Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Programme lassen sich nicht ausführen/Avira spielt verrückt

Programme lassen sich nicht ausführen/Avira spielt verrückt


Plagegeister aller Art und deren Bekämpfung: Programme lassen sich nicht ausführen/Avira spielt verrückt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 16.03.2011, 18:38   #16
Swisstreasure
/// Malwareteam
 
Programme lassen sich nicht ausführen/Avira spielt verrückt - Standard

Programme lassen sich nicht ausführen/Avira spielt verrückt


Machen wir das mit Java am Schluss noch.

Schritt 1

Hosts reparieren

Lade Dir bitte HostsXpert herunter.
Entpacke die Zipdatei und starte das Tool.
Klicke nun auf Restore MS Hosts File--> Ok--> Exit Programm.
Solltest Du kein Zip-Programm haben kannst Du Dir die Testversion von Winzip herunterladen.

Schritt 2

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die Textbox.
Code:
ATTFilter
netsvcs
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
Alt 16.03.2011, 21:55   #17
enKzZ
 
Programme lassen sich nicht ausführen/Avira spielt verrückt - Standard

Programme lassen sich nicht ausführen/Avira spielt verrückt


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 16.03.2011 21:28:56 - Run 3
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Rose\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 10,41 Gb Free Space | 26,65% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 7,71 Gb Free Space | 19,74% Space Free | Partition Type: NTFS
Drive E: | 70,93 Gb Total Space | 17,53 Gb Free Space | 24,71% Space Free | Partition Type: NTFS
Drive F: | 6,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: ROSE-PC | User Name: Rose | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.03.14 22:07:19 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.03.13 20:15:39 | 000,680,965 | ---- | M] (OldTimer Tools) -- C:\Users\Rose\Downloads\OTL.exe
PRC - [2011.02.18 13:10:02 | 000,653,120 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2011.02.18 13:08:18 | 001,517,376 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2011.01.21 17:12:28 | 001,242,448 | ---- | M] (Valve Corporation) -- E:\Program Files\Steam\Steam.exe
PRC - [2011.01.14 15:55:57 | 002,250,616 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.01.07 21:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.11.05 14:27:18 | 007,168,768 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Programme\TeamSpeak 3 Client\ts3client_win32.exe
PRC - [2010.02.03 16:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.10.23 22:59:56 | 000,228,352 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech Touch Mouse Server\iTouch-Server-Win.exe
PRC - [2009.10.16 10:42:48 | 000,319,488 | ---- | M] (DeviceVM, Inc.) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2009.10.01 01:57:18 | 000,718,688 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Xbox 360 Accessories\XBoxStat.exe
PRC - [2009.09.15 17:02:48 | 000,180,224 | ---- | M] (ROCCAT) -- C:\Programme\ROCCAT\Kone Mouse\KoneHID.EXE
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.07.13 01:07:48 | 000,021,096 | ---- | M] (The Within Network, LLC) -- C:\Windows\UnsignedThemesSvc.exe
PRC - [2008.10.06 11:40:32 | 000,561,592 | ---- | M] (ROCCAT) -- C:\Programme\ROCCAT\Kone Mouse\OSD.exe
PRC - [2002.12.17 17:23:32 | 000,074,308 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.03.13 20:15:39 | 000,680,965 | ---- | M] (OldTimer Tools) -- C:\Users\Rose\Downloads\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.02.18 13:08:18 | 001,517,376 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.02.18 13:05:52 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.01.14 15:55:57 | 002,250,616 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.01.07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.10.16 10:42:48 | 000,319,488 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009.07.16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.13 01:07:48 | 000,021,096 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes)
SRV - [2002.12.17 17:55:12 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002.12.17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
SRV - [2002.12.17 17:23:30 | 000,066,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.03.12 17:26:03 | 000,016,968 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro35.sys -- (hitmanpro35)
DRV - [2011.02.14 16:37:39 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.01.08 04:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.11.29 19:27:40 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.01.12 19:57:24 | 000,055,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2010.01.12 19:57:23 | 000,294,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2010.01.12 19:57:23 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2010.01.12 19:57:23 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2009.10.01 18:03:12 | 001,515,520 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CM106.sys -- (USBMULCD)
DRV - [2009.08.04 03:28:18 | 000,011,296 | R--- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2009.07.16 04:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.13 01:07:46 | 000,025,448 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\uxpatch.sys -- (uxpatch)
DRV - [2008.12.11 14:56:14 | 000,013,056 | ---- | M] (ROCCAT Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Kone.sys -- (KoneFltr)
DRV - [2005.07.28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (Hardlock)
DRV - [2005.06.09 12:03:30 | 001,383,104 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmudau.sys -- (cmudau)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BE 1F 90 F8 84 B9 CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com: C:\Program Files\OfferBox\offerboxffx@offerbox.com
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.14 22:07:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.14 22:07:23 | 000,000,000 | ---D | M]
 
[2011.03.10 17:55:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rose\AppData\Roaming\mozilla\Extensions
[2011.03.10 17:55:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rose\AppData\Roaming\mozilla\Firefox\Profiles\4rcx7dy9.default\extensions
[2011.03.12 11:15:50 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.03.14 22:07:21 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.03.14 22:07:21 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fcmdSrchddr.xml
[2011.03.14 22:07:21 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.03.14 22:07:21 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.03.14 22:07:21 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.03.16 21:26:36 | 000,000,698 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin)
O4 - HKLM..\Run: [Kone] C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Steam] E:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\awmytwhp.exe ()
O4 - Startup: C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk = C:\Programme\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll (kikin)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\rqumjtxy\awmytwhp.exe) - C:\Programme\rqumjtxy\awmytwhp.exe ()
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.06.12 03:27:33 | 000,000,140 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi5 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi6 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi7 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi8 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi9 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer5 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer6 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer7 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer8 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer9 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: VIDC.CFHD - C:\Windows\System32\cfhd.dll (CineForm Inc.)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iyuv - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()
Drivers32: vidc.yuy2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: vidc.yvu9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave5 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave6 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave7 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave8 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave9 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.03.15 22:08:10 | 000,000,000 | ---D | C] -- C:\Users\Rose\Desktop\Neuer Ordner
[2011.03.15 21:29:21 | 000,327,680 | ---- | C] (CyboPat) -- C:\Users\Rose\Desktop\cod4player.exe
[2011.03.15 19:48:14 | 000,000,000 | ---D | C] -- C:\Programme\rqumjtxy
[2011.03.14 22:06:21 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.03.14 22:03:50 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011.03.14 22:02:23 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\temp
[2011.03.14 21:57:25 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.03.14 21:57:25 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.03.14 21:57:25 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.03.14 21:57:21 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.03.14 21:57:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.03.14 21:56:50 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011.03.13 22:02:55 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2011.03.13 22:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2011.03.13 22:02:43 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011.03.13 20:21:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.03.13 17:00:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011.03.13 14:37:06 | 000,000,000 | ---D | C] -- C:\Programme\RegCure
[2011.03.13 14:37:06 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure
[2011.03.13 14:37:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegCure
[2011.03.13 14:27:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.03.13 14:27:36 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.03.13 13:30:45 | 000,000,000 | ---D | C] -- C:\Users\Rose\Desktop\profiles
[2011.03.13 13:30:37 | 000,000,000 | ---D | C] -- C:\Users\Rose\Desktop\GAMING
[2011.03.12 17:35:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.03.12 17:35:55 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2011.03.12 17:15:09 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader
[2011.03.12 14:36:03 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Moyea
[2011.03.12 14:36:03 | 000,000,000 | ---D | C] -- C:\Users\Rose\Documents\Leawo
[2011.03.12 14:36:03 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Leawo
[2011.03.12 14:35:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Leawo
[2011.03.12 14:35:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011.03.12 14:35:53 | 000,000,000 | ---D | C] -- C:\Programme\K-Lite Codec Pack
[2011.03.12 14:35:48 | 000,606,208 | ---- | C] (hxxp://www.xvid.org) -- C:\Windows\System32\xvidcore.dll
[2011.03.12 14:35:48 | 000,139,264 | ---- | C] (hxxp://www.xvid.org) -- C:\Windows\System32\xvid.ax
[2011.03.12 14:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
[2011.03.12 14:35:46 | 000,000,000 | ---D | C] -- C:\Programme\Leawo
[2011.03.12 14:20:28 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
[2011.03.12 14:20:24 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\WindSolutions
[2011.03.12 14:20:24 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
[2011.03.12 14:15:36 | 000,000,000 | ---D | C] -- C:\Users\Rose\Desktop\Endgame
[2011.03.12 14:15:20 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.03.12 14:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.03.12 12:00:31 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\Wide Angle Software
[2011.03.12 11:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wide Angle Software
[2011.03.12 11:59:56 | 000,000,000 | ---D | C] -- C:\Programme\Wide Angle Software
[2011.03.12 11:40:48 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Apple Computer
[2011.03.12 11:40:48 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\Apple Computer
[2011.03.12 11:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.03.12 11:40:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011.03.12 11:40:31 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.03.12 11:40:30 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.03.12 11:40:30 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.03.12 11:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.03.12 11:40:17 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2011.03.12 11:40:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.03.12 11:40:13 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2011.03.12 11:40:13 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\Apple
[2011.03.12 11:39:51 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2011.03.12 11:15:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011.03.11 22:11:28 | 000,000,000 | ---D | C] -- C:\Programme\temp
[2011.03.10 20:28:53 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Malwarebytes
[2011.03.10 20:28:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.03.10 20:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.03.10 20:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.03.10 20:28:43 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.03.10 20:28:43 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.03.10 18:20:49 | 002,100,601 | ---- | C] (Crytek GmbH) -- C:\Users\Rose\Documents\CryPhysics.dll
[2011.03.10 17:55:38 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Mozilla
[2011.03.10 17:40:55 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2011.03.10 17:40:50 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2011.03.10 17:40:50 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2011.03.10 17:40:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011
[2011.03.10 17:40:29 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\TuneUp Software
[2011.03.10 17:40:25 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2011
[2011.03.10 17:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011.03.10 17:39:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.03.09 18:45:02 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Xfire
[2011.03.09 18:45:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
[2011.03.09 18:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2011.03.09 18:30:30 | 000,000,000 | ---D | C] -- C:\Programme\Hitman Pro 3.5
[2011.03.09 18:30:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Pro 3.5
[2011.03.09 18:30:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011.03.09 16:40:35 | 000,000,000 | ---D | C] -- C:\Programme\tmp
[2011.03.06 21:56:46 | 000,000,000 | ---D | C] -- C:\Users\Rose\Desktop\music
[2011.03.06 21:47:53 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2011.03.06 21:47:53 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll
[2011.03.06 21:47:52 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2011.03.06 21:47:52 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll
[2011.03.06 21:47:51 | 000,000,000 | ---D | C] -- C:\Programme\AviSynth 2.5
[2011.03.06 21:46:37 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2011.03.06 21:46:37 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\System32\nbDX.dll
[2011.03.06 21:46:37 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\System32\flvDX.dll
[2011.03.06 21:46:37 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\System32\RLVorbisDec.ax
[2011.03.06 21:46:37 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSSplitter.ax
[2011.03.06 21:46:37 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSDecoder.ax
[2011.03.06 21:46:37 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\System32\RLTheoraDec.ax
[2011.03.06 21:46:37 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\System32\msfDX.dll
[2011.03.06 21:46:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © v2011.build.46 (Feb 12, 2011)
[2011.03.06 21:46:36 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\System32\RLOgg.ax
[2011.03.06 21:46:36 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\System32\DiracSplitter.ax
[2011.03.06 21:46:36 | 000,169,472 | RHS- | C] (Gabest) -- C:\Windows\System32\MatroskaDX.ax
[2011.03.06 21:46:36 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\System32\RealMediaDX.ax
[2011.03.06 21:46:36 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\System32\AVCDX.ax
[2011.03.06 21:45:40 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Real
[2011.03.06 21:43:11 | 000,000,000 | ---D | C] -- C:\Programme\eRightSoft
[2011.03.06 21:12:39 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Ashampoo
[2011.03.06 21:12:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011.03.06 21:12:26 | 000,000,000 | ---D | C] -- C:\Programme\Ashampoo
[2011.03.04 21:36:19 | 000,000,000 | ---D | C] -- C:\Fraps
[2011.02.25 18:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011.02.22 16:16:50 | 000,000,000 | ---D | C] -- C:\Users\Rose\Documents\Sony-Medienbibliotheken
[2011.02.22 16:16:49 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Publish Providers
[2011.02.22 16:16:45 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\Sony
[2011.02.22 16:12:56 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server
[2011.02.22 16:12:25 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Sony
[2011.02.22 16:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2011.02.22 16:11:19 | 000,000,000 | ---D | C] -- C:\Programme\Vstplugins
[2011.02.22 16:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2011.02.22 16:11:09 | 000,000,000 | ---D | C] -- C:\Programme\Sony
[2011.02.22 16:10:28 | 000,000,000 | ---D | C] -- C:\Programme\Sony Setup
[2011.02.21 21:43:22 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
[2011.02.21 21:43:04 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.02.19 10:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.02.19 10:06:28 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech Touch Mouse Server
[2011.02.19 10:06:28 | 000,000,000 | ---D | C] -- C:\Programme\Logitech Touch Mouse Server
[2011.02.18 20:51:30 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ControlMK
[2011.02.18 20:51:30 | 000,000,000 | ---D | C] -- C:\Programme\ControlMK
[2011.02.18 20:51:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ControlMK
[2011.02.18 20:49:28 | 000,000,000 | ---D | C] -- C:\Programme\AutoHotkey
[2011.02.18 20:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
[2011.02.18 16:59:02 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\NVIDIA
[2011.02.17 22:06:05 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2011.02.15 18:51:01 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\vlc
[2011.02.15 18:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.02.15 18:50:15 | 000,000,000 | ---D | C] -- C:\Programme\VideoLAN
 
========== Files - Modified Within 30 Days ==========
 
[2011.03.16 21:26:36 | 000,000,698 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.03.16 17:53:30 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011.03.16 17:50:41 | 000,013,536 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.16 17:50:41 | 000,013,536 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.16 17:49:55 | 001,562,332 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.03.16 17:49:55 | 000,890,268 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.16 17:49:55 | 000,416,348 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.03.16 17:49:55 | 000,360,134 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.16 17:47:16 | 000,291,862 | ---- | M] () -- C:\Users\Rose\Desktop\Unbenannt.jpg
[2011.03.16 17:43:30 | 008,405,015 | ---- | M] () -- C:\Windows\TempFile
[2011.03.16 17:43:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.16 17:43:21 | 2615,713,792 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.16 17:00:01 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job
[2011.03.16 16:50:42 | 000,097,130 | ---- | M] () -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\awmytwhp.exe
[2011.03.15 21:54:52 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.03.15 21:54:45 | 000,103,736 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011.03.15 21:53:15 | 008,373,856 | ---- | M] () -- C:\dynacore.dm_1
[2011.03.15 21:33:15 | 006,847,507 | ---- | M] () -- C:\Users\Rose\Desktop\cb2.dm_1
[2011.03.15 21:01:47 | 000,271,200 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011.03.14 17:56:21 | 202,807,296 | ---- | M] () -- C:\Users\Rose\Desktop\03-12-How I Met Your Mother-Tue_Bses_ernte_Gutes-cineonws.avi
[2011.03.13 22:02:55 | 000,000,572 | ---- | M] () -- C:\Users\Rose\Desktop\Fraps.lnk
[2011.03.13 17:14:21 | 000,000,863 | ---- | M] () -- C:\Users\Rose\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk
[2011.03.13 17:00:31 | 000,022,328 | ---- | M] () -- C:\Users\Rose\AppData\Roaming\PnkBstrK.sys
[2011.03.13 17:00:11 | 000,000,319 | ---- | M] () -- C:\Windows\game.ini
[2011.03.13 14:47:30 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\RegCure.job
[2011.03.13 13:43:08 | 145,064,458 | ---- | M] () -- C:\Users\Rose\Desktop\03-08-How I Met Your Mother-Glck_und_Glas-cineonws.mp4
[2011.03.12 17:35:56 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011.03.12 17:26:03 | 000,016,968 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011.03.12 17:24:56 | 000,006,496 | ---- | M] () -- C:\Windows\System32\.crusader
[2011.03.12 14:35:48 | 000,001,081 | ---- | M] () -- C:\Users\Public\Desktop\Leawo iPod Video Converter.lnk
[2011.03.12 14:29:18 | 000,003,584 | ---- | M] () -- C:\Users\Rose\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.12 14:20:28 | 000,001,333 | ---- | M] () -- C:\Users\Rose\Desktop\CopyTrans Control Center.lnk
[2011.03.12 11:42:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.03.12 11:40:46 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.03.10 22:48:10 | 000,037,149 | ---- | M] () -- C:\Users\Rose\Documents\ts3_clientui-win32-12815-2011-03-10 22_48_00.133725.dmp
[2011.03.10 19:47:46 | 000,212,917 | ---- | M] () -- C:\Users\Rose\Documents\ts3_clientui-win32-12815-2011-03-10 19_47_45.662430.dmp
[2011.03.10 18:30:41 | 021,691,392 | ---- | M] () -- C:\Users\Rose\Documents\Bin32.rar
[2011.03.10 18:21:30 | 002,100,601 | ---- | M] (Crytek GmbH) -- C:\Users\Rose\Documents\CryPhysics.dll
[2011.03.10 17:58:14 | 000,797,266 | ---- | M] () -- C:\Windows\System32\qtcore4.zip
[2011.03.07 22:13:04 | 000,000,156 | ---- | M] () -- C:\Windows\Twunk001.MTX
[2011.03.07 22:13:04 | 000,000,003 | ---- | M] () -- C:\Windows\Twain001.Mtx
[2011.03.04 23:19:39 | 000,002,598 | ---- | M] () -- C:\Windows\Cm106.ini.imi
[2011.03.01 20:12:36 | 000,000,120 | ---- | M] () -- C:\Users\Rose\AppData\Local\Qquhodamapesep.dat
[2011.03.01 20:12:36 | 000,000,000 | ---- | M] () -- C:\Users\Rose\AppData\Local\Ggavul.bin
[2011.02.26 02:19:32 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2011.02.22 16:39:38 | 257,208,014 | ---- | M] () -- C:\Users\Rose\Documents\Ohne Titel.mp4
[2011.02.22 16:16:51 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011.02.22 16:16:51 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011.02.22 16:16:50 | 000,000,000 | ---- | M] () -- C:\Windows\Twunk002.MTX
[2011.02.22 16:16:12 | 000,197,739 | ---- | M] () -- C:\Users\Rose\Documents\Vegas registrieren.htm
[2011.02.22 16:13:05 | 000,002,191 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dienst-Manager.lnk
[2011.02.21 22:19:15 | 000,516,550 | ---- | M] () -- C:\Users\Rose\Documents\Bild48.jpg
[2011.02.21 22:03:38 | 000,000,584 | ---- | M] () -- C:\Users\Rose\Documents\Standard.sfvidcap
[2011.02.19 10:06:33 | 000,001,173 | ---- | M] () -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk
[2011.02.18 13:10:38 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2011.02.18 13:06:00 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2011.02.18 13:05:52 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
 
========== Files Created - No Company Name ==========
 
[2011.03.16 17:47:16 | 000,291,862 | ---- | C] () -- C:\Users\Rose\Desktop\Unbenannt.jpg
[2011.03.15 21:52:08 | 008,373,856 | ---- | C] () -- C:\dynacore.dm_1
[2011.03.15 21:33:05 | 006,847,507 | ---- | C] () -- C:\Users\Rose\Desktop\cb2.dm_1
[2011.03.14 21:57:25 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.03.14 21:57:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.03.14 21:57:25 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.03.14 21:57:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.03.14 21:57:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.03.14 17:49:47 | 202,807,296 | ---- | C] () -- C:\Users\Rose\Desktop\03-12-How I Met Your Mother-Tue_Bses_ernte_Gutes-cineonws.avi
[2011.03.13 22:02:42 | 000,000,572 | ---- | C] () -- C:\Users\Rose\Desktop\Fraps.lnk
[2011.03.13 17:14:21 | 000,000,863 | ---- | C] () -- C:\Users\Rose\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk
[2011.03.13 14:37:08 | 000,000,388 | ---- | C] () -- C:\Windows\tasks\RegCure Program Check.job
[2011.03.13 14:37:08 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\RegCure.job
[2011.03.13 13:39:31 | 145,064,458 | ---- | C] () -- C:\Users\Rose\Desktop\03-08-How I Met Your Mother-Glck_und_Glas-cineonws.mp4
[2011.03.12 17:35:56 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011.03.12 17:27:20 | 000,097,130 | ---- | C] () -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\awmytwhp.exe
[2011.03.12 14:35:54 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.03.12 14:35:48 | 000,001,081 | ---- | C] () -- C:\Users\Public\Desktop\Leawo iPod Video Converter.lnk
[2011.03.12 14:29:18 | 000,003,584 | ---- | C] () -- C:\Users\Rose\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.12 14:20:28 | 000,001,333 | ---- | C] () -- C:\Users\Rose\Desktop\CopyTrans Control Center.lnk
[2011.03.12 11:42:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.03.12 11:40:46 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.03.12 11:40:13 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.03.10 22:48:00 | 000,037,149 | ---- | C] () -- C:\Users\Rose\Documents\ts3_clientui-win32-12815-2011-03-10 22_48_00.133725.dmp
[2011.03.10 19:47:45 | 000,212,917 | ---- | C] () -- C:\Users\Rose\Documents\ts3_clientui-win32-12815-2011-03-10 19_47_45.662430.dmp
[2011.03.10 18:22:56 | 021,691,392 | ---- | C] () -- C:\Users\Rose\Documents\Bin32.rar
[2011.03.10 18:02:13 | 001,961,472 | ---- | C] () -- C:\Windows\System32\qtcore4.dll
[2011.03.10 17:58:12 | 000,797,266 | ---- | C] () -- C:\Windows\System32\qtcore4.zip
[2011.03.10 17:40:49 | 000,002,151 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk
[2011.03.09 18:42:19 | 000,006,496 | ---- | C] () -- C:\Windows\System32\.crusader
[2011.03.09 18:30:31 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011.03.06 21:46:36 | 000,227,328 | RHS- | C] () -- C:\Windows\System32\ac3DX.ax
[2011.03.06 21:46:36 | 000,175,104 | RHS- | C] () -- C:\Windows\System32\CoreAAC.ax
[2011.03.06 21:46:36 | 000,120,832 | RHS- | C] () -- C:\Windows\System32\MPCDx.ax
[2011.03.06 21:46:36 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\RLMPCDec.ax
[2011.03.06 21:46:36 | 000,097,280 | RHS- | C] () -- C:\Windows\System32\FLACDX.ax
[2011.03.06 21:46:36 | 000,081,920 | RHS- | C] () -- C:\Windows\System32\aac_parser.ax
[2011.03.06 21:46:36 | 000,070,656 | RHS- | C] () -- C:\Windows\System32\RLAPEDec.ax
[2011.03.06 21:46:36 | 000,051,712 | RHS- | C] () -- C:\Windows\System32\RLSpeexDec.ax
[2011.02.26 02:19:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2011.02.22 16:34:24 | 257,208,014 | ---- | C] () -- C:\Users\Rose\Documents\Ohne Titel.mp4
[2011.02.22 16:16:51 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011.02.22 16:16:51 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011.02.22 16:16:50 | 000,000,156 | ---- | C] () -- C:\Windows\Twunk001.MTX
[2011.02.22 16:16:50 | 000,000,003 | ---- | C] () -- C:\Windows\Twain001.Mtx
[2011.02.22 16:16:50 | 000,000,000 | ---- | C] () -- C:\Windows\Twunk002.MTX
[2011.02.22 16:16:12 | 000,197,739 | ---- | C] () -- C:\Users\Rose\Documents\Vegas registrieren.htm
[2011.02.22 16:13:05 | 000,002,191 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dienst-Manager.lnk
[2011.02.21 22:21:22 | 000,000,120 | ---- | C] () -- C:\Users\Rose\AppData\Local\Qquhodamapesep.dat
[2011.02.21 22:21:22 | 000,000,000 | ---- | C] () -- C:\Users\Rose\AppData\Local\Ggavul.bin
[2011.02.21 22:19:09 | 000,516,550 | ---- | C] () -- C:\Users\Rose\Documents\Bild48.jpg
[2011.02.21 22:03:38 | 000,000,584 | ---- | C] () -- C:\Users\Rose\Documents\Standard.sfvidcap
[2011.02.19 10:06:33 | 000,001,173 | ---- | C] () -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk
[2011.02.09 23:52:26 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.02.09 23:06:12 | 000,047,822 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011.01.27 20:17:11 | 000,164,864 | ---- | C] () -- C:\Windows\System32\UNWISE.EXE
[2011.01.27 20:17:11 | 000,024,576 | ---- | C] () -- C:\Windows\System32\hdsuinst.exe
[2011.01.27 20:17:11 | 000,006,836 | ---- | C] () -- C:\Windows\System32\UNWISE.INI
[2011.01.25 18:38:27 | 000,561,152 | ---- | C] () -- C:\Windows\System32\Cmeau106.exe
[2011.01.25 18:38:27 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix106.dll
[2011.01.25 18:38:27 | 000,000,537 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2011.01.25 18:38:24 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2011.01.25 18:38:24 | 000,002,598 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2011.01.25 18:08:42 | 000,000,964 | ---- | C] () -- C:\Windows\cm106.ini
[2011.01.25 18:08:24 | 000,003,059 | ---- | C] () -- C:\Windows\Cm106.ini.cfg
[2011.01.22 17:45:34 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.01.22 13:11:22 | 000,241,664 | ---- | C] () -- C:\Windows\System32\cmdrvrmu.exe
[2011.01.22 13:11:22 | 000,045,056 | ---- | C] () -- C:\Windows\System32\cmdrvrmu.dll
[2011.01.22 09:15:16 | 000,040,960 | R--- | C] () -- C:\Windows\CmiUSB2Uninstall.exe
[2011.01.22 09:15:15 | 000,004,911 | R--- | C] () -- C:\Windows\Cmudau.ini
[2011.01.21 18:04:54 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.01.21 18:04:54 | 000,022,328 | ---- | C] () -- C:\Users\Rose\AppData\Roaming\PnkBstrK.sys
[2011.01.21 18:04:19 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.01.21 18:04:18 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.01.21 18:04:16 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2011.01.21 17:05:04 | 000,024,576 | R--- | C] () -- C:\Windows\System32\AsIO.dll
[2011.01.21 17:05:04 | 000,011,296 | R--- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2011.01.21 17:05:01 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2011.01.21 17:05:01 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2011.01.21 17:03:31 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.01.21 16:43:53 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.01.21 16:43:50 | 000,039,044 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.07.16 04:36:30 | 000,013,216 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2009.07.14 09:47:43 | 001,562,332 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,416,348 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 001,612,168 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,890,268 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,360,134 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.13 01:07:46 | 000,025,448 | ---- | C] () -- C:\Windows\System32\drivers\uxpatch.sys
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2009.02.19 04:35:10 | 000,049,152 | R--- | C] () -- C:\Windows\DAOD.exe
[2008.12.01 18:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
 
========== LOP Check ==========
 
[2011.03.06 21:12:39 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Ashampoo
[2011.01.21 17:31:10 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\DAEMON Tools Lite
[2011.02.14 16:42:57 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\DAEMON Tools Pro
[2011.03.09 20:16:49 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\kikin
[2011.03.12 14:36:03 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Leawo
[2011.03.12 14:36:03 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Moyea
[2011.02.21 21:43:22 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
[2011.02.22 16:16:49 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Publish Providers
[2011.01.22 11:00:02 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\ROCCAT
[2011.02.22 16:34:23 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Sony
[2011.03.05 17:56:02 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\TeamViewer
[2011.01.24 18:54:16 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\ToMMTi-Systems
[2011.01.22 13:06:38 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\TS3Client
[2011.03.10 17:40:29 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\TuneUp Software
[2011.01.21 17:35:04 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Ubisoft
[2011.03.12 14:28:59 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\WindSolutions
[2011.03.16 17:00:01 | 000,000,388 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2011.03.13 14:47:30 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\RegCure.job
[2011.03.12 17:26:03 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*.* >
[2009.06.10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009.07.14 02:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2011.01.21 22:54:50 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011.03.14 22:06:19 | 000,024,894 | ---- | M] () -- C:\ComboFix.txt
[2009.06.10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011.03.16 17:53:30 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011.03.15 21:53:15 | 008,373,856 | ---- | M] () -- C:\dynacore.dm_1
[2010.09.13 18:28:08 | 000,000,270 | ---- | M] () -- C:\file_list.txt
[2009.11.26 02:26:00 | 000,206,312 | RHS- | M] () -- C:\grldr
[2011.03.16 17:43:21 | 2615,713,792 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.22 16:16:51 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011.03.16 17:40:48 | 000,038,763 | ---- | M] () -- C:\JavaRa.log
[2011.02.22 16:16:51 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011.03.16 17:43:23 | 3487,621,120 | -HS- | M] () -- C:\pagefile.sys
[2011.01.21 16:48:31 | 000,000,068 | -H-- | M] () -- C:\splash.idx
[2010.04.14 10:38:14 | 000,017,232 | -H-- | M] () -- C:\version
 
< %systemroot%\system32\*.wt >
 
< %systemroot%\system32\*.ruy >
 
< %systemroot%\Fonts\*.com >
[2009.07.14 05:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009.07.14 05:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009.07.14 05:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009.07.14 05:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2009.06.10 22:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009.07.14 02:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2009.07.14 02:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.scr >
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2009.07.14 05:41:57 | 000,000,174 | -HS- | M] () -- C:\Programme\desktop.ini
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.07.14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009.07.14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\LocationApi.dll
 
< %systemroot%\Tasks\*.job /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\user32.dll /md5 >
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
 
< %systemroot%\system32\ws2_32.dll /md5 >
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
 
< %systemroot%\system32\ws2help.dll /md5 >
[2009.07.14 02:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\Windows\System32\ws2help.dll
 
 
< MD5 for: EXPLORER.EXE  >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010.01.12 19:59:15 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2010.01.12 19:59:15 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\ERDNT\cache\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-03-15 17:09:32
 
<           >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >
--- --- ---
__________________
Alt 16.03.2011, 22:10   #18
Swisstreasure
/// Malwareteam
 
Programme lassen sich nicht ausführen/Avira spielt verrückt - Standard

Programme lassen sich nicht ausführen/Avira spielt verrückt


Schritt 1

Bitte lasse die Dateien aus der Code-Box bei Virustotal überprüfen
Code:
ATTFilter
C:\Windows\DAOD.exe
Also gehe wie hier beschrieben vor:
  • Öffne diese Webseite: virustotal
  • Klicke auf "Durchsuchen"
  • Suche die Datei auf deinem Rechner--> Doppelklick auf die zu prüfende Datei (oder kopiere den Inhalt ab aus der Codebox)
  • "Senden der Datei"
  • Warte, bis der Scandurchlauf aller Virenscanner beendet ist
  • Auf "Filter" klicken
  • dann auf "Ergebnisse"
  • das Ergebnis (wie Du es bekommst )
    komplett markieren und hier rein kopieren
Sollte die Datei als schädlich erkannt werden bitte noch nicht entfernen

Schritt 2

Installiere den Windows Installer nach dieser Anleitung neu.
__________________
Alt 16.03.2011, 22:29   #19
enKzZ
 
Programme lassen sich nicht ausführen/Avira spielt verrückt - Standard

Programme lassen sich nicht ausführen/Avira spielt verrückt


File name:
DAOD.exe
Submission date:
2011-03-16 21:20:48 (UTC)
Current status:
queued (#3) queued (#3) analysing finished
Result:
0/ 42 (0.0%)

VT Community

goodware
Safety score: 100.0%
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.03.17.00 2011.03.16 -
AntiVir 7.11.4.235 2011.03.16 -
Antiy-AVL 2.0.3.7 2011.03.16 -
Avast 4.8.1351.0 2011.03.16 -
Avast5 5.0.677.0 2011.03.16 -
AVG 10.0.0.1190 2011.03.16 -
BitDefender 7.2 2011.03.16 -
CAT-QuickHeal 11.00 2011.03.16 -
ClamAV 0.96.4.0 2011.03.16 -
Commtouch 5.2.11.5 2011.03.16 -
Comodo 8005 2011.03.16 -
DrWeb 5.0.2.03300 2011.03.16 -
eSafe 7.0.17.0 2011.03.16 -
eTrust-Vet 36.1.8219 2011.03.16 -
F-Prot 4.6.2.117 2011.03.16 -
F-Secure 9.0.16440.0 2011.03.16 -
Fortinet 4.2.254.0 2011.03.16 -
GData 21 2011.03.16 -
Ikarus T3.1.1.97.0 2011.03.16 -
Jiangmin 13.0.900 2011.03.16 -
K7AntiVirus 9.93.4128 2011.03.16 -
Kaspersky 7.0.0.125 2011.03.16 -
McAfee 5.400.0.1158 2011.03.16 -
McAfee-GW-Edition 2010.1C 2011.03.16 -
Microsoft 1.6603 2011.03.16 -
NOD32 5960 2011.03.16 -
Norman 6.07.03 2011.03.16 -
nProtect 2011-02-10.01 2011.02.15 -
Panda 10.0.3.5 2011.03.16 -
PCTools 7.0.3.5 2011.03.11 -
Prevx 3.0 2011.03.16 -
Rising 23.49.02.06 2011.03.16 -
Sophos 4.63.0 2011.03.16 -
SUPERAntiSpyware 4.40.0.1006 2011.03.16 -
Symantec 20101.3.0.103 2011.03.16 -
TheHacker 6.7.0.1.150 2011.03.16 -
TrendMicro 9.200.0.1012 2011.03.16 -
TrendMicro-HouseCall 9.200.0.1012 2011.03.16 -
VBA32 3.12.14.3 2011.03.16 -
VIPRE 8725 2011.03.16 -
ViRobot 2011.3.16.4360 2011.03.16 -
VirusBuster 13.6.252.0 2011.03.16 -
Additional information
Show all
MD5 : 7fc46514b7eebb1bdb30c2ecf245a5d6
SHA1 : 7cee6f89468e217f0638d8481e1fa56f90c38581
SHA256: b0aea8e652d433060b052b10c56ffa7227ab8d55f87b7d38cc3cb2af0b53f5ee
ssdeep: 768:JvvLxk6YgBG7sl9sTrc7F4ZH+tD1/nST59b:R9kiBG79TY7F4ZeXvi5d
File size : 49152 bytes
First seen: 2009-07-25 03:21:14
Last seen : 2011-03-16 21:20:48
TrID:
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x15CB
timedatestamp....: 0x499CD36C (Thu Feb 19 03:35:08 2009)
machinetype......: 0x14c (I386)

[[ 4 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x66E4, 0x7000, 6.34, fd271fda483143dee5aa4ac62a23f966
.rdata, 0x8000, 0x1C52, 0x2000, 5.08, 04292a8ad5e5143e8a781a61bc5012ce
.data, 0xA000, 0x189C, 0x1000, 2.13, d032d4f4eff530c03d4c357ee61554f8
.rsrc, 0xC000, 0x338, 0x1000, 3.92, fec410e79fd53248cca07517f8a3b33b

[[ 2 import(s) ]]
KERNEL32.dll: GetEnvironmentVariableW, GetModuleFileNameW, CopyFileW, GetCommandLineA, HeapFree, GetVersionExA, HeapAlloc, GetProcessHeap, GetStartupInfoA, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, IsValidCodePage, GetModuleHandleA, GetProcAddress, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetCurrentThreadId, GetLastError, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, SetHandleCount, GetFileType, DeleteCriticalSection, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, LCMapStringA, MultiByteToWideChar, LCMapStringW, GetStringTypeA, GetStringTypeW, LeaveCriticalSection, EnterCriticalSection, Sleep, GetLocaleInfoA, LoadLibraryA, InitializeCriticalSection, VirtualAlloc, HeapReAlloc, RtlUnwind, HeapSize

Alt 17.03.2011, 06:37   #20
Swisstreasure
/// Malwareteam
 
Programme lassen sich nicht ausführen/Avira spielt verrückt - Standard

Programme lassen sich nicht ausführen/Avira spielt verrückt


Hat das mit dem Installer geklaPpt?


Antwort
Seite 2 von 2 1 2

Themen zu Programme lassen sich nicht ausführen/Avira spielt verrückt
.dll, agent, anzahl, avira, board, datei, dll, gestartet, heute, interne, internet, keine programme, malware, neue, programme, spiel, stark, steam, system, trojaner, trojaner board, verrückt, verschiedene, versuche, viren, windows


« Java-Virus JAVA/OpenConnect.DD + TR/Kazy.akcqd | Suche Trojaner aber wie »


Ähnliche Themen: Programme lassen sich nicht ausführen/Avira spielt verrückt


  1. Firefox spielt verrückt. Mit Adware infiziert. Lässt sich nicht entfernen.
    Plagegeister aller Art und deren Bekämpfung - 29.10.2015 (15)
  2. Exe Datein lassen sich nicht ausführen Vista
    Log-Analyse und Auswertung - 12.06.2015 (5)
  3. Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen
    Antiviren-, Firewall- und andere Schutzprogramme - 23.03.2015 (10)
  4. Exe Dateien lassen sich nicht ausführen
    Plagegeister aller Art und deren Bekämpfung - 23.01.2014 (3)
  5. Trojaner TR/sirefef.A.78 & Defogger.exe, OTL.exe, Gmer.exe lassen sich nicht ausführen
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (15)
  6. C:\ProgramData\fcfaddcfsacfsfdsf.exe , Trojaner? Avira spielt verrückt.
    Plagegeister aller Art und deren Bekämpfung - 02.06.2013 (3)
  7. .exe files lassen sich nicht ausführen, malware lässt sich nicht ausführen, system wiederherstellung nicht möglich
    Log-Analyse und Auswertung - 25.03.2013 (0)
  8. Infektion mit Live Security Platinum: Dateien lassen sich nicht mehr ausführen inkl. F8
    Plagegeister aller Art und deren Bekämpfung - 15.07.2012 (33)
  9. Windows Firewall & Update geht nicht;Heruntergeladene Daten lassen sich nicht ausführen
    Plagegeister aller Art und deren Bekämpfung - 05.02.2012 (33)
  10. Setup.exe Datein lassen sich nicht ausführen , und Minianwendungen werden nicht Korrekt angezeigt ?
    Log-Analyse und Auswertung - 25.06.2011 (5)
  11. Programme lassen sich von einem User nicht mehr ausführen
    Plagegeister aller Art und deren Bekämpfung - 16.02.2011 (4)
  12. bestimmte .exe dateien lassen sich nicht ausführen
    Plagegeister aller Art und deren Bekämpfung - 23.11.2010 (21)
  13. Windows Xp spinnt total. Programme lassen sich nicht ordentlich ausführen
    Alles rund um Windows - 09.11.2009 (10)
  14. Taskmanager und Regedit lassen sich nicht mehr ausführen
    Log-Analyse und Auswertung - 22.03.2009 (0)
  15. Setup Dateien lassen sich nicht ausführen...
    Plagegeister aller Art und deren Bekämpfung - 05.01.2009 (3)
  16. Setup dateien lassen sich nicht ausführen...
    Alles rund um Windows - 01.01.2009 (6)
  17. Antivir spielt verrückt,PC hängt sich ständig auf etc.
    Log-Analyse und Auswertung - 24.11.2008 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Programme lassen sich nicht ausführen/Avira spielt verrückt - Machen wir das mit Java am Schluss noch. Schritt 1 Hosts reparieren Lade Dir bitte HostsXpert herunter. Entpacke die Zipdatei und starte das Tool. Klicke nun auf Restore MS Hosts - Programme lassen sich nicht ausführen/Avira spielt verrückt...
Archiv
Du betrachtest: Programme lassen sich nicht ausführen/Avira spielt verrückt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55