Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware help please


  • Please log in to reply
9 replies to this topic

#1 LISpeedyG

LISpeedyG

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 02 February 2015 - 10:34 PM

Hi,

I have been trying to clean my daughters computer and still have infections.  Thus far I have:

1.   Run Malwarebytes a number of times.  At first if found 5,000+ infections.  I cleaned them

2.   Ran Malwarebytes again and still had about 80.  Tried once again to clean but was not able to clean.

3.   Ran adwcleaner_4.109 and it seemed to clean most of the issues raised in the browsers.

4.   It now appears that there is spyware attempting to connect out to it's host.  Both my firewall and MalwareBytes is blocking it's access to the outside.

 

System: Dell Alienware, Win 8.1 Pro x64 pateched to current levels.

 

I need some help with the removal

Thank You,

Gus



BC AdBot (Login to Remove)

 


#2 LISpeedyG

LISpeedyG
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 02 February 2015 - 10:47 PM

Update:

The site it's attempting to contact:

Domain: ran.bfylueopfyia.com

IP: 5.153.38.133

Port: 53652

It appears to be triggered during execution of Chrome.exe



#3 LISpeedyG

LISpeedyG
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 02 February 2015 - 11:48 PM

Update 2:

I managed to remove the plugin from chrome and updated chrome.  That seemed to resolve most of the other issues.

I also ran Hitman Pro and did not find any fragments.  But, deleted many pointers.

 

I'm wondering if all is now gone.  So, whenever an expert has a chance I would appreciate any further analysis.

 

Thanks,

Gus



#4 jh1234l

jh1234l

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 03 February 2015 - 12:10 AM

Hello, LISpeedyG! Let's start with some important instructions:

 

  • Avoid installing or uninstalling programs during the malware removal process, which may complicate malware removal efforts
  • Do NOT run tools such as Combofix unless instructed by a BleepingComputer staff member. These tools can break your computer if used improperly.
  • If you want to, you should back up all important documents and files to an external storage device or online file backup service.

Step 1: Please download MiniToolBox by Farbar, and save it to your desktop.

 

Run the program. Please select the following options:

 

  1. Flush DNS
  2. Report IE proxy settings
  3. Reset IE proxy settings
  4. Report FF proxy settings
  5. Reset FF proxy settings
  6. List content of Hosts
  7. List IP configuration
  8. List last 10 Event Viewer errors
  9. List installed programs

After the program finishes its job, it will create a log file called "Result.txt" on your desktop. Post the contents of that file in your next reply.

 

Step 2: Run ESET online scanner

 

  1. Using Internet Explorer, navigate to http://www.eset.com/us/online-scanner-popup/ (If you used another web browser, such as Firefox, you will have to download an installer file)
  2. Read through the program's terms of use. If you agree with it, check the checkbox which confirms that you accepted the program's terms of use. If you do not agree with its terms of use, then notify me and I can find another virus cleaning solution for you.
  3. Accept any security warnings which may appear.
  4. Click on the advanced settings part, and select "Scan for potentially unsafe applications","remove found threats", and "Scan archives".
  5. Check "scan for potentially unwanted applications".
  6. Click "start".
  7. Eset will download updates and scan your computer; this may take a few minutes to a few hours.
  8. When the scan completes, click "list threats".
  9. Click "Export", and save the log file to your desktop.
  10. Post the contents of the log file to your next forum post. Please note that if ESET does not detect anything, it may not necessarily generate a log file.


#5 Londaik

Londaik

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 03 February 2015 - 04:44 AM

friend has that the mist in Switzerland....

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Gunter Sommer (administrator) on 03-02-2015 at 10:35:08
Running from "C:\Users\Gunter Sommer\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows-IP-Konfiguration

Der DNS-Auflsungscache wurde geleert.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com

There are 15474 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = LAN-Verbindung (Connected)
Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter = Drahtlosnetzwerkverbindung (Hardware not present)


# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?+$ subinterface=ethernet_9 mtu=1500


popd
# Ende der IPv4-Konfiguration



Windows-IP-Konfiguration

   Hostname  . . . . . . . . . . . . : GunterSommer-PC
   Primres DNS-Suffix . . . . . . . :
   Knotentyp . . . . . . . . . . . . : Hybrid
   IP-Routing aktiviert  . . . . . . : Nein
   WINS-Proxy aktiviert  . . . . . . : Nein
   DNS-Suffixsuchliste . . . . . . . : home

Ethernet-Adapter LAN-Verbindung:

   Verbindungsspezifisches DNS-Suffix: home
   Beschreibung. . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
   Physikalische Adresse . . . . . . : 40-61-86-2D-01-0A
   DHCP aktiviert. . . . . . . . . . : Ja
   Autokonfiguration aktiviert . . . : Ja
   Verbindungslokale IPv6-Adresse  . : fe80::2c3e:cceb:c367:a606%11(Bevorzugt)
   IPv4-Adresse  . . . . . . . . . . : 192.168.1.108(Bevorzugt)
   Subnetzmaske  . . . . . . . . . . : 255.255.255.0
   Lease erhalten. . . . . . . . . . : Dienstag, 3. Februar 2015 03:17:39
   Lease luft ab. . . . . . . . . . : Mittwoch, 4. Februar 2015 03:17:39
   Standardgateway . . . . . . . . . : 192.168.1.1
   DHCP-Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6-IAID . . . . . . . . . . . : 306209158
   DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-12-A4-0D-0B-40-61-86-2D-01-0A
   DNS-Server  . . . . . . . . . . . : 192.168.1.1
   NetBIOS ber TCP/IP . . . . . . . : Aktiviert

Tunneladapter LAN-Verbindung*:

   Verbindungsspezifisches DNS-Suffix:
   Beschreibung. . . . . . . . . . . : Microsoft-Teredo-Tunneling-Adapter
   Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiviert. . . . . . . . . . : Nein
   Autokonfiguration aktiviert . . . : Ja
   IPv6-Adresse. . . . . . . . . . . : 2001:0:9d38:6ab8:14e2:3fc3:4f80:403(Bevorzugt)
   Verbindungslokale IPv6-Adresse  . : fe80::14e2:3fc3:4f80:403%10(Bevorzugt)
   Standardgateway . . . . . . . . . : ::
   NetBIOS ber TCP/IP . . . . . . . : Deaktiviert

Tunneladapter isatap.home:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix: home
   Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #2
   Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiviert. . . . . . . . . . : Nein
   Autokonfiguration aktiviert . . . : Ja
Server:  internetbox.home
Address:  192.168.1.1

Name:    google.com
Addresses:  2a00:1450:400a:805::1007
      193.134.255.118
      193.134.255.89
      193.134.255.94
      193.134.255.108
      193.134.255.98
      193.134.255.88
      193.134.255.119
      193.134.255.103
      193.134.255.114
      193.134.255.109
      193.134.255.113
      193.134.255.123
      193.134.255.104
      193.134.255.84
      193.134.255.99
      193.134.255.93


Ping wird ausgefhrt fr google.com [193.134.255.93] mit 32 Bytes Daten:
Antwort von 193.134.255.93: Bytes=32 Zeit=221ms TTL=57
Antwort von 193.134.255.93: Bytes=32 Zeit=31ms TTL=57

Ping-Statistik fr 193.134.255.93:
    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
    (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 31ms, Maximum = 221ms, Mittelwert = 126ms
Server:  internetbox.home
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Ping wird ausgefhrt fr yahoo.com [206.190.36.45] mit 32 Bytes Daten:
Allgemeiner Fehler.
Antwort von 206.190.36.45: Bytes=32 Zeit=181ms TTL=47

Ping-Statistik fr 206.190.36.45:
    Pakete: Gesendet = 2, Empfangen = 1, Verloren = 1
    (50% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 181ms, Maximum = 181ms, Mittelwert = 181ms

Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit=2ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128

Ping-Statistik fr 127.0.0.1:
    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
    (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 0ms, Maximum = 2ms, Mittelwert = 1ms
===========================================================================
Schnittstellenliste
 11...40 61 86 2d 01 0a ......NVIDIA nForce 10/100/1000 Mbps Ethernet
  1...........................Software Loopback Interface 1
 10...00 00 00 00 00 00 00 e0 Microsoft-Teredo-Tunneling-Adapter
 17...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #2
===========================================================================

IPv4-Routentabelle
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway    Schnittstelle Metrik
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.108     10
        127.0.0.0        255.0.0.0   Auf Verbindung         127.0.0.1    306
        127.0.0.1  255.255.255.255   Auf Verbindung         127.0.0.1    306
  127.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
      192.168.1.0    255.255.255.0   Auf Verbindung     192.168.1.108    266
    192.168.1.108  255.255.255.255   Auf Verbindung     192.168.1.108    266
    192.168.1.255  255.255.255.255   Auf Verbindung     192.168.1.108    266
        224.0.0.0        240.0.0.0   Auf Verbindung         127.0.0.1    306
        224.0.0.0        240.0.0.0   Auf Verbindung     192.168.1.108    266
  255.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
  255.255.255.255  255.255.255.255   Auf Verbindung     192.168.1.108    266
===========================================================================
Stndige Routen:
  Keine

IPv6-Routentabelle
===========================================================================
Aktive Routen:
 If Metrik Netzwerkziel             Gateway
 10     58 ::/0                     Auf Verbindung
  1    306 ::1/128                  Auf Verbindung
 10     58 2001::/32                Auf Verbindung
 10    306 2001:0:9d38:6ab8:14e2:3fc3:4f80:403/128
                                    Auf Verbindung
 11    266 fe80::/64                Auf Verbindung
 10    306 fe80::/64                Auf Verbindung
 10    306 fe80::14e2:3fc3:4f80:403/128
                                    Auf Verbindung
 11    266 fe80::2c3e:cceb:c367:a606/128
                                    Auf Verbindung
  1    306 ff00::/8                 Auf Verbindung
 10    306 ff00::/8                 Auf Verbindung
 11    266 ff00::/8                 Auf Verbindung
===========================================================================
Stndige Routen:
  Keine

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/03/2015 07:33:33 AM) (Source: Bonjour Service) (User: )
Description: 712: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (02/03/2015 07:33:33 AM) (Source: Bonjour Service) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (02/03/2015 07:33:33 AM) (Source: Bonjour Service) (User: )
Description: 764: DNSServiceGetAddrInfo      v4v6 dlanwireless-2.local.

Error: (02/03/2015 07:33:33 AM) (Source: Bonjour Service) (User: )
Description: 764: Could not write data to client because of error - aborting connection

Error: (02/03/2015 07:33:33 AM) (Source: Bonjour Service) (User: )
Description: send_msg ERROR: failed to write 88 of 88 bytes to fd 764 errno 10053 (Eine bestehende Verbindung wurde softwaregesteuert
durch den Hostcomputer abgebrochen.)

Error: (02/03/2015 07:33:33 AM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad “_ssh†“_tcp.local.†“.â€

Error: (02/03/2015 07:33:33 AM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/03/2015 07:33:33 AM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad “_sftp-ssh†“_tcp.local.†“.â€

Error: (02/03/2015 07:33:33 AM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/03/2015 07:33:33 AM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad “_smb†“_tcp.local.†“.â€


System errors:
=============
Error: (02/03/2015 10:19:31 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/03/2015 10:19:31 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/03/2015 10:19:30 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/03/2015 10:18:05 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/03/2015 10:18:05 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/03/2015 10:18:05 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/03/2015 10:17:30 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/03/2015 10:17:30 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/03/2015 10:17:30 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/03/2015 09:54:04 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.


Microsoft Office Sessions:
=========================


 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
=========================== Installed Programs ============================
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
32 Bit HP CIO Components Installer (Version: 8.1.2 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe AIR (Version: 2.0.3.13070 - Adobe Systems Inc.) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Refresh Manager (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (32-Bit) (HKLM\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{28ED482A-56DB-47D9-8D9E-990FA8CD7D3D}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{9D210D79-AEC5-453B-960C-4DD2C73931E1}) (Version: 2.0.2.0 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\_{B6B75FB9-D1DB-491B-847D-144D9C580AA3}) (Version: 16.4.0.1280 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.4.1280 - Corel Corporation) Hidden
Corel Graphics Suite 11 (HKLM\...\InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}) (Version: 11 - Corel Corporation)
Corel Graphics Suite 11 (Version: 11 - Corel Corporation) Hidden
Corel MediaOne (HKLM\...\{A062A15F-9CAC-4B88-98DF-87628A0BD721}) (Version: 2.100.0000 - Corel Corporation)
Corel Painter Essentials 4 (HKLM\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version:  - Corel Corporation)
Corel Painter Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essential Edition 3 (HKLM\...\_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}) (Version:  - Corel Corporation)
CorelDRAW Essential Edition 3 (Version: 3.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - BR (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - DE (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - EN (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - ES (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Extra Content (HKLM\...\_{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version:  - Corel Corporation)
CorelDRAW Graphics Suite X5 - Extra Content (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FR (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IT (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - KPT Collection (HKLM\...\_{44864C09-D493-4B07-BAD0-F65557A3C552}) (Version:  - Corel Corporation)
CorelDRAW Graphics Suite X5 - KPT Collection (Version: 1.00.0000 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - NL (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Premium Fonts (Version: 1.00.0000 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - BR (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - DE (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - EN (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - ES (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (Version: 16.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FR (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IT (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - NL (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (Version: 16.7 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (HKLM\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.4.1.1281 - Corel Corporation)
CorelDRAW Graphics Suite X6 (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW® Graphics Suite X5 (HKLM\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER shop to date 7 pro (HKLM\...\shop to date 7 pro_is1) (Version: 7.0.0.1767 - DATA BECKER GmbH & Co. KG)
DE (Version: 3.0 - Corel Corporation) Hidden
devolo Cockpit (HKLM\...\dlancockpit) (Version: 4.2.3.0 - devolo AG)
erLT (Version: 1.20.0137 - Logitech, Inc.) Hidden
Fitbit Connect (HKLM\...\{5BD4A02D-B528-4916-A846-176B31A5D84F}) (Version: 1.0.3.5511 - Fitbit Inc.)
Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (Version: 8.64 - Corel Corporation) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
herdProtect Anti-Malware Scanner (HKLM\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
HP LJ300-400 color MFP M375-M475 (HKLM\...\{9D1DE902-8058-4555-A16A-FBFAA49587DB}) (Version:  - Hewlett-Packard)
HP LJ300-400 color MFP M375-M475 Fax (HKLM\...\{F284FAB3-7B91-499F-856A-1A8BF7649D8D}) (Version: 24.0.0.0 - Hewlett-Packard Co.)
HP LJ300-400 M375-M475 HP Scan (Version: 1.0.302.0 - Hewlett-Packard Co.) Hidden
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 9.7.3 - Hewlett-Packard Company)
HP Unified IO (Version: 1.0.1.94 - HP) Hidden
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (Version: 001.001.05133 - Hewlett-Packard) Hidden
hpbM375M475DSService (Version: 001.001.05164 - Hewlett-Packard) Hidden
HPLaserJet300-400ColorM375-M475Series_HelpLearnCenter_SI (HKLM\...\{72A474E0-5AA3-4EDD-8FAA-D87CB2FD0654}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (Version: 020.021.004 - HP) Hidden
HPLJUTCore (Version: 1.02.0014 - HP) Hidden
HPLJUTM375-M475 (Version: 1.02.0013 - HP) Hidden
hppFaxDrvM375M475 (Version: 003.000.00002 - Hewlett-Packard) Hidden
hppLaserJetService (Version: 009.022.00806 - Hewlett-Packard) Hidden
hppM375_M475LaserJetService (Version: 005.020.00094 - Hewlett-Packard) Hidden
hppQFolderCM1312 (Version: 1.00.0000 - Hewlett-Packard) Hidden
hppSendFaxM375M475 (Version: 003.000.00002 - Hewlett-Packard) Hidden
hppToolboxProxyM375 (Version: 020.021.004 - HP) Hidden
hpStatusAlerts (Version: 020.025.1119 - Hewlett Packard) Hidden
hpStatusAlertsM375_M475 (Version: 020.023.01805 - Hewlett-Packard) Hidden
HWiNFO32 Version 4.34 (HKLM\...\HWiNFO32_is1) (Version: 4.34 - Martin Malík - REALiX)
InstanceFinder (Version: 020.021.004 - HP) Hidden
iTunes (HKLM\...\{B8032A6B-C4D0-4744-B75F-9DDCB56B5C6F}) (Version: 12.1.0.71 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java Auto Updater (Version: 2.8.31.13 - Oracle Corporation) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Kindle Previewer (HKCU\...\KindlePreviewer) (Version: 2.92 - Amazon)
Licensing Service (03000201) (Version: 03.00.02.15 - Protexis Inc.) Hidden
LJDXPHelperUI (Version: 020.021.004 - HP) Hidden
Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Logitech Z-series Software 1.04 (HKLM\...\{A157AC1C-DF44-481A-81E7-17AE00239818}) (Version: 1.04.153 - Logitech)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee AntiVirus Plus (HKLM\...\MSC) (Version: 14.0.207 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.182 - McAfee, Inc.)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (DEU) (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x86) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) German (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9713 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.18.9 - NVIDIA Corporation) Hidden
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.172.1357 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.1 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.18.9 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.27 (Version: 1.2.27 - NVIDIA Corporation) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Plus500 (HKLM\...\Plus500) (Version:  - )
Process Lasso (HKLM\...\ProcessLasso) (Version: 7.8.0.4 - Bitsum)
Protect Disc License Helper 1.0.125 (IE) (HKCU\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Q-Buchhaltung (HKLM\...\Q Buchhaltung advanced) (Version:  - )
Q-Buchhaltung (HKLM\...\Q3 Buchhaltung advanced) (Version:  - )
Q-Faktura (HKLM\...\Q Faktura advanced) (Version:  - )
Q-Faktura (HKLM\...\Q3 Faktura advanced) (Version:  - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartFTP Client (HKLM\...\{BC9C0AB2-6434-45DB-9BE9-351ED9FB2DCF}) (Version: 4.1.1318.0 - SmartSoft Ltd.)
SmartFTP Client 4.0 Setup Files (remove only) (HKLM\...\SmartFTP Client 4.0 Setup Files) (Version: 4.0 - SmartSoft Ltd)
Snagit 9.1.3 (HKLM\...\{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}) (Version: 9.1.3.16 - TechSmith Corporation)
SofTax GR 2013 NP (HKLM\...\{78712737-9C76-495D-8F88-BDF94F869351}) (Version: 2.2.4 - Abraxas Informatik AG)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SuperManCoupon (HKLM\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - SuperManCoupon)
SupplementPro (HKLM\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{403201b9}) (Version:  - Software Publisher)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
ToolboxProxy (Version: 020.023.005 - HP) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 9.0.6030.1 - TuneUp Software) Hidden
U3Launcher (HKLM\...\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}) (Version: 1.0.0 - U3)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{9913305E-D4AC-4D26-B30F-799D529FB282}) (Version:  - Microsoft)
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{7B9D2746-D03B-442B-A691-90B748E316B4}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
VBA (2701.01) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual Basic for Applications ® Core - English (Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications ® Core - German (Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications ® Core (Version: 6.4.99.69 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WD My Cloud (HKLM\...\{4ED25739-098A-4403-8E4F-49088DC356F1}) (Version: 1.0.6.13 - Western Digital Technologies, Inc.)
WebAcappella4 (HKLM\...\WebAcappella4_is1) (Version:  - Intuisphere)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live OneCare safety scanner (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Xpage Internet Studio 6 Professional (HKLM\...\Xpage Internet Studio 6 Professional) (Version: 6.0.0.0 - CUTEX Systems GmbH)

**** End of log ****
 



#6 Londaik

Londaik

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 03 February 2015 - 04:45 AM

sorry translater

 

Kumpel in der Schweiz hat das gleiche problem ....



#7 Londaik

Londaik

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 03 February 2015 - 04:50 AM

das sind die Programme die neu sind und von einigen programmen gefunden werden ....

 

run.bfylueopfyia.com

 

couponpeak

 

die wollen immer da hin

 

Domain: ran.bfylueopfyia.com

IP: 5.153.38.133

Port: 53652

 

aber Malewarebytes block die aktion nur immer und der rechner ist irre ausgelastet.



#8 Londaik

Londaik

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:19 AM

Posted 03 February 2015 - 04:56 AM

der schritt ist ohne hilfe fast unmöglich zu nutzen

 

hab ihm den direkten Link geschickt.

 

http://download.eset.com/special/eos/esetsmartinstaller_enu.exe


Edited by Londaik, 03 February 2015 - 05:02 AM.


#9 lray801

lray801

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 03 February 2015 - 11:06 AM

Greetings,

 

I'm having the same issue.  Malwarebytes is not finding any issues but the computer I'm working on is infected and trying to go to the same website the OP listed.  What's funny is that Malwarebytes is blocking that.

 

Anywho, does anyone have any solutions or suggestions?

 

Thanks!

lray801



#10 lray801

lray801

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 03 February 2015 - 01:13 PM

What finally resolved the issue of being redirected was downloading Revo Uninstaller and removing a program called "WebHelper". I had to use Revo because the built-in installer would not remove the program. There were some other things that both solutions above resolved as well.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users