Virus + trage laptop

lg

11-10-2010 15:42

Na div scans en het uitvoeren van antivirusplan plaats ik hier bij de gevraagde logjes.
Er zijn 32 virussen en 556 problemen verwijderd door Malwerbyte
MvG,
LG
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:35:49, on 11-10-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\ASScrPro.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnederland.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Freecause Shopping BHO - {53498FE9-5B64-48BE-995B-51BD0585BE6D} - C:\Program Files\Shop to Win 5\ShoppingBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\Power2Go” UpdateWithCreateOnce “SOFTWARE\CyberLink\Power2Go\6.0”
O4 - HKLM\..\Run: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: “C:\Program Files\ATK Hotkey\HcontrolUser.exe”
O4 - HKLM\..\Run: “C:\Program Files\ATKOSD2\ATKOSD2.exe”
O4 - HKLM\..\Run: RtHDVCpl.exe
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: “C:\Program Files\Eset\nod32kui.exe” /WAITSERVICE
O4 - HKLM\..\Run: “C:\Program Files\DivX\DivX Update\DivXUpdate.exe” /CHECKNOW
O4 - HKLM\..\Run: Skytel.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: “C:\Users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe” /c
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\Run: rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-18\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User ‘SYSTEEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User ‘Default user’)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/nl-NL/wlscctrl2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
–
End of file - 7346 bytes
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Databaseversie: 4793
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943
11-10-2010 14:49:22
mbam-log-2010-10-11 (14-49-22).txt
Scantype: Snelle scan
Objecten gescand: 139432
Verstreken tijd: 5 minuut/minuten, 43 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
fazantje

11-10-2010 18:48

Hoi LG,
Je zei dat MBAM veel had verwijderd, waar heb je dat logje:S
Ik neem aan dat NOD32 jou scanner is, maar wat heb je nog van Norton:S
Als je deze niet (meer) gebruikt, verwijder deze dan alsnog.
Ik houd er in de fix al rekening mee dat je norton eerst gaat verwijderen.
Start HijackThis en klik op “Do a scan only” en vink de volgende regels aan:
O2 - BHO: Freecause Shopping BHO - {53498FE9-5B64-48BE-995B-51BD0585BE6D} - C:\Program Files\Shop to Win 5\ShoppingBHO.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
Sluit alle vensters, behalve HijackThis en klik op fix checked.
Start je computer opnieuw op, plaats een nieuw HijackThis logje en vertel hoe het met de problemen zijn.
Succes,
Huib:)
lg

11-10-2010 21:09

Het is niet mijn laptop maar ik heb eerst norton verwijderd.
Plus het logje zoals gevraagd.
Het andere gedeelte zal ik morgen doen reeds bedankt.
LG
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Databaseversie: 4793
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943
11-10-2010 11:14:09
mbam-log-2010-10-11 (11-14-09).txt
Scantype: Volledige scan (C:\|D:\|)
Objecten gescand: 261775
Verstreken tijd: 52 minuut/minuten, 17 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 2
Registerwaarden geïnfecteerd: 2
Registerdata geïnfecteerd: 1
Mappen geïnfecteerd: 4
Bestanden geïnfecteerd: 547
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\flv direct player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Worm.AutoRun) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully.
Registerdata geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (C:\RECYCLER\S-1-5-21-1413282201-9594829829-705835238-3765\yv8g67.exe,explorer.exe,C:\Users\Laptop\AppData\Roaming\ufxw.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.
Mappen geïnfecteerd:
C:\Program Files\FLV Direct Player (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
Bestanden geïnfecteerd:
C:\Program Files\FLV Direct Player\FLVPlayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\uninstall.exe (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1413282201-9594829829-705835238-3765\yv8g67.exe (Worm.Autorun.B) -> Delete on reboot.
C:\Users\Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H96WJFIX\bgtvrwc.exe (Trojan.Refroso) -> Delete on reboot.
C:\Users\Laptop\AppData\Local\Temp\004.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\010.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\013.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\014.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\015.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\017.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\018.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\019.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\021.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\024.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\026.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\028.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\029.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\030.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\031.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\041.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\042.exe (VirTool.CeeInject) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\043.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\044.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\046.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\048.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\052.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\053.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\055.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\056.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\063.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\064.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\067.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\068.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\070.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\071.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\072.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\179.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\216.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\246.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\304.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\358.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\438.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\489.exe (BackDoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\547.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\591.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\643.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\684.exe (Trojan.Refroso) -> Delete on reboot.
C:\Users\Laptop\AppData\Local\Temp\761.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\825.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\877.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\968.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\491.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\492.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\494.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\497.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\498.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\499.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\502.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\503.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\504.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\505.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\508.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\513.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\514.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\515.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\519.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\520.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\521.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\523.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\524.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\525.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\526.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\527.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\529.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\533.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\536.exe (Trojan.Lethic) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\539.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\542.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\543.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\545.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\546.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\121.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\122.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\124.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\125.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\128.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\130.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\134.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\135.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\136.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\137.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\138.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\139.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\140.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\145.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\149.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\150.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\152.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\155.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\158.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\160.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\161.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\162.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\165.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\167.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\168.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\173.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\176.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\247.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\248.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\249.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\250.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\251.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\252.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\255.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\257.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\264.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\265.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\267.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\270.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\271.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\273.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\274.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\276.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\280.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\283.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\285.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\290.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\291.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\293.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\294.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\295.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\297.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\301.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\302.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\687.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\692.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\695.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\696.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\697.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\699.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\700.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\701.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\703.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\705.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\706.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\709.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\711.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\712.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\713.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\718.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\720.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\724.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\360.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\361.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\364.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\365.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\367.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\368.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\372.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\373.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\374.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\375.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\376.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\377.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\382.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\383.exe (VirTool.CeeInject) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\384.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\387.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\388.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\389.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\390.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\826.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\828.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\831.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\837.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\841.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\842.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\843.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\845.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\846.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\847.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\849.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\850.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\853.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\854.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\855.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\857.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\861.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\863.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\865.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\867.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\872.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\874.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\875.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\876.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\934.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\935.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\936.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\939.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\940.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\941.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\945.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\946.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\947.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\949.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\951.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\952.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\953.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\954.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\959.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\964.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\967.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\598.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\604.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\605.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\606.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\608.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\609.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\610.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\611.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\612.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\614.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\615.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\616.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\618.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\619.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\622.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\624.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\625.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\627.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\628.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\631.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\636.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\639.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\641.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\642.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\768.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\770.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\771.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\773.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\774.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\777.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\778.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\779.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\780.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\781.exe (VirTool.CeeInject) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\783.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\784.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\785.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\787.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\788.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\790.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\792.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\183.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\187.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\188.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\190.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\191.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\192.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\193.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\194.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\196.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\200.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\203.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\206.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\207.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\208.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\209.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\210.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\213.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\215.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\305.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\307.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\309.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\311.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\312.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\313.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\314.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\316.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\317.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\319.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\320.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\324.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\325.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\329.exe (VirTool.CeeInject) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\332.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\337.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\341.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\342.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\345.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\348.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\349.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\353.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\354.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\441.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\445.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\447.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\448.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\449.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\451.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\452.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\453.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\454.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\457.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\459.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\460.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\462.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\466.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\468.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\469.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\474.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\475.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\477.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\478.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\479.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\480.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\481.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\485.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\486.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\075.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\077.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\079.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\080.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\081.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\084.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\086.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\090.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\092.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\095.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\096.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\099.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\102.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\103.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\104.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\105.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\109.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\110.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\113.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\114.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\117.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\549.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\550.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\551.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\553.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\555.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\558.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\560.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\562.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\563.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\565.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\566.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\572.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\573.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\574.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\577.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\578.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\580.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\581.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\582.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\588.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\590.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\878.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\886.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\887.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\888.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\891.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\899.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\900.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\901.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\903.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\904.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\906.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\910.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\912.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\914.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\916.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\917.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\919.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\920.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\925.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\926.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\927.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\928.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\929.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\930.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\645.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\647.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\649.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\650.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\652.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\653.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\656.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\657.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\659.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\661.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\665.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\666.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\667.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\668.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\670.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\671.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\672.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\675.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\676.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\677.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\679.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\683.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\391.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\392.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\396.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\397.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\401.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\402.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\407.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\408.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\412.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\413.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\414.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\417.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\420.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\421.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\424.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\429.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\430.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\431.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\437.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\969.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\970.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\973.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\977.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\978.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\980.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\981.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\982.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\983.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\984.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\985.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\986.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\987.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\988.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\990.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\991.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\992.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\993.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\994.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\995.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\998.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\218.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\219.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\221.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\222.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\223.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\225.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\229.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\233.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\237.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\239.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\241.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\242.exe (BackDoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\243.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\244.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\245.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\794.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\796.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\798.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\799.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\800.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\801.exe (Trojan.Lethic) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\802.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\805.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\806.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\807.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\808.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\811.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\813.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\814.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\817.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\819.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\820.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\821.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\729.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\730.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\731.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\734.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\736.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\740.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\741.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\743.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\744.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\745.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\748.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\749.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\750.exe (Trojan.DDox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\751.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\753.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\754.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\756.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\758.exe (Trojan.Ddox) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Local\Temp\760.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2idss1d.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2qkaa9a.exe (Trojan.Lethic) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\5f6ppk2.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a28av1qkkfv.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\av1qkkfv.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dxn5i1xsi.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\etoezoee.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\faqqkkv4f2.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ffaq0kfv.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iidttnd9yyt.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jeezpeuu1e.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kaavkkfv.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kfaa6upuau.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kkupfupkkf.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ni0dyyt1ni.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\niic2sncc1n.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pf9a0vq0k0f.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pkkfvv1ffa.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ql1gaavl98g.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qqlgg6av.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\v1qkkfvfv.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vpp6aavk.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vq0k0faavk7.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vq0k0fq9a.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vqf9a0vq0.exe (Trojan.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vvq1qkkf.exe (BackDoor.Refroso) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vvqqk2av.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vvqqlbbvl9.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xh1smmsm.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ytt6eey2.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\yysiid1ys.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zz1toee1o0.exe (Trojan.Refroso.Gen) -> Quarantined and deleted successfully.
C:\Users\Laptop\Downloads\FLVPro (1).exe (Adware.MediaPass) -> Quarantined and deleted successfully.
C:\Users\Laptop\Downloads\FLVPro.exe (Adware.MediaPass) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\player.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Button.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysCloseButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMaxButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMinButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Window.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\Uninstall FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\Users\Public\Desktop\FLV Direct Player.lnk (Adware.BHO.FL) -> Quarantined and deleted successfully.
lg

12-10-2010 14:01

Zoals gevraagd
O2 - BHO: Freecause Shopping BHO - {53498FE9-5B64-48BE-995B-51BD0585BE6D} - C:\Program Files\Shop to Win 5\ShoppingBHO.dll
Bovenstaande regel was reeds verdwenen.
Laptop is sneller geworden, inetrnet is nog wat traag.
MvG,
LG
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:57:22, on 12-10-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\ASScrPro.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnederland.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\Power2Go” UpdateWithCreateOnce “SOFTWARE\CyberLink\Power2Go\6.0”
O4 - HKLM\..\Run: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: “C:\Program Files\ATK Hotkey\HcontrolUser.exe”
O4 - HKLM\..\Run: “C:\Program Files\ATKOSD2\ATKOSD2.exe”
O4 - HKLM\..\Run: RtHDVCpl.exe
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: “C:\Program Files\Eset\nod32kui.exe” /WAITSERVICE
O4 - HKLM\..\Run: “C:\Program Files\DivX\DivX Update\DivXUpdate.exe” /CHECKNOW
O4 - HKLM\..\Run: Skytel.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: “C:\Users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe” /c
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\Run: rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-18\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User ‘SYSTEEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User ‘Default user’)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/nl-NL/wlscctrl2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
–
End of file - 6750 bytes
fazantje

12-10-2010 20:11

Hoi LG,
Laat combofix eens draaien.
Download Combofix naar je Bureaublad.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
Dubbelklik op Combofix.exe om het te starten.
Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
Klik op OK in het “NirCmd” venstertje.
Klik na afloop terug op Ja om het scannen op malware te starten.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.
Post het logje van ComboFix samen met een nieuw HijackThis logje, en vertel hoe het met jou probleem is.
Deze scan kan een poosje duren, dus denk niet van hij zit vast.
Succes,
Huib;)
lg

13-10-2010 14:16

Zoals gevraagd beide logfiles.
Nod32 kwam nog verdachte bestanden tegen.
Ik zal nog een keer scannen met onecare voor Vista
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:09:13, on 13-10-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\ASScrPro.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnederland.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\Power2Go” UpdateWithCreateOnce “SOFTWARE\CyberLink\Power2Go\6.0”
O4 - HKLM\..\Run: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: “C:\Program Files\ATK Hotkey\HcontrolUser.exe”
O4 - HKLM\..\Run: “C:\Program Files\ATKOSD2\ATKOSD2.exe”
O4 - HKLM\..\Run: RtHDVCpl.exe
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: “C:\Program Files\Eset\nod32kui.exe” /WAITSERVICE
O4 - HKLM\..\Run: “C:\Program Files\DivX\DivX Update\DivXUpdate.exe” /CHECKNOW
O4 - HKLM\..\Run: Skytel.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: “C:\Users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe” /c
O4 - HKUS\S-1-5-18\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User ‘SYSTEEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User ‘Default user’)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/nl-NL/wlscctrl2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-nl.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
–
End of file - 6316 bytes
omboFix 10-10-12.03 - Laptop 13-10-2010 13:55:16.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3071.2196
Gestart vanuit: c:\users\Laptop\Desktop\ComboFix.exe
AV: ESET NOD32 antivirus systeem 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Aanwezig AV is actief
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-09-13 to 2010-10-13 ))))))))))))))))))))))))))))))
.
2010-10-13 12:02 . 2010-10-13 12:02 ——– d—–w- c:\users\Default\AppData\Local\temp
2010-10-12 16:28 . 2010-10-12 16:28 ——– d—–w- c:\program files\Windows Portable Devices
2010-10-12 12:18 . 2009-09-10 02:01 3023360 —-a-w- c:\windows\system32\UIRibbon.dll
2010-10-12 12:18 . 2009-09-10 02:00 1164800 —-a-w- c:\windows\system32\UIRibbonRes.dll
2010-10-12 12:18 . 2009-09-10 02:00 92672 —-a-w- c:\windows\system32\UIAnimation.dll
2010-10-12 12:16 . 2009-10-08 21:08 555520 —-a-w- c:\windows\system32\UIAutomationCore.dll
2010-10-12 12:16 . 2009-10-08 21:08 234496 —-a-w- c:\windows\system32\oleacc.dll
2010-10-12 12:16 . 2009-10-08 21:07 4096 —-a-w- c:\windows\system32\oleaccrc.dll
2010-10-12 12:03 . 2010-09-09 22:52 6084944 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2942375D-039B-4E20-B1CE-6E5D34D1224B}\mpengine.dll
2010-10-11 13:30 . 2010-10-11 13:30 388096 —-a-r- c:\users\Laptop\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-10-11 13:30 . 2010-10-11 13:30 ——– d—–w- c:\program files\Trend Micro
2010-10-11 09:34 . 2010-10-11 09:39 ——– d—–w- c:\program files\Windows Live Safety Center
2010-10-11 08:18 . 2010-04-29 13:39 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-11 08:18 . 2010-10-11 08:18 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
2010-10-11 08:18 . 2010-04-29 13:39 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
2010-10-11 08:03 . 2010-10-11 08:03 ——– d—–w- c:\program files\Common Files\Java
2010-10-11 08:02 . 2010-10-11 08:01 423656 —-a-w- c:\windows\system32\deployJava1.dll
2010-10-11 08:01 . 2010-10-11 08:01 ——– d—–w- c:\program files\Java
2010-10-11 07:33 . 2010-10-11 07:34 ——– d—–w- c:\windows\system32\ca-ES
2010-10-11 07:33 . 2010-10-11 07:34 ——– d—–w- c:\windows\system32\eu-ES
2010-10-11 07:33 . 2010-10-11 07:33 ——– d—–w- c:\windows\system32\vi-VN
2010-10-11 07:14 . 2010-03-05 14:01 420352 —-a-w- c:\windows\system32\vbscript.dll
2010-10-11 07:13 . 2010-08-26 04:23 13312 —-a-w- c:\program files\Internet Explorer\iecompat.dll
2010-10-11 07:07 . 2010-10-11 07:07 ——– d—–w- c:\windows\system32\EventProviders
2010-10-02 11:30 . 2010-06-22 13:30 2048 —-a-w- c:\windows\system32\tzres.dll
2010-09-23 12:39 . 2010-04-16 16:46 502272 —-a-w- c:\windows\system32\usp10.dll
2010-09-23 12:39 . 2010-08-17 14:11 128000 —-a-w- c:\windows\system32\spoolsv.exe
2010-09-23 12:39 . 2010-04-05 17:02 317952 —-a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-23 12:39 . 2010-08-17 10:52 2409784 —-a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-09-23 12:39 . 2010-05-27 20:08 739328 —-a-w- c:\windows\system32\inetcomm.dll
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
@=“{A8D448F4-0431-45AC-9F5E-E1B434AB2249}”
2007-06-02 01:08 143360 —-a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe”
“msnmsgr”=“c:\program files\Windows Live\Messenger\msnmsgr.exe”
“WMPNSCFG”=“c:\program files\Windows Media Player\WMPNSCFG.exe”
“ehTray.exe”=“c:\windows\ehome\ehTray.exe”
“Google Update”=“c:\users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe”
“Windows Defender”=“c:\program files\Windows Defender\MSASCui.exe”
“P2Go_Menu”=“c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe”
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll”
“HControlUser”=“c:\program files\ATK Hotkey\HcontrolUser.exe”
“ATKOSD2”=“c:\program files\ATKOSD2\ATKOSD2.exe”
“RtHDVCpl”=“RtHDVCpl.exe”
“SynTPEnh”=“c:\program files\Synaptics\SynTP\SynTPEnh.exe”
“ATKMEDIA”=“c:\program files\ASUS\ATK Media\DMedia.exe”
“ASUS Camera ScreenSaver”=“c:\windows\AsScrProlog.exe”
“ASUS Screen Saver Protector”=“c:\windows\ASScrPro.exe”
“nod32kui”=“c:\program files\Eset\nod32kui.exe”
“DivXUpdate”=“c:\program files\DivX\DivX Update\DivXUpdate.exe”
“Skytel”=“Skytel.exe”
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe”
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe”
“EnableUIADesktopToggle”= 0 (0x0)
@=“Service”
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
2008-01-11 20:16 39792 —-a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
2007-07-14 01:25 741376 —-a-w- c:\program files\ChkMail\ChkMail\ChkMail.exe
2008-07-19 03:52 104936 —-a-w- c:\program files\CyberLink\Power2Go\CLMLSvc.exe
2008-06-26 05:58 92704 —-a-w- c:\windows\System32\nvmctray.dll
“DisableMonitoring”=dword:00000001
“DisableMonitoring”=dword:00000001
“DisableMonitoring”=dword:00000001
R3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNt.sys
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des
R4 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys
S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
2008-06-09 18:14 451872 —-a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de ‘Gedeelde Taken’ map
2010-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe
2010-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe
2010-10-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646155060-1335964700-4284219822-1000Core.job
- c:\users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe
2010-10-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2646155060-1335964700-4284219822-1000UA.job
- c:\users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.startnederland.nl/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki…
LSP: c:\windows\system32\imon.dll
.
“ImagePath”=“c:\windows\system32\GameMon.des -service”
.
——————— DLLs Geladen Onder Lopende Processen ———————
- - - - - - - > ‘Explorer.exe’(3756)
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
Voltooingstijd: 2010-10-13 14:04:22
ComboFix-quarantined-files.txt 2010-10-13 12:04
Pre-Run: 111.824.928.768 bytes beschikbaar
Post-Run: 116.804.804.608 bytes beschikbaar
- - End Of File - - F9C6664527C7DF6E44A7A069AA825023
lg

13-10-2010 18:36

onecare voor Vista heeft geen problemen meer gevonden
fazantje

13-10-2010 22:34

Hoi LG,
Ik zie zo geen bijzonderheden in combo.
Om combo te verwijderen, doe het volgende:
Ga naar Start - Uitvoeren en kopïeer het volgende er in:
Combofix /Uninstall
Klik daarna op OK.
Het HijackThis logje ziet er ook goed uit.
Laat Ccleaner en clean up draaien, start je computer opnieuw op en vertel hoe het nu gaat.
Groetjes Huib;)
lg

14-10-2010 14:47

Op dit moment draait alles naar behoren.
CCleaner gebruik ik één maal pe week.
Clean Up laten draaien geen bijzonderheden.
Combofix is verwijderd.
Bedankt voor de goede raad
MvG,
LG
fazantje

14-10-2010 18:36

Graag gedaan.
Groetjes Huib;)

Virus + trage laptop

lg

fazantje

lg

lg

fazantje

lg

lg

fazantje

lg

fazantje