveX: {6A6F4B83-45C5-4ca9-BDD9-0D81C12295E4} [Microsoft RDP Client Control (redistributable) - version 4a] C:\Windows\System32\mstscax.dll 6.2.9200.16398
WP16 - ActiveX: {8856F961-340A-11D0-A96B-00C04FD705A2} [Microsoft Web Browser] C:\Windows\System32\ieframe.dll 11.00.9600.16428
WP16 - ActiveX: {971127BB-259F-48c2-BD75-5F97A3331551} [Microsoft RDP Client Control (redistributable) - version 3a] C:\Windows\System32\mstscax.dll 6.2.9200.16398
WP16 - ActiveX: {AE24FDAE-03C6-11D1-8B76-0080C744F389} [Microsoft Scriptlet Component] C:\Windows\System32\mshtml.dll 11.00.9600.16428
WP16 - ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Shockwave Flash Object] C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH64_11_9_900_170.OCX 11,9,900,170
WP16 - ActiveX: {D27CDB70-AE6D-11cf-96B8-444553540000} [Macromedia Flash Factory Object] C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH64_11_9_900_170.OCX 11,9,900,170
WP16 - ActiveX: {F935DC22-1CF0-11D0-ADB9-00C04FD58A0B} [Windows Script Host Shell Object] C:\Windows\System32\wshom.ocx 5.8.7600.16385

WP32 - Hidden File: C:\Windows\WindowsShell.Manifest
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-security-lsalookup-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-security-sddl-l1-1-0.dll
WP32 - Hidden File: C:\Windows\System32\api-ms-win-service-core-l1-1-0.dll

WP33 - File Type .AVI: [VLC media file (.avi)]H:\VLC\vlc.exe --started-from-file %1
WP33 - File Type .BAT: [Windows Batch File]%1 %*
WP33 - File Type .CAB: [WinRAR-Archiv]C:\Program Files\WinRAR\WinRAR.exe %1
WP33 - File Type .CAT: [Security Catalog]C:\Windows\system32\rundll32.exe cryptext.dll,CryptExtOpenCAT %1
WP33 - File Type .CHM: [Compiled HTML Help file]C:\Windows\hh.exe %1
WP33 - File Type .COM: [MS-DOS Application]%1 %*
WP33 - File Type .CMD: [Windows Command Script]%1 %*
WP33 - File Type .DOC: [Microsoft Word 97 - 2003 Document]C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE /n %1 /o %u
WP33 - File Type .EML: [E-mail Message]C:\Program Files\Microsoft Office 15\Root\Office15\OUTLOOK.EXE /eml %1
WP33 - File Type .EXE: [Application]%1 %*
WP33 - File Type .INF: [Setup Information]C:\Windows\system32\NOTEPAD.EXE %1
WP33 - File Type .JS: [JavaScript File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .LOG: [Text Document]C:\Windows\system32\NOTEPAD.EXE %1
WP33 - File Type .MSI: [Windows Installer Package]C:\Windows\System32\msiexec.exe /i %1 %*
WP33 - File Type .MSG: [Outlook Item]C:\Program Files\Microsoft Office 15\Root\Office15\OUTLOOK.EXE /f %1
WP33 - File Type .MID: [VLC media file (.mid)]H:\VLC\vlc.exe --started-from-file %1
WP33 - File Type .MP3: [VLC media file (.mp3)]H:\VLC\vlc.exe --started-from-file %1
WP33 - File Type .PIF: [Shortcut to MS-DOS Program]%1 %*
WP33 - File Type .RAM: [VLC media file (.ram)]H:\VLC\vlc.exe --started-from-file %1
WP33 - File Type .REG: [Registration Entries]regedit.exe %1
WP33 - File Type .RTF: [Rich Text Format]C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE /n %1 /o %u
WP33 - File Type .SCR: [Screen saver]%1 /S
WP33 - File Type .TXT: [Text Document]C:\Windows\system32\NOTEPAD.EXE %1
WP33 - File Type .URL: [Betriebssystem Microsoft® Windows®]C:\Windows\System32\rundll32.exe C:\Windows\System32\ieframe.dll,OpenURL %l
WP33 - File Type .VBS: [VBScript Script File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .VBE: [VBScript Encoded File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .WSF: [Windows Script File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .WSH: [Windows Script Host Settings File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .XLS: [Microsoft Excel 97-2003 Worksheet]C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE /dde

Memory currently in use: 16%
Physical Memory Free: 4,194,303 KB
Paging File Free: 4,194,303 KB
Virtual Memory Free: 1,983,352 KB


--
End of file
-----------------------------------------------------------------------------

<<<<<<<<<<<<<<<<<<<<mit HijackThis TOOL<<<<<<<<<<<<<<<<<<<<<<<<<



HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:51:45, on 02.01.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
H:\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
H:\Samsung Magician\Samsung Magician.exe
H:\Adobe Acrobat\Acrobat\acrotray.exe
C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\kostik\Downloads\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "H:\Adobe Acrobat\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
O4 - HKCU\..\Run: [dualmonitor] H:\Dual Monitor\DualMonitor.exe
O4 - HKCU\..\Run: [WinPatrol] H:\WinPatrol\winpatrol.exe -expressboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-4107513887-858591741-3768643985-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4107513887-858591741-3768643985-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Samsung Magician.lnk = H:\Samsung Magician\Samsung Magician.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{DAF0B353-6D13-4331-A480-7868CE4FC9D0}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.12\atkexComSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - H:\Ashampoo UnInstaller 5\DfSdkS64.exe
O23 - Service: DTSAudioSvc - DTS, Inc - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HOSTS Anti-PUPs - Unknown owner - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - H:\Tuneup 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11994 bytes
--- --- ---
-----------------------------------------------------------------------------------









von WinPatrol ,die log wenn ich die auswerte ,steht da ich habe viele schädlinge ö..ö


habe jetzt Malwarebytes' Anti-Malware Pro starten lasen Vollständige suche, er findet nix


AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.016

 - Bericht erstellt am 02/01/2014 um 22:54:13
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : kostik - KOSTIK-PC
# Gestartet von : C:\Users\kostik\Desktop\adwcleaner_3.016.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\kostik\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [678 octets] - [01/01/2014 15:51:15]
AdwCleaner[R10].txt - [1734 octets] - [02/01/2014 20:11:43]
AdwCleaner[R11].txt - [1647 octets] - [02/01/2014 20:16:00]
AdwCleaner[R12].txt - [1708 octets] - [02/01/2014 20:41:27]
AdwCleaner[R13].txt - [3080 octets] - [02/01/2014 21:36:45]
AdwCleaner[R14].txt - [3013 octets] - [02/01/2014 22:43:49]
AdwCleaner[R15].txt - [1031 octets] - [02/01/2014 22:54:13]
AdwCleaner[R1].txt - [2101 octets] - [01/01/2014 16:53:05]
AdwCleaner[R2].txt - [2162 octets] - [01/01/2014 21:53:39]
AdwCleaner[R3].txt - [918 octets] - [01/01/2014 22:01:24]
AdwCleaner[R4].txt - [1152 octets] - [02/01/2014 03:17:40]
AdwCleaner[R5].txt - [1213 octets] - [02/01/2014 03:31:19]
AdwCleaner[R6].txt - [1342 octets] - [02/01/2014 03:39:01]
AdwCleaner[R7].txt - [1345 octets] - [02/01/2014 03:41:34]
AdwCleaner[R8].txt - [1405 octets] - [02/01/2014 05:34:41]
AdwCleaner[R9].txt - [1465 octets] - [02/01/2014 05:48:22]
AdwCleaner[S0].txt - [2225 octets] - [01/01/2014 21:54:44]
AdwCleaner[S1].txt - [1403 octets] - [02/01/2014 03:40:31]
AdwCleaner[S2].txt - [1745 octets] - [02/01/2014 20:12:06]
AdwCleaner[S3].txt - [3140 octets] - [02/01/2014 21:37:15]
AdwCleaner[S4].txt - [3073 octets] - [02/01/2014 22:44:42]

########## EOF - C:\AdwCleaner\AdwCleaner[R15].txt - [1931 octets] ##########
--- --- ---

 

Themen zu WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs
acrobat update, adobe, ashampoo uninstaller, bho, browser, desktop, e-mail, excel, flash player, google, helper, hijack, hijackthis, home, internet, internet explorer, msiexec.exe, object, plug-in, preferences, realtek, registrierungsdatenbank, rundll, security, software, starten, system, tcp, usb, windows, wscript.exe


« PC bereinigen und schneller machen | dllhost.exe in C:\Benutzer\xxx\...\Temp\ (Was ist das?) »


Ähnliche Themen: WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs


  1. Hijackthis zeigt verschiedene Auswertungen
    Plagegeister aller Art und deren Bekämpfung - 11.10.2010 (1)
  2. Trojaner irgendwo im system... Verschiedene Logs ausgeführt...
    Log-Analyse und Auswertung - 21.08.2010 (15)
  3. Auswertung des HiJack-Logs
    Log-Analyse und Auswertung - 11.06.2010 (6)
  4. hijack + combofix logs checken
    Log-Analyse und Auswertung - 21.04.2010 (3)
  5. Hijack logs zwecks Hackangriff - bitte um support
    Log-Analyse und Auswertung - 18.04.2010 (31)
  6. Hijack This Log und Logs
    Log-Analyse und Auswertung - 04.02.2010 (0)
  7. Flashs Hijack-Logs zur Auswertung
    Log-Analyse und Auswertung - 29.06.2009 (1)
  8. Hijack logs bitte schnell drüber schauen
    Mülltonne - 26.03.2009 (0)
  9. hijack logs nach diversen virenscans (browser spinnt)
    Log-Analyse und Auswertung - 11.03.2009 (11)
  10. Virus: verschiedene mysteriöse Hijackthis Einträge
    Log-Analyse und Auswertung - 06.01.2009 (0)
  11. Bitte erklärt mit wie man HiJack logs auswertet......
    Log-Analyse und Auswertung - 24.03.2008 (2)
  12. Virus im Netzwerk! Bitte um Prüfung meines HiJack-Logs
    Mülltonne - 18.03.2008 (0)
  13. Mein Hijack Log, verschiedene Probleme
    Log-Analyse und Auswertung - 14.04.2005 (9)
  14. Bitte um Prüfung des Hijack logs
    Log-Analyse und Auswertung - 24.03.2005 (12)
  15. Auswertung HiJack Logs
    Log-Analyse und Auswertung - 19.02.2005 (2)
  16. Bitte um Auswertung des Hijack This Logs
    Log-Analyse und Auswertung - 08.02.2005 (7)
  17. HELP, I need somebody der sich mit hijack-logs auskennt!
    Log-Analyse und Auswertung - 22.12.2004 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs - hm ich habe durch winpatrol plus mal diese daten bekommen ------------------------------------------------------------- [CODE]Log created by WinPatrol PLUS version 29.1.2013.0:29.1.2013.0 Scan saved at 10:47:57 PM, on 1/02/2014 Platform: Windows 7 Home Edition - WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs...
Archiv
Du betrachtest: WINPATROL PLUS Hijack log und HijackThis.exe Verschiedene Logs auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131