Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
avgui "wurde durch eine Gruppenrichtlinie geblockt [...] Weitere Infos vom SysAdmin"

avgui "wurde durch eine Gruppenrichtlinie geblockt [...] Weitere Infos vom SysAdmin"


Plagegeister aller Art und deren Bekämpfung: avgui "wurde durch eine Gruppenrichtlinie geblockt [...] Weitere Infos vom SysAdmin"

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 28.05.2014, 14:51   #1
helpsearch
 
avgui "wurde durch eine Gruppenrichtlinie geblockt [...] Weitere Infos vom SysAdmin" - Standard

avgui "wurde durch eine Gruppenrichtlinie geblockt [...] Weitere Infos vom SysAdmin"


Guten Tag,
erstmal bin ich froh, dass ich Euch ergoogelt habe, der erste Eindruck ist schon echt super, man scheint hier sehr hilfsbereit zu sein
Ich brauche bitte Eure Hilfe und bedanke mich schon mal im Voraus!

Vorhin habe ich den PC zum ersten mal heute gestartet.
Vista 32bit SP2, AVG free Version

1. Mir kam nach dem booten eine UAC Meldung entgegen, die mir komisch vorkam und die ich ablehnte. Ich weiß leider nicht mehr was drin stand!
2. Daraufhin habe ich festgestellt, dass mein AVG Icon nicht in der Taskbar ist.
3. Dann habe ich versucht AVG zu starten, daraufhin PopUp (siehe Titel)
4. So, gefühlt laufen alle AVG Prozesse (Taskmanager), aber eben nicht die GUI.
5. Gegoogelt und zum Glück auf Euch gestoßen

6. Schon mal den FARBAR Recovery Schritt ausgeführt:


FRST.txt:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2014 02
Ran by ich (administrator) on ich-PC on 28-05-2014 16:38:56
Running from C:\Users\ich_admin\Downloads
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\PnkBstrA.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
() C:\Program Files\Razer\Krait\razerhid.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Spotify Ltd) C:\Users\cornel_admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\Razer\Krait\razertra.exe
(Razer Inc.) C:\Program Files\Razer\Krait\razerofa.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [92168 2009-01-21] (Logitech Inc.)
HKLM\...\Run: [Krait] => C:\Program Files\Razer\Krait\razerhid.exe [126976 2007-02-16] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [ATICustomerCare] => C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [307200 2008-05-02] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2997729771-1688528191-3898873413-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [1775808 2014-05-28] (Valve Corporation)
HKU\S-1-5-21-2997729771-1688528191-3898873413-1000\...\Run: [Spotify Web Helper] => C:\Users\cornel_admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-24] (Spotify Ltd)
HKU\S-1-5-21-2997729771-1688528191-3898873413-1000\...\Run: [UqnosPofsu] => regsvr32.exe "C:\ProgramData\UqnosPofsu.dat"
HKU\S-1-5-21-2997729771-1688528191-3898873413-1000\...\MountPoints2: {db72fef8-6fd5-11e2-80af-0018f3ea2df9} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2997729771-1688528191-3898873413-1000\...\MountPoints2: {ee23fc16-0b13-11e2-ab5c-806e6f6e6963} - H:\Setup.exe
Startup: C:\Users\cornel_admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Kopie 1).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Kopie 1).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://learn.adafruit.com/rgb-led-strips/example-code
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD0671F86086ACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.elektronik-kompendium.de/forum/board_entry.php?id=188042&page=6&order=time&category=all
hxxp://www.arduino-tutorial.de/hacking/
hxxp://arduino.cc/
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
Toolbar: HKCU - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default
FF Homepage: about:home
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\user.js
FF SearchPlugin: C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Battlefield Heroes Updater - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\battlefieldheroespatcher@ea.com [2012-09-30]
FF Extension: German Dictionary - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2012-10-15]
FF Extension: No Name - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\staged [2014-05-27]
FF Extension: Vista-aero - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{07b2a769-ed19-4483-87ce-c643914c81bb} [2012-09-30]
FF Extension: FireShot - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-05-08]
FF Extension: ChatZilla - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2013-07-17]
FF Extension: Scrollbar Anywhere - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{767a0048-69da-4392-b458-55b7a96b66f7} [2014-01-05]
FF Extension: All-in-One Gestures - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2013-05-25]
FF Extension: Live HTTP Headers - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2012-09-30]
FF Extension: DownloadHelper - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-05]
FF Extension: Flash and Video Download - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-05-20]
FF Extension: Block site - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-08-23]
FF Extension: Sothink SWF Catcher - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08} [2012-09-30]
FF Extension: Grooveshark Unlocker - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\groovesharkUnlocker@overlord1337.xpi [2012-09-30]
FF Extension: Media Hint - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\mediahint@jetpack.xpi [2013-11-21]
FF Extension: Stealthy - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\stealthyextension@gmail.com.xpi [2012-09-30]
FF Extension: FlashGot - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2012-09-30]
FF Extension: NoScript - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-09-30]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-21]
FF Extension: RSFind! Mod - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{b8d51471-15f1-46cd-a600-448a6b103c2d}.xpi [2012-09-30]
FF Extension: Pearl Crescent Page Saver Basic - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{c151d79e-e61b-4a90-a887-5a46d38fba99}.xpi [2012-09-30]
FF Extension: Greasemonkey - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-09-30]
FF Extension: Flem - C:\Users\cornel_admin\AppData\Roaming\Mozilla\Firefox\Profiles\l31f778d.default\Extensions\{f7c39bef-150a-a06c-8a2b-04fea4e6d717}.xpi [2013-06-17]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\cornel_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-21]
CHR Extension: (Google Drive) - C:\Users\cornel_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-21]
CHR Extension: (YouTube) - C:\Users\cornel_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-21]
CHR Extension: (Google-Suche) - C:\Users\cornel_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-21]
CHR Extension: (Google Wallet) - C:\Users\cornel_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-21]
CHR Extension: (Google Mail) - C:\Users\cornel_admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-21]

========================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-02-26] ()
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [122136 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [198936 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149784 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192280 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [237848 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [107288 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [210200 2014-05-13] (AVG Technologies CZ, s.r.o.)
S3 drhard; C:\Windows\system32\DRIVERS\DRHARD.SYS [23600 2005-12-01] (Licensed for Gebhard Software)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-09-30] (DT Soft Ltd)
S3 GPU-Z; C:\Users\cornel_admin\AppData\Local\Temp\GPU-Z.sys [23936 2014-05-11] ()
R3 krait03; C:\Windows\System32\Drivers\krait.sys [13324 2005-12-07] (Razer (Asia-Pacific) Pte Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] ()
S3 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
S3 REN2CAP_DRIVER; C:\Windows\System32\drivers\ren2cap.sys [39048 2011-11-07] ()
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [19336 2009-01-13] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [29192 2009-01-13] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [14728 2009-01-13] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [49160 2009-01-13] (Logitech Inc.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-28 16:36 - 2014-05-28 16:36 - 00000000 _____ () C:\Users\cornel_admin\Desktop\Neue Bitmap.bmp
2014-05-28 15:31 - 2014-05-28 16:38 - 00019055 _____ () C:\Users\cornel_admin\Downloads\FRST.txt
2014-05-28 15:30 - 2014-05-28 16:38 - 00000000 ____D () C:\FRST
2014-05-28 15:30 - 2014-05-28 15:30 - 01056256 _____ (Farbar) C:\Users\cornel_admin\Downloads\FRST.exe
2014-05-28 15:02 - 2014-05-28 15:02 - 00159432 _____ () C:\Windows\Minidump\Mini052814-01.dmp
2014-05-28 15:00 - 2014-05-28 15:00 - 00000000 _____ () C:\Users\cornel_admin\AppData\Local\{92807FA6-9DB8-4530-BB2B-0D29FEA41D8C}
2014-05-27 15:40 - 2014-05-27 15:40 - 00000000 ____D () C:\ProgramData\ATI
2014-05-27 15:39 - 2014-05-27 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2014-05-27 15:37 - 2014-05-27 15:37 - 00018313 _____ () C:\Windows\system32\CCCInstall_201405271537066068.log
2014-05-27 15:06 - 2014-05-27 15:06 - 00282000 _____ (Microsoft Corporation) C:\ProgramData\UqnosPofsu.dat
2014-05-26 20:27 - 2014-05-26 20:27 - 00004657 _____ () C:\Users\cornel_admin\AppData\Local\recently-used.xbel
2014-05-26 00:13 - 2014-05-26 00:13 - 00143784 _____ () C:\Windows\Minidump\Mini052614-01.dmp
2014-05-23 16:15 - 2014-05-23 16:15 - 00157136 _____ () C:\Windows\Minidump\Mini052314-01.dmp
2014-05-22 19:57 - 2014-05-22 19:57 - 00222624 _____ () C:\Windows\Minidump\Mini052214-01.dmp
2014-05-21 16:06 - 2014-05-21 16:06 - 00001972 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-21 16:06 - 2014-05-21 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-21 16:03 - 2014-05-28 16:35 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-21 16:03 - 2014-05-28 16:08 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-21 16:03 - 2014-05-21 16:06 - 00000000 ____D () C:\Users\cornel_admin\AppData\Local\Google
2014-05-21 16:03 - 2014-05-21 16:05 - 00000000 ____D () C:\Program Files\Google
2014-05-21 00:43 - 2014-05-21 00:43 - 00104635 _____ () C:\Users\cornel_admin\Documents\Unterschr. R.D.1.xcf
2014-05-20 23:59 - 2014-04-23 15:02 - 00019430 _____ () C:\Users\cornel_admin\Desktop\Mitgliederliste Cdu Überlingen.xlsx
2014-05-20 18:19 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-20 15:18 - 2014-05-20 15:18 - 00131072 _____ () C:\Windows\Minidump\Mini052014-01.dmp
2014-05-14 23:33 - 2014-05-14 23:33 - 00185368 _____ () C:\Windows\Minidump\Mini051414-02.dmp
2014-05-14 13:37 - 2014-05-14 13:37 - 00157136 _____ () C:\Windows\Minidump\Mini051414-01.dmp
2014-05-13 14:19 - 2014-05-13 14:19 - 00192280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00237848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avglogx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00210200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdix.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00149784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidshx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00122136 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiskx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00107288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys
2014-05-13 14:09 - 2014-05-13 14:09 - 00198936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00027416 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx86.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00021272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsshimx.sys
2014-05-12 02:14 - 2014-05-12 02:14 - 00178272 _____ () C:\Windows\Minidump\Mini051214-01.dmp
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-11 02:09 - 2014-05-11 02:09 - 00000000 ____D () C:\Program Files\DIFX
2014-05-11 02:09 - 2014-05-11 02:09 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-05-11 02:07 - 2014-05-11 02:07 - 00000000 ____D () C:\Program Files\USB TV
2014-05-11 01:43 - 2014-05-11 01:43 - 00143784 _____ () C:\Windows\Minidump\Mini051114-02.dmp
2014-05-11 01:39 - 2014-05-11 01:39 - 00143784 _____ () C:\Windows\Minidump\Mini051114-01.dmp
2014-05-11 01:36 - 2014-05-11 01:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2014-05-11 01:36 - 2014-05-11 01:36 - 00000000 ____D () C:\Program Files\Geeks3D
2014-05-11 01:34 - 2014-05-11 01:35 - 05345101 _____ (Geeks3D ) C:\Users\cornel_admin\Downloads\FurMark_1.13.0_Setup.exe
2014-05-10 21:23 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

==================== One Month Modified Files and Folders =======

2014-05-28 16:40 - 2014-05-28 15:31 - 00019055 _____ () C:\Users\cornel_admin\Downloads\FRST.txt
2014-05-28 16:39 - 2006-11-02 12:33 - 01575982 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-28 16:38 - 2014-05-28 15:30 - 00000000 ____D () C:\FRST
2014-05-28 16:36 - 2014-05-28 16:36 - 00000000 _____ () C:\Users\cornel_admin\Desktop\Neue Bitmap.bmp
2014-05-28 16:36 - 2012-12-26 14:25 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-05-28 16:36 - 2012-11-23 23:52 - 00001356 _____ () C:\Users\cornel_admin\AppData\Local\d3d9caps.dat
2014-05-28 16:36 - 2012-09-30 18:07 - 00101312 _____ () C:\Users\cornel_admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-28 16:35 - 2014-05-21 16:03 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-28 16:35 - 2012-12-26 14:25 - 00000000 ____D () C:\Program Files\Steam
2014-05-28 16:33 - 2012-10-03 16:32 - 00000214 _____ () C:\Windows\Tasks\AutoKMS.job
2014-05-28 16:33 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 16:33 - 2006-11-02 14:47 - 00377896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-28 16:33 - 2006-11-02 14:47 - 00004752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-28 16:33 - 2006-11-02 14:47 - 00004752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-28 16:32 - 2012-09-30 19:40 - 00131694 _____ () C:\Windows\PFRO.log
2014-05-28 16:31 - 2006-11-02 15:01 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-28 16:30 - 2006-11-02 14:52 - 01442761 _____ () C:\Windows\WindowsUpdate.log
2014-05-28 16:20 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-28 16:18 - 2012-10-02 19:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-28 16:14 - 2012-10-03 22:28 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-28 16:14 - 2012-10-03 18:33 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-05-28 16:14 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-28 16:13 - 2012-10-03 23:53 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-28 16:13 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\ShellNew
2014-05-28 16:13 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-28 16:08 - 2014-05-21 16:03 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-28 16:05 - 2006-11-02 12:23 - 00000128 _____ () C:\Windows\win.ini
2014-05-28 16:02 - 2013-03-06 19:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-28 15:30 - 2014-05-28 15:30 - 01056256 _____ (Farbar) C:\Users\cornel_admin\Downloads\FRST.exe
2014-05-28 15:08 - 2012-09-30 18:33 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-28 15:02 - 2014-05-28 15:02 - 00159432 _____ () C:\Windows\Minidump\Mini052814-01.dmp
2014-05-28 15:02 - 2014-02-21 21:41 - 207265467 _____ () C:\Windows\MEMORY.DMP
2014-05-28 15:02 - 2012-10-01 00:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-28 15:00 - 2014-05-28 15:00 - 00000000 _____ () C:\Users\cornel_admin\AppData\Local\{92807FA6-9DB8-4530-BB2B-0D29FEA41D8C}
2014-05-27 16:32 - 2012-10-03 16:32 - 00000214 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2014-05-27 15:40 - 2014-05-27 15:40 - 00000000 ____D () C:\ProgramData\ATI
2014-05-27 15:39 - 2014-05-27 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2014-05-27 15:39 - 2013-11-06 18:37 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-05-27 15:37 - 2014-05-27 15:37 - 00018313 _____ () C:\Windows\system32\CCCInstall_201405271537066068.log
2014-05-27 15:35 - 2012-09-30 18:06 - 00000000 ____D () C:\Users\cornel_admin
2014-05-27 15:17 - 2013-07-06 21:50 - 00000000 ____D () C:\Program Files\ATI
2014-05-27 15:06 - 2014-05-27 15:06 - 00282000 _____ (Microsoft Corporation) C:\ProgramData\UqnosPofsu.dat
2014-05-26 23:15 - 2012-10-23 18:23 - 00000000 ____D () C:\Users\cornel_admin\.gimp-2.8
2014-05-26 20:27 - 2014-05-26 20:27 - 00004657 _____ () C:\Users\cornel_admin\AppData\Local\recently-used.xbel
2014-05-26 00:13 - 2014-05-26 00:13 - 00143784 _____ () C:\Windows\Minidump\Mini052614-01.dmp
2014-05-25 23:28 - 2013-10-10 19:17 - 00000000 ____D () C:\ProgramData\AVG2014
2014-05-25 16:36 - 2013-02-26 15:46 - 00138992 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-05-25 16:35 - 2013-02-26 16:02 - 00281152 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-05-25 16:35 - 2013-02-26 15:45 - 00281152 _____ () C:\Windows\system32\PnkBstrB.exe
2014-05-23 16:47 - 2012-10-02 18:23 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-23 16:15 - 2014-05-23 16:15 - 00157136 _____ () C:\Windows\Minidump\Mini052314-01.dmp
2014-05-22 19:57 - 2014-05-22 19:57 - 00222624 _____ () C:\Windows\Minidump\Mini052214-01.dmp
2014-05-21 16:06 - 2014-05-21 16:06 - 00001972 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-21 16:06 - 2014-05-21 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-21 16:06 - 2014-05-21 16:03 - 00000000 ____D () C:\Users\cornel_admin\AppData\Local\Google
2014-05-21 16:05 - 2014-05-21 16:03 - 00000000 ____D () C:\Program Files\Google
2014-05-21 16:03 - 2012-12-03 14:37 - 00000000 ____D () C:\Users\cornel_admin\AppData\Local\Deployment
2014-05-21 00:43 - 2014-05-21 00:43 - 00104635 _____ () C:\Users\cornel_admin\Documents\Unterschr. R.D.1.xcf
2014-05-20 18:28 - 2013-08-19 16:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-20 18:25 - 2006-11-02 12:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-20 15:18 - 2014-05-20 15:18 - 00131072 _____ () C:\Windows\Minidump\Mini052014-01.dmp
2014-05-20 12:07 - 2014-04-05 03:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-14 23:33 - 2014-05-14 23:33 - 00185368 _____ () C:\Windows\Minidump\Mini051414-02.dmp
2014-05-14 23:26 - 2012-09-30 18:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-14 15:03 - 2012-11-04 18:47 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 15:03 - 2012-11-04 18:47 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-14 13:37 - 2014-05-14 13:37 - 00157136 _____ () C:\Windows\Minidump\Mini051414-01.dmp
2014-05-13 14:19 - 2014-05-13 14:19 - 00192280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00237848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avglogx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00210200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdix.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00149784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidshx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00122136 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiskx.sys
2014-05-13 14:17 - 2014-05-13 14:17 - 00107288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys
2014-05-13 14:09 - 2014-05-13 14:09 - 00198936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00027416 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx86.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00021272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsshimx.sys
2014-05-12 02:14 - 2014-05-12 02:14 - 00178272 _____ () C:\Windows\Minidump\Mini051214-01.dmp
2014-05-11 16:21 - 2014-05-11 16:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-11 02:09 - 2014-05-11 02:09 - 00000000 ____D () C:\Program Files\DIFX
2014-05-11 02:09 - 2014-05-11 02:09 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-05-11 02:09 - 2013-10-14 20:29 - 00011950 _____ () C:\Windows\DPINST.LOG
2014-05-11 02:07 - 2014-05-11 02:07 - 00000000 ____D () C:\Program Files\USB TV
2014-05-11 02:07 - 2012-09-30 22:59 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-11 01:43 - 2014-05-11 01:43 - 00143784 _____ () C:\Windows\Minidump\Mini051114-02.dmp
2014-05-11 01:39 - 2014-05-11 01:39 - 00143784 _____ () C:\Windows\Minidump\Mini051114-01.dmp
2014-05-11 01:36 - 2014-05-11 01:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2014-05-11 01:36 - 2014-05-11 01:36 - 00000000 ____D () C:\Program Files\Geeks3D
2014-05-11 01:35 - 2014-05-11 01:34 - 05345101 _____ (Geeks3D ) C:\Users\cornel_admin\Downloads\FurMark_1.13.0_Setup.exe
2014-05-11 01:29 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-05-11 01:01 - 2012-10-04 20:56 - 00022502 _____ () C:\Windows\IE9_main.log
2014-05-11 01:00 - 2012-09-30 18:29 - 00000000 ____D () C:\Users\cornel_admin\AppData\Roaming\vlc
2014-05-11 00:59 - 2012-09-30 19:00 - 00022016 _____ () C:\Users\cornel_admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Files to move or delete:
====================
C:\ProgramData\UqnosPofsu.dat


Some content of TEMP:
====================
C:\Users\cornel_admin\AppData\Local\Temp\10-2_legacy_vista32-64_dd_ccc.exe
C:\Users\cornel_admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5kypdm.dll
C:\Users\cornel_admin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\cornel_admin\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\cornel_admin\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\cornel_admin\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\cornel_admin\AppData\Local\Temp\nsc5E89.exe
C:\Users\cornel_admin\AppData\Local\Temp\nsi5A16.exe
C:\Users\cornel_admin\AppData\Local\Temp\nsi9A65.exe
C:\Users\cornel_admin\AppData\Local\Temp\nsn946B.exe
C:\Users\cornel_admin\AppData\Local\Temp\nst65B9.exe
C:\Users\cornel_admin\AppData\Local\Temp\ose00000.exe
C:\Users\cornel_admin\AppData\Local\Temp\ose00001.exe
C:\Users\cornel_admin\AppData\Local\Temp\ose00002.exe
C:\Users\cornel_admin\AppData\Local\Temp\ose00003.exe
C:\Users\cornel_admin\AppData\Local\Temp\Uni000.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-28 16:39

==================== End Of Log ============================
--- --- ---



Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-05-2014 02
Ran by ich_admin at 2014-05-28 16:43:52
Running from C:\Users\ich_admin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO Codecs (Version: 10.0.0.40103 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
ATI Catalyst Registration (Version: 2.01.0000 - ATI Technologies Inc.) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)
AVG 2014 (Version: 14.0.3950 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden
Battlefield 2 (HKLM\...\Steam App 24860) (Version:  - DICE)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center HydraVision Full (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2010.0210.2339.42455 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2010.0210.2339.42455 - ATI) Hidden
CCC Help Chinese Standard (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Czech (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Danish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Dutch (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help English (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Finnish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help French (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help German (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Greek (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Hungarian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Italian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Japanese (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Korean (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Norwegian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Polish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Portuguese (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Russian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Spanish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Swedish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Thai (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Turkish (Version: 2010.0210.2338.42455 - ATI) Hidden
ccc-core-static (Version: 2010.0210.2339.42455 - Ihr Firmenname) Hidden
ccc-utility (Version: 2010.0210.2339.42455 - ATI) Hidden
Cool & Quiet (HKLM\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
Counter-Strike (HKLM\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM\...\Steam App 100) (Version:  - Ritual)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - )
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
Counter-Strike: Source Beta (HKLM\...\Steam App 260) (Version:  - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
Debugging Tools for Windows (HKLM\...\{1C943495-B69F-4D41-AE0E-23C57ECD90EE}) (Version: 6.4.7.2 - Microsoft Corporation)
Dolphin Futures XPS Viewer version 1.1.0 (HKLM\...\{75480068-162F-4D6B-B38E-76606A4E5320}_is1) (Version: 1.1.0 - Dolphin Futures Limited)
Dr. Hardware 2013 13.5d (HKLM\...\Dr. Hardware 2013_is1) (Version:  - Peter A. Gebhard)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
FLV Player 2.0 (build 25) (HKLM\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
GameSpy Comrade (HKLM\...\{894084B6-BC69-43B7-BF06-B93AECFEA520}) (Version: 2.1.1.214 - GameSpy)
Geeks3D FurMark 1.13.0 (HKLM\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
G-Force (HKLM\...\G-Force) (Version: 3.7.4 - SoundSpectrum)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Helium (HKLM\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{7D1EFB03-7D84-446E-8B90-6ECD7EDF4D55}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Inkscape 0.48.2 (HKCU\...\Inkscape) (Version: 0.48.2 - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Logitech Gaming Software 5.04 (HKLM\...\{768F22DC-2D20-4F52-A9A1-5E231FB7F752}) (Version: 5.04.110 - Logitech)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version:  - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
Opera 12.14 (HKLM\...\Opera 12.14.1738) (Version: 12.14.1738 - Opera Software ASA)
Package: Samsung Galaxy S3 ToolKit (HKLM\...\SamsungGalaxyS3ToolKit30) (Version: 4.0.0.0 - skipsoft)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.987 - Even Balance, Inc.)
Razer Krait (HKLM\...\{E6DA58C0-4EC5-4F5E-B73E-2F22ED30ACFC}) (Version: 5.01 -  Razer USA Ltd.)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.4.0 - SAMSUNG Electronics Co., Ltd.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skins (Version: 2010.0210.2339.42455 - ATI) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
TechPowerUp GPU-Z (HKLM\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
USB Video Driver (HKLM\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 1.00 - EETI)
Vistawinexit (HKLM\...\{2FC1B08D-B4B6-42F4-B1BF-C913625EAC6C}_is1) (Version: 7 - hxxp://www.kurt-selzam.de/)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.3 (HKLM\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows-Treiberpaket - eMPIA Technology Inc, (emAudio) MEDIA  (08/31/2007 5.7.0831.0) (HKLM\...\69083DC58646DE46A09847A522A1CC487F918039) (Version: 08/31/2007 5.7.0831.0 - eMPIA Technology Inc,)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wireshark 1.8.3 (32-bit) (HKLM\...\Wireshark) (Version: 1.8.3 - The Wireshark developer community, hxxp://www.wireshark.org)
World of Warcraft FREE Trial (Version: 1.00.0000 - ATI Technologies Inc.) Hidden

==================== Restore Points  =========================
Vielen lieben Dank schon mal für Eure weitere Hilfe!
Geändert von helpsearch (28.05.2014 um 15:50 Uhr)

 

Themen zu avgui "wurde durch eine Gruppenrichtlinie geblockt [...] Weitere Infos vom SysAdmin"
antivirus, askbar, avg antivirus, bonjour, booten, branding, browser, desktop, entfernen, excel, flash player, google, home, homepage, iexplore.exe, mozilla, mp3, officejet, popup, programm, registry, scan, security, siehe titel, software, spotify web helper, starten, super, svchost.exe, system, taskmanager, windows


« Email von Telekom mit Rechnung.pdf.exe geöffnet | SystemkService.exe und andere gefunden »


Ähnliche Themen: avgui "wurde durch eine Gruppenrichtlinie geblockt [...] Weitere Infos vom SysAdmin"


  1. Ich hab´s auch: "Das Programm wurde durch eine Gruppenrichtlinie blockiert" AntiVir
    Log-Analyse und Auswertung - 18.11.2014 (7)
  2. Avira Pro - "Dieses Programm wurde durch eine Gruppenrichtlinie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator."
    Plagegeister aller Art und deren Bekämpfung - 15.11.2014 (22)
  3. G DATA INTERNET SECURITY "Dieses Programm wurde durch eine Gruppenrichtlinie blockiert."
    Log-Analyse und Auswertung - 11.11.2014 (7)
  4. Avira Pro - Dieses Programm wurde durch eine Gruppenrichtlinie geblockt.
    Plagegeister aller Art und deren Bekämpfung - 16.10.2014 (12)
  5. Win 7: Avast Antivir Fehler "dieses Programm wurde durch eine Gruppenrichtlinie blockiert [...]"
    Log-Analyse und Auswertung - 08.10.2014 (8)
  6. Windows Vista G Data: Dieses Programm wurde durch eine Gruppenrichtlinie geblockt
    Log-Analyse und Auswertung - 23.08.2014 (9)
  7. Dieses Programm wurde durch eine Gruppenrichtlinie geblockt - G-Data nicht startbar
    Plagegeister aller Art und deren Bekämpfung - 27.07.2014 (41)
  8. Avira: Dieses Programm wurde durch eine Gruppenrichtlinie geblockt --> Onlinebanking gesperrt
    Log-Analyse und Auswertung - 24.07.2014 (12)
  9. "Dieses Programm wurde durch eine Gruppenrichtlinie blockiert." (AVAST)
    Plagegeister aller Art und deren Bekämpfung - 21.07.2014 (12)
  10. "Avira wird durch eine Gruppenrichtlinie blockiert" Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 02.07.2014 (12)
  11. "Avira wird durch eine Gruppenrichtlinie blockiert"
    Plagegeister aller Art und deren Bekämpfung - 28.06.2014 (37)
  12. "Avira wird durch eine Gruppenrichtlinie blockiert" - Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 22.06.2014 (16)
  13. Avast => Dieses Programm wurde durch eine Gruppenrichtlinie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.
    Log-Analyse und Auswertung - 18.06.2014 (19)
  14. Avast wurde durch eine Gruppenrichtlinie geblockt
    Plagegeister aller Art und deren Bekämpfung - 01.06.2014 (9)
  15. Windows 7 x64 Kaspersky Nach Trojaner: "Dieses Programm wurde durch eine Gruppenrichtlinie blockiert.[...]"
    Log-Analyse und Auswertung - 30.05.2014 (9)
  16. Windows 7 Home: Problem beim Starten des Virenscanners "dieses programm wurde durch die Gruppenrichtlinie blockiert "
    Log-Analyse und Auswertung - 05.05.2014 (9)
  17. Virus / Trojaner blockiert Avira "...wurde durch eine Gruppenrichtlinie blockiert"
    Log-Analyse und Auswertung - 20.03.2014 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema avgui "wurde durch eine Gruppenrichtlinie geblockt [...] Weitere Infos vom SysAdmin" - Guten Tag, erstmal bin ich froh, dass ich Euch ergoogelt habe, der erste Eindruck ist schon echt super, man scheint hier sehr hilfsbereit zu sein Ich brauche bitte Eure Hilfe - avgui "wurde durch eine Gruppenrichtlinie geblockt [...] Weitere Infos vom SysAdmin"...
Archiv
Du betrachtest: avgui "wurde durch eine Gruppenrichtlinie geblockt [...] Weitere Infos vom SysAdmin" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131