Problemen keylogger

Jaq

17-05-2014 12:44

Hoi,
Kom van pc help Forum, daar zeiden ze dat mijn pc al in orde is na malware bytes en combo fix maar dat is dus nog niet zo helaas:(
Chrome en Explorer heb ik moeten verwijderen omdat ze niks meer deden, bij het opstarten zijn er vrijwel iedere keer problemen met updates..
Bij deze de logjes,
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Scan Date: 15-5-2014
Scan Time: 21:52:37
Logfile: PC help 1.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.05.15.14
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: User
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340918
Time Elapsed: 28 min, 24 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
Refog.Keylogger, C:\Windows\System32\MPK\MPK.exe, 548, Delete-on-Reboot,
Modules: 12
Refog.Keylogger, C:\Windows\System32\MPK\Mpk.dll, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\Mpk.dll, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\Mpk.dll, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\Mpk.dll, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\Mpk.dll, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\Mpk.dll, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\Mpk.dll, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\Mpk.dll, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\Mpk.dll, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\Mpk.dll, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\Mpk.dll, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\sqlite3.dll, Delete-on-Reboot, ,
Registry Keys: 5
Refog.Keylogger, HKLM\SOFTWARE\Refog Software, Quarantined, ,
PUP.Optional.Complitly.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dlfienamagdnkekbbbocojppncdambda, Quarantined, ,
PUP.Optional.Complitly.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dlfienamagdnkekbbbocojppncdambda, Quarantined, ,
Adware.QWO, HKU\S-1-5-21-1645957192-1769033386-1595641286-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\qword.com, Quarantined, ,
PUP.Optional.Softonic.A, HKU\S-1-5-21-1645957192-1769033386-1595641286-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, ,
Registry Values: 1
Adware.QWO, HKU\S-1-5-21-1645957192-1769033386-1595641286-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\NEW WINDOWS\ALLOW|www.qword.com, Quarantined, ,
Registry Data: 4
Refog.Keylogger, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, c:\windows\system32\userinit.exe,C:\Windows\system32\MPK\Mpk.exe, Good: (), Bad: (C:\Windows\system32\MPK\Mpk.exe),Replaced,
Refog.Keylogger, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, c:\windows\system32\userinit.exe,C:\Windows\system32\MPK\Mpk.exe, Good: (Userinit.exe), Bad: (c:\windows\system32\userinit.exe,C:\Windows\system32\MPK\Mpk.exe),Replaced,
Hijack.Homepage, HKU\S-1-5-21-1645957192-1769033386-1595641286-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.qword.com/?s=1, Good: (http://www.Google.com/), Bad: (http://www.qword.com/?s=1),Replaced,
Hijack.Homepage, HKU\S-1-5-21-1645957192-1769033386-1595641286-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.qword.com/?s=1, Good: (http://www.Google.com/), Bad: (http://www.qword.com/?s=1),Replaced,
Folders: 13
Refog.Keylogger, C:\ProgramData\MPK, Delete-on-Reboot, ,
Refog.Keylogger, C:\ProgramData\MPK\1, Delete-on-Reboot, ,
Refog.Keylogger, C:\ProgramData\MPK\2, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\CPDA, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\CPDM, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\REFOG Keylogger, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\Help, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\Help\English, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\Help\German, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\Help\Spanish, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\Images, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\Lang, Quarantined, ,
Files: 618
PUP.Optional.Softonic.A, C:\Users\User\Downloads\SoftonicDownloader_for_kgb-spy-software.exe, Quarantined, ,
PUP.Optional.Softonic.A, C:\Users\User\Downloads\SoftonicDownloader_voor_file-download-activex.exe, Quarantined, ,
PUP.Optional.Softonic.A, C:\Users\User\Downloads\SoftonicDownloader_voor_internet-explorer-9.exe, Quarantined, ,
PUP.Optional.Softonic.A, C:\Users\User\Downloads\SoftonicDownloader_voor_revealer-keylogger.exe, Quarantined, ,
PUP.Optional.Conduit.A, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqrehnml.default\searchplugins\conduit-search.xml, Quarantined, ,
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot.exe, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\M0000, Delete-on-Reboot, ,
Refog.Keylogger, C:\ProgramData\MPK\S0000, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5345207639, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\D0000, Delete-on-Reboot, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_5737444907, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_5772167593, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8355159722, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8389873495, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8424596412, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8459319213, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8494042824, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8528765046, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8563488079, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8598210764, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8641879398, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8667656481, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8702379282, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8737102662, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8771825116, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8806548843, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41770_9241105903, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1076565046, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1146008796, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1180731366, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1217939583, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1250177662, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1284903241, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1358166088, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1392886574, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1427611690, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1462332755, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1497055324, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41765_9141525810, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_5702721875, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_8914370602, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1531777894, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4471012731, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5063714583, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5687112384, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6614886458, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7329883912, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7942857523, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8533146181, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_9839348727, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0325468981, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0985203935, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1566501968, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1601224653, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1635946759, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1670669444, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1705392824, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1740115278, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_1774838426, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4158507292, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4193229745, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4227952546, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4262674884, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4297398843, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4332132407, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4366843981, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4401566782, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4436289931, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4505735764, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4540468171, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4575181481, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4609904167, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4644627199, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4679350231, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4714113889, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4748795255, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4783519792, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4818241088, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4852963889, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4887687268, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4922410185, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4957132407, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_4991855556, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5026578241, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5096023495, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5130747454, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5165485532, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5200192824, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5234915278, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5304421875, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5339085532, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5373871991, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5408617477, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5443252199, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5477975694, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5512698032, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5547420718, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5582191667, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5616950926, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5651646644, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41767_8931723264, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41767_9001168981, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_1520291667, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_1555015046, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_4724595602, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_4759318750, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_5473900810, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_5508623611, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_5543380440, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_5598555324, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_5633276505, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_5636918519, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_5643452083, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41769_5667999074, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5721035648, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5755760185, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5790481944, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5825205093, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5859927315, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5894651157, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5929373958, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_5964143750, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6011056944, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6033541204, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6068263657, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6102987616, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6441273380, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6475994792, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6510717361, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6610894329, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6649609722, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6684331829, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6719055440, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6753778009, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6788500810, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6857946181, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6892668981, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6927392361, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_6962115046, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7052100810, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7086824421, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7121546759, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7156269792, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7190992593, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7260438542, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7295161343, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7364607060, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7399339931, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7435384028, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7468784028, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7503507407, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7538230324, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7572953241, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7607676042, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7642398843, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7677121759, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7714229167, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7746567940, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7781290278, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7816012616, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7874131019, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7908134606, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_7977580324, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8012303588, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8047026852, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8081748495, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8116471991, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8151194792, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8185917361, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8220640393, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8255362616, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8290085417, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8324808912, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8359531597, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8394254514, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8428977315, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8463700347, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8498423264, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8567868866, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8602591782, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8637314583, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8672037500, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8706760301, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8741483218, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8776206019, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_8810928935, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_9069967014, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_9104689815, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_9139412153, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_9174134954, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_9208857523, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_9278303704, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_9313026505, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_9347749421, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_9874072454, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_9908794907, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_9943517130, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41771_9978239931, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0012963310, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0047686227, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0082409028, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0119586458, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0151855208, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0186577662, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0221461343, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0256023264, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0290746759, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0360191435, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0394914236, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0429638079, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0499082870, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0533805671, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0568529167, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0603252315, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0637974769, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0672698032, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0707420602, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0742143403, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0776865741, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0811589120, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0846312037, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0881034722, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_0915966898, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_1019925694, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_1054649074, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_1089371528, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_1124095255, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_1158820139, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_1193540856, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_4531626852, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_4566342477, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5067419560, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5102142477, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5136874306, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5171588542, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5206312037, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5241045486, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5275758333, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5310481019, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5379925694, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5414648495, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5449425000, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5484094560, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5518817593, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5553629861, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5588262500, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5622989815, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5657709028, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5692432407, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5727154051, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5761876736, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5796601273, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5831323148, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5866470255, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5900768403, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5970214468, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_6004937153, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_6177026157, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_6211748958, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_6246471875, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_6281194676, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_6315917824, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_6350640741, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_7935473843, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_7967072685, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8001794792, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8140686227, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8162574421, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8170526273, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8175410069, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8210132639, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8279577662, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8314305671, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8349051852, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8383746875, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8418470023, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8453193171, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8487915509, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8522645370, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8557370718, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8592083912, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8626806713, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8661529051, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8696254167, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8730975810, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8765698148, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8800421181, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8869868634, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8904589236, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8939312153, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8974245833, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9008758333, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9043480671, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9112926736, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9147650231, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9217095833, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9251817824, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9286541782, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9321263542, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9355986806, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9390709375, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9425432986, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9460155787, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9529601968, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9564340856, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9599051157, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9633769792, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9668492477, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9703215509, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9737938079, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9772661690, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9807388194, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9842107176, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9876830208, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_0078184491, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_0112907176, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_1321006944, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_1435443981, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_1470166667, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4481889468, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4516610532, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4551332986, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4586056366, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4620807523, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4655502083, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4690224537, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4724951505, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4759670486, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4794393171, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4829128704, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4863839236, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4898561690, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4968007292, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5106898958, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5141622685, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5176344560, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5211068056, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5245800231, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5280513889, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5315236111, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5349959606, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5384681713, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5419404630, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5454129051, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5488851736, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5523574306, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5558296991, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5593019792, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5662465278, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5697187847, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5731910532, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5766633333, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5866608796, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5901331944, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5936054630, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5970777315, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_6005500116, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_6868691898, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_6903416088, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_6938138079, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7856103125, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7856238773, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7856376620, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7856608912, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7856632870, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7856638194, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7856643403, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_5935491435, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8244861343, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_8835144329, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41772_9494878704, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_1286288889, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_4933285532, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_5627742593, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7856648727, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_8693118634, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_4552799306, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_5674250347, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6702838773, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7382240393, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8007251968, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8724252083, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7856653935, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7856659259, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7869855324, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7904578819, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7939301157, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_7974023958, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_8008746991, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_8043470486, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_8078192593, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_8450059028, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_8484781713, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_8519504398, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_8554226736, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_8588950116, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_8623672454, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_8658395370, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_8727841319, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41773_8762564352, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_0102256597, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_0103493403, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_0149267014, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_0183989931, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_1607982176, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_1642706250, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_3555150810, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_3589874074, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_3659320023, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_3694042824, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_4518076505, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_4714757176, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_4749479514, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_4784203241, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_4818925694, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_4853648958, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_4888371991, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_4923094444, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_4957817130, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_5277950926, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_5312674074, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_5347405324, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_5382119676, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_5535359375, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_5570082292, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_5604812269, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_5639527662, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41765_9106803356, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_5743696875, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_5778419560, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_5813142130, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_5847864931, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6188486227, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6223207060, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6257929630, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6292654167, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6327375926, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6362107639, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6396842361, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6431543981, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6466273032, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6598669213, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6633392593, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6668140856, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6737561343, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6772283912, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6807008565, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6841732407, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6876452893, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_6911175347, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7002304398, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7035012616, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7069734606, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7104457870, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7139180556, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7208626042, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7243349074, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7278071759, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7312800926, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7347517361, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7416962963, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7451687153, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7486412616, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7521131944, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7555855440, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7590577431, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7625381019, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7660023727, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7694746412, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7729469329, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7764191667, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7798915394, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7833646528, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7868360648, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7937861574, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_7972529167, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8041974653, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8076697454, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8111420255, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8146160764, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8180866435, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8215588889, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8250442940, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8285034838, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8319757755, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8354480903, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8481191319, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8516178125, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8550637963, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8585360648, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8654806482, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8689529282, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\S0000, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8759304167, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8793698148, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8828421065, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8863143056, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8897866435, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8932589352, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_8967312037, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_9002035301, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_9036757176, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\1\I41774_9071480093, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\2\D0000, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\2\S0000, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\REFOG Keylogger\Order now!.lnk, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\REFOG Keylogger\REFOG Keylogger on the Web.lnk, Quarantined, ,
Refog.Keylogger, C:\ProgramData\MPK\REFOG Keylogger\REFOG Keylogger.lnk, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\cinfo.bin, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\gaid.bin, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\icon_1.ico, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\key.bin, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\libeay32.dll, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\lnkmst.exe, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\lsynchost.exe, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\Mpk.dll, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\MPK.exe, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\Mpk64.dll, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\MpkHCA.dll, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\MpkHCQ12.dll, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\MPKInst.exe, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\MpkL64.exe, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\MPKView.exe, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\ogg.dll, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\sqlite3.dll, Delete-on-Reboot, ,
Refog.Keylogger, C:\Windows\System32\MPK\ssleay32.dll, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\trial_standart.ini, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\unins000.dat, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\unins000.exe, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\unins000.msg, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\Vorbis.dll, Quarantined, ,
Refog.Keylogger, C:\Windows\System32\MPK\vorbisenc.dll, Qua
Jaq

17-05-2014 12:45

En combo fix,
ComboFix 14-05-16.01 - User 16-05-2014 18:10:31.8.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.1791.942
Gestart vanuit: c:\users\User\Downloads\ComboFix.exe
AV: AVG AntiVirus 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2014-04-16 to 2014-05-16 ))))))))))))))))))))))))))))))
.
.
2014-05-16 16:19 . 2014-05-16 16:19 ——– d—–w- c:\users\Ron\AppData\Local\temp
2014-05-16 16:19 . 2014-05-16 16:19 ——– d—–w- c:\users\Public\AppData\Local\temp
2014-05-16 16:19 . 2014-05-16 16:19 ——– d—–w- c:\users\Gast\AppData\Local\temp
2014-05-16 16:19 . 2014-05-16 16:19 ——– d—–w- c:\users\Default\AppData\Local\temp
2014-05-16 13:17 . 2014-05-16 16:19 ——– d—–w- c:\users\User\AppData\Local\temp
2014-05-15 19:15 . 2014-05-15 19:22 ——– d—–w- C:\Malwarebytes Anti-Malware
2014-05-15 19:15 . 2014-04-03 07:51 51416 —-a-w- c:\windows\system32\drivers\mwac.sys
2014-05-15 19:15 . 2014-04-03 07:51 73432 —-a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-15 19:15 . 2014-04-03 07:50 23256 —-a-w- c:\windows\system32\drivers\mbam.sys
2014-05-15 13:58 . 2014-05-15 13:58 ——– d—–w- c:\windows\system32\Adobe
2014-05-13 19:35 . 2014-05-13 19:35 17938608 —-a-w- c:\windows\system32\FlashPlayerInstaller.exe
2014-05-12 21:43 . 2014-05-16 01:25 ——– d—–w- c:\programdata\AVG Security Toolbar
2014-05-12 21:42 . 2014-05-15 21:46 ——– d—–w- c:\program files\AVG SafeGuard toolbar
2014-05-12 17:12 . 2014-05-12 17:12 ——– d—–w- c:\program files\Common Files\Java
2014-05-12 17:11 . 2014-05-12 17:11 94632 —-a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-05-12 01:40 . 2014-05-12 17:12 ——– d—–w- c:\programdata\Oracle
2014-05-12 01:32 . 2014-05-12 01:32 ——– d—–w- C:\Versalsoft
2014-05-12 01:32 . 2014-05-12 01:32 ——– d—–w- c:\program files\Versalsoft
2014-05-12 01:32 . 2014-05-12 01:32 ——– d—–w- c:\program files\Universal
2014-05-11 16:24 . 2014-05-11 16:24 ——– d—–w- c:\users\User\AppData\Roaming\AVG2014
2014-05-11 16:22 . 2014-05-16 15:52 ——– d—–w- c:\programdata\AVG2014
2014-05-11 16:22 . 2014-05-11 16:22 ——– d—–w- C:\$AVG
2014-05-11 16:22 . 2014-05-11 16:22 ——– d—–w- c:\program files\AVG
2014-05-11 16:21 . 2014-05-16 15:49 ——– d—–w- c:\users\User\AppData\Local\Avg2014
2014-05-11 16:21 . 2014-05-11 16:21 ——– d—–w- c:\users\User\AppData\Local\MFAData
2014-05-10 18:56 . 2014-05-10 18:56 ——– d—–w- c:\users\User\Nieuwe map
2014-05-10 18:44 . 2014-05-12 13:22 ——– d—–w- c:\program files\KidLogger
2014-05-09 10:44 . 2014-04-17 03:32 8050496 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DF7A0803-9987-4175-A319-05275376B07D}\mpengine.dll
2014-05-06 18:05 . 2014-02-14 11:38 168784 —-a-w- c:\windows\system32\inspect.exe
2014-05-06 17:57 . 2014-05-06 18:21 ——– d—–w- c:\users\User\AppData\Roaming\systweak
2014-05-03 23:04 . 2014-04-29 14:14 2724864 —-a-w- c:\windows\system32\mshtml.tlb
2014-05-03 17:28 . 2014-04-11 08:39 89856 —-a-w- c:\windows\system32\drivers\ssudbus.sys
2014-05-03 17:28 . 2014-04-11 08:39 184192 —-a-w- c:\windows\system32\drivers\ssudmdm.sys
2014-05-03 17:20 . 2014-05-12 13:23 ——– d—–w- c:\program files\MarkAny
2014-05-03 17:19 . 2014-05-12 11:55 ——– d—–w- c:\users\User\AppData\Local\Samsung
2014-05-03 17:19 . 2014-05-12 11:55 ——– d—–w- c:\users\User\AppData\Roaming\Samsung
2014-05-03 17:17 . 2014-05-03 17:17 ——– d—–w- c:\program files\MyFree Codec
2014-05-03 17:16 . 2014-01-23 16:23 144664 —-a-w- c:\windows\system32\secman.dll
2014-05-03 17:16 . 2014-01-23 16:23 4659712 —-a-w- c:\windows\system32\Redemption.dll
2014-05-03 17:16 . 2014-01-23 16:31 821824 —-a-w- c:\windows\system32\dgderapi.dll
2014-05-03 17:15 . 2014-05-12 11:55 ——– d—–w- c:\program files\Samsung
2014-05-03 17:15 . 2014-05-12 11:55 ——– d—–w- c:\programdata\Samsung
2014-05-03 17:15 . 2014-05-03 17:15 ——– d—–w- c:\users\User\AppData\Local\Downloaded Installations
2014-04-20 23:14 . 2014-04-20 23:14 ——– d—–w- c:\users\User\AppData\Roaming\RealHideIP
2014-04-20 23:14 . 2014-04-20 23:14 ——– d—–w- c:\programdata\RealHideIP
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-16 12:18 . 2014-01-07 03:28 107736 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2014-05-15 15:37 . 2012-04-13 23:19 70832 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-15 15:37 . 2012-04-13 23:19 692400 —-a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-31 20:46 . 2014-03-31 20:46 130712 —-a-w- c:\windows\system32\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46 1070232 —-a-w- c:\windows\system32\MSCOMCTL.OCX
2014-03-31 14:11 . 2014-03-31 14:11 211224 —-a-w- c:\windows\system32\drivers\avgtdix.sys
2014-03-31 07:35 . 2010-12-29 14:24 231584 ——w- c:\windows\system32\MpSigStub.exe
2014-03-27 20:04 . 2014-03-27 20:04 150296 —-a-w- c:\windows\system32\drivers\avgidshx.sys
2014-03-27 20:04 . 2014-03-27 20:04 238872 —-a-w- c:\windows\system32\drivers\avglogx.sys
2014-03-11 20:07 . 2014-03-11 20:07 4550656 —-a-w- c:\windows\system32\GPhotos.scr
2014-03-01 04:10 . 2014-03-15 17:24 4096 —-a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-01 03:52 . 2014-03-15 17:24 61952 —-a-w- c:\windows\system32\iesetup.dll
2014-03-01 03:51 . 2014-03-15 17:24 51200 —-a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-01 03:38 . 2014-03-15 17:24 112128 —-a-w- c:\windows\system32\ieUnatt.exe
2014-03-01 03:38 . 2014-03-15 17:24 108032 —-a-w- c:\windows\system32\ieetwcollector.exe
2014-03-01 03:37 . 2014-03-15 17:24 553472 —-a-w- c:\windows\system32\jscript9diag.dll
2014-03-01 03:31 . 2014-03-15 17:24 646144 —-a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 03:14 . 2014-03-15 17:24 4244480 —-a-w- c:\windows\system32\jscript9.dll
2014-03-01 03:00 . 2014-03-15 17:24 1964032 —-a-w- c:\windows\system32\inetcpl.cpl
2014-03-01 02:32 . 2014-03-15 17:24 1820160 —-a-w- c:\windows\system32\wininet.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
@=“{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}”
2014-04-25 08:03 579400 —-a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
@=“{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}”
2014-04-25 08:03 579400 —-a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
@=“{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}”
2014-04-25 08:03 579400 —-a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
@=“{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}”
2014-04-25 08:03 579400 —-a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
@=“{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}”
2014-04-25 08:03 579400 —-a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe”
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“AVG_UI”=“c:\program files\AVG\AVG2014\avgui.exe”
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr
.
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
“Google Update”=“c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe” /c
.
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe”
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe”
.
R2 MBAMService;MBAMService;c:\malwarebytes anti-malware\mbamservice.exe
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe
R3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr28u.sys
R3 SPUVCbv;SPUVCb;c:\windows\system32\Drivers\SPUVCbv.sys
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys
R3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe
R4 MBAMScheduler;MBAMScheduler;c:\malwarebytes anti-malware\mbamscheduler.exe
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys
S1 aswKbd;aswKbd;
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
S2 ScrKlgSvc;ScrKlgSvc;c:\program files\Max Software\Keylogger\skgsvc.exe
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys
.
.
2014-05-14 19:23 1077576 —-a-w- c:\program files\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe
.
Inhoud van de ‘Gedeelde Taken’ map
.
2014-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
.
2014-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
2014-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
2014-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645957192-1769033386-1595641286-1000Core.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe
.
2014-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645957192-1769033386-1595641286-1000UA.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe
.
2014-05-16 c:\windows\Tasks\RegCure Pro_sch_22E9EF50-C2F7-11E3-A6FB-20CF30E68F33.job
- c:\program files\ParetoLogic\RegCure Pro\RegCurePro.exe
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://mysearch.avg.com?cid={B777E820-C1DA-4F9A-A888-AE61EDBD31C9}&mid=77d0ab84e4f947d09c6ff186760266c0-b2d2d0746eea546fdf64ea41d4b8b98240ded34d&a mp;lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-12 23:43&v=18.1.5.512&pid=safeguard&sg=&sap=hp
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download by Versalsoft Internet Download - c:\program files\Versalsoft\InternetDownload\adddownload.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
LSP: c:\program files\Max Software\Keylogger\skgurl.dll
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqrehnml.default\
FF - prefs.js: browser.search.selectedEngine - Conduit Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL -
.
- - - - ORPHANS VERWIJDERD - - - -
.
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
“ImagePath”=“\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt”
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (2) (S-1-5-21-1645957192-1769033386-1595641286-1000)
@Denied: (2) (LocalSystem)
“Progid”=“Outlook.File.vcf”
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
@Denied: (Full) (Everyone)
.
——————— DLLs Geladen Onder Lopende Processen ———————
.
- - - - - - - > ‘Explorer.exe’(2340)
c:\program files\Pure Networks\Network Magic\nmrsrc.dll
.
Voltooingstijd: 2014-05-16 18:21:49
ComboFix-quarantined-files.txt 2014-05-16 16:21
ComboFix2.txt 2012-04-03 22:40
ComboFix3.txt 2012-02-20 13:53
ComboFix4.txt 2011-10-11 20:12
.
Pre-Run: 156.895.129.600 bytes beschikbaar
Post-Run: 156.843.442.176 bytes beschikbaar
.
- - End Of File - - 3A10C7BDE7D7D283B9BAE44220F6871C
A36C5E4F47E84449FF07ED3517B43A31
Ben

17-05-2014 12:48

Hallo,
Download RSIT van de onderstaande locaties en sla deze op het bureablad op.
Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.
RSIT 32 bit (RSIT.exe)
RSIT 64 bit (RSITx64.exe)
Dubbelklik op RSIT.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Vervolgens wordt de “Disclaimer of warranty” getoond, klik vervolgens op "Continue"
Wanneer de tool gereed is worden er twee kladblok bestanden genaamd Log en info geopend.
Plaats de inhoud van het log bestand in het volgende bericht.
Jaq

17-05-2014 19:19

Thanks..
Jaq

17-05-2014 22:20

Logfile of random's system information tool 1.09 (written by random/random)
Run by User at 2014-05-17 22:17:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 147 GB (73%) free of 200 GB
Total RAM: 1791 MB (26% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:18:08, on 17-5-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\User\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\User\Downloads\RSIT.exe
C:\Program Files\trend micro\User.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.avg.com?cid={B777E820-C1DA-4F9A-A888-AE61EDBD31C9}&mid=77d0ab84e4f947d09c6ff186760266c0-b2d2d0746eea546fdf64ea41d4b8b98240ded34d&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-12 23:43:39&v=18.1.5.512&pid=safeguard&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files\Versalsoft\InternetDownload\VDTB.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files\Versalsoft\InternetDownload\VDTB.dll
O4 - HKLM\..\Run: “C:\Program Files\AVG\AVG2014\avgui.exe” /TRAYONLY
O4 - HKUS\S-1-5-21-1645957192-1769033386-1595641286-1004\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-1645957192-1769033386-1595641286-1004\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download by Versalsoft Internet Download - C:\Program Files\Versalsoft\InternetDownload\adddownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: ScrKlgSvc - Unknown owner - C:\Program Files\Max Software\Keylogger\skgsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
–
End of file - 8507 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1645957192-1769033386-1595641286-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1645957192-1769033386-1595641286-1000UA.job
C:\Windows\tasks\RegCure Pro_sch_22E9EF50-C2F7-11E3-A6FB-20CF30E68F33.job
=========Mozilla firefox=========
ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqrehnml.default
prefs.js - “browser.search.useDBForOrder” - true
prefs.js - “browser.startup.homepage” - “http://www.google.com”
prefs.js - “keyword.URL” - “”
“Description”=Adobe® Flash® Player 13.0.0.214 Plugin
“Path”=C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll
“Description”=Adobe Shockwave Player
“Path”=C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll
“Description”=Canon Easy-PhotoPrint EX
“Path”=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
“Description”=Picasa3 plugin
“Path”=C:\Program Files\Google\Picasa3\npPicasa3.dll
“Description”=Java™ Deployment Toolkit
“Path”=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
“Description”=Oracle® Next Generation Java™ Plug-In
“Path”=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=Panda ActiveScan 2.0
“Path”=C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll
“Description”=This plugin detects and launches Pando Media Booster
“Path”=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
“Description”=Google Update
“Path”=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll
“Description”=Google Update
“Path”=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll
“Description”=Handles PDFs in-place in Firefox
“Path”=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
======Registry dump======
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
E-Zsoft VideoDownloaderToolBar - C:\Program Files\Versalsoft\InternetDownload\VDTB.dll
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
{4322A444-92F8-4C3E-BD4C-013BA51E2871} - E-Zsoft VideoDownloaderToolBar - C:\Program Files\Versalsoft\InternetDownload\VDTB.dll
“AVG_UI”=C:\Program Files\AVG\AVG2014\avgui.exe
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll
“{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“EnableSecureUIAPath”=1
“NoDriveTypeAutoRun”=145
“NoDrives”=0
“NoDrives”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVYU”=msyuv.dll
“VIDC.IYUV”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“VIDC.YVU9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“vidc.cvid”=iccvid.dll
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“MSVideo8”=VfWWDM32.dll
“vidc.iv50”=ir50_32.dll
“vidc.iv41”=ir41_32.ax
“vidc.iv31”=ir32_32.dll
“vidc.iv32”=ir32_32.dll
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“wave2”=wdmaud.drv
“midi2”=wdmaud.drv
“mixer2”=wdmaud.drv
“wave3”=wdmaud.drv
“midi3”=wdmaud.drv
“mixer3”=wdmaud.drv
“msacm.siren”=sirenacm.dll
“wave4”=wdmaud.drv
“midi4”=wdmaud.drv
“mixer4”=wdmaud.drv
“aux1”=wdmaud.drv
“wave5”=wdmaud.drv
“midi5”=wdmaud.drv
“mixer5”=wdmaud.drv
“aux2”=wdmaud.drv
“wave6”=wdmaud.drv
“midi6”=wdmaud.drv
“mixer6”=wdmaud.drv
“aux3”=wdmaud.drv
“wave7”=wdmaud.drv
“midi7”=wdmaud.drv
“mixer7”=wdmaud.drv
“aux4”=wdmaud.drv
“wave8”=wdmaud.drv
“midi8”=wdmaud.drv
“mixer8”=wdmaud.drv
“aux5”=wdmaud.drv
“wave9”=wdmaud.drv
“midi9”=wdmaud.drv
“mixer9”=wdmaud.drv
“aux6”=wdmaud.drv
“aux7”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-05-17 19:15:47 —-D—- C:\rsit
2014-05-17 19:15:47 —-D—- C:\Program Files\trend micro
2014-05-17 12:58:36 —-A—- C:\Windows\system32\TURegOpt.exe
2014-05-17 12:58:34 —-A—- C:\Windows\system32\authuitu.dll
2014-05-17 12:55:36 —-SHD—- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-05-16 21:01:01 —-D—- C:\Windows\ERUNT
2014-05-16 21:00:59 —-A—- C:\DelFix.txt
2014-05-16 18:21:13 —-SHD—- C:\$RECYCLE.BIN
2014-05-15 21:15:54 —-D—- C:\Malwarebytes Anti-Malware
2014-05-15 21:15:54 —-A—- C:\Windows\system32\drivers\mwac.sys
2014-05-15 21:15:54 —-A—- C:\Windows\system32\drivers\mbamchameleon.sys
2014-05-15 21:15:54 —-A—- C:\Windows\system32\drivers\mbam.sys
2014-05-15 15:58:00 —-D—- C:\Windows\system32\Adobe
2014-05-15 03:05:52 —-D—- C:\Program Files\Common Files\DESIGNER
2014-05-13 21:35:35 —-A—- C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-12 23:43:45 —-D—- C:\ProgramData\AVG Security Toolbar
2014-05-12 23:42:52 —-D—- C:\Program Files\AVG SafeGuard toolbar
2014-05-12 19:12:10 —-D—- C:\Program Files\Common Files\Java
2014-05-12 19:12:05 —-A—- C:\Windows\system32\javaws.exe
2014-05-12 19:11:53 —-A—- C:\Windows\system32\WindowsAccessBridge.dll
2014-05-12 19:11:53 —-A—- C:\Windows\system32\javaw.exe
2014-05-12 19:11:53 —-A—- C:\Windows\system32\java.exe
2014-05-12 03:40:35 —-D—- C:\ProgramData\Oracle
2014-05-12 03:32:17 —-D—- C:\Versalsoft
2014-05-12 03:32:06 —-D—- C:\Program Files\Versalsoft
2014-05-12 03:32:02 —-D—- C:\Program Files\Universal
2014-05-11 18:24:16 —-D—- C:\Users\User\AppData\Roaming\AVG2014
2014-05-11 18:22:40 —-D—- C:\ProgramData\AVG2014
2014-05-11 18:22:40 —-D—- C:\$AVG
2014-05-11 18:22:30 —-D—- C:\Program Files\AVG
2014-05-10 20:44:49 —-D—- C:\Program Files\KidLogger
2014-05-10 20:33:56 —-D—- C:\Program Files\Mozilla Firefox
2014-05-06 20:05:51 —-A—- C:\Windows\system32\runrefog.lnk
2014-05-06 20:05:50 —-A—- C:\Windows\system32\inspect.exe
2014-05-06 19:57:03 —-D—- C:\Users\User\AppData\Roaming\systweak
2014-05-03 19:28:33 —-A—- C:\Windows\system32\drivers\ssudmdm.sys
2014-05-03 19:28:33 —-A—- C:\Windows\system32\drivers\ssudbus.sys
2014-05-03 19:20:22 —-D—- C:\Program Files\MarkAny
2014-05-03 19:19:42 —-D—- C:\Users\User\AppData\Roaming\Samsung
2014-05-03 19:17:30 —-D—- C:\Program Files\MyFree Codec
2014-05-03 19:16:43 —-A—- C:\Windows\system32\secman.dll
2014-05-03 19:16:38 —-A—- C:\Windows\system32\Redemption.dll
2014-05-03 19:16:20 —-A—- C:\Windows\system32\dgderapi.dll
2014-05-03 19:15:57 —-D—- C:\Program Files\Samsung
2014-05-03 19:15:56 —-D—- C:\ProgramData\Samsung
2014-04-21 01:14:27 —-D—- C:\Users\User\AppData\Roaming\RealHideIP
2014-04-21 01:14:27 —-D—- C:\ProgramData\RealHideIP
======List of files/folders modified in the last 1 month======
2014-05-17 22:17:56 —-D—- C:\Windows\temp
2014-05-17 22:04:24 —-D—- C:\Windows\tracing
2014-05-17 19:46:01 —-D—- C:\Windows\Prefetch
2014-05-17 19:27:18 —-D—- C:\Windows\system32\config
2014-05-17 19:15:47 —-RD—- C:\Program Files
2014-05-17 19:13:03 —-D—- C:\Windows\system32\catroot2
2014-05-17 19:13:03 —-D—- C:\Windows\system32\catroot
2014-05-17 19:12:56 —-D—- C:\Windows\winsxs
2014-05-17 18:00:23 —-D—- C:\ProgramData\MFAData
2014-05-17 15:37:24 —-D—- C:\Windows\rescache
2014-05-17 13:23:13 —-SHD—- C:\System Volume Information
2014-05-17 13:04:00 —-SHD—- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2014-05-17 13:04:00 —-SHD—- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-05-17 13:04:00 —-SHD—- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2014-05-17 13:04:00 —-D—- C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2014-05-17 13:04:00 —-D—- C:\Config.Msi
2014-05-17 13:01:08 —-D—- C:\ProgramData\AVG
2014-05-17 12:58:49 —-SHD—- C:\Windows\Installer
2014-05-17 12:58:48 —-D—- C:\Program Files\Windows Sidebar
2014-05-17 12:58:36 —-D—- C:\Windows\System32
2014-05-17 12:58:12 —-D—- C:\Users\User\AppData\Roaming\AVG
2014-05-17 12:55:39 —-D—- C:\Windows
2014-05-17 12:55:36 —-D—- C:\ProgramData
2014-05-17 12:30:57 —-D—- C:\Program Files\Internet Explorer
2014-05-17 12:30:56 —-D—- C:\Windows\system32\nl-NL
2014-05-17 12:30:56 —-D—- C:\Windows\system32\migration
2014-05-17 12:30:56 —-D—- C:\Windows\system32\en-US
2014-05-17 12:30:56 —-D—- C:\Windows\PolicyDefinitions
2014-05-17 12:25:10 —-D—- C:\Windows\system32\Tasks
2014-05-17 12:25:09 —-D—- C:\ProgramData\Adobe
2014-05-17 12:24:24 —-D—- C:\Program Files\Google
2014-05-17 11:34:09 —-D—- C:\Windows\system32\DriverStore
2014-05-17 11:34:07 —-D—- C:\Windows\system32\drivers
2014-05-16 18:19:45 —-A—- C:\Windows\system.ini
2014-05-16 18:15:36 —-D—- C:\Windows\AppPatch
2014-05-16 18:15:35 —-D—- C:\Program Files\Common Files
2014-05-16 15:17:06 —-D—- C:\Windows\system32\drivers\etc
2014-05-15 23:12:39 —-D—- C:\Windows\debug
2014-05-15 22:03:29 —-D—- C:\Windows\Branding
2014-05-15 21:15:54 —-D—- C:\ProgramData\Malwarebytes
2014-05-15 17:37:55 —-A—- C:\Windows\system32\FlashPlayerApp.exe
2014-05-15 14:48:26 —-D—- C:\Windows\Microsoft.NET
2014-05-15 14:48:25 —-RSD—- C:\Windows\assembly
2014-05-15 03:15:31 —-D—- C:\ProgramData\Microsoft Help
2014-05-15 03:15:01 —-D—- C:\Windows\system32\MRT
2014-05-15 03:06:26 —-A—- C:\Windows\system32\MRT.exe
2014-05-12 23:44:21 —-D—- C:\Windows\Tasks
2014-05-12 19:11:46 —-D—- C:\Program Files\Java
2014-05-12 14:01:04 —-A—- C:\Windows\WININIT.INI
2014-05-12 14:00:04 —-D—- C:\Users\User\AppData\Roaming\Skype
2014-05-12 13:57:09 —-D—- C:\Program Files\Belastingdienst
2014-05-12 13:55:35 —-HD—- C:\Program Files\InstallShield Installation Information
2014-05-12 00:01:56 —-D—- C:\Program Files\Common Files\Adobe
2014-05-12 00:01:55 —-D—- C:\Program Files\Adobe
2014-05-11 23:05:53 —-D—- C:\Windows\inf
2014-05-11 18:22:56 —-D—- C:\Users\User\AppData\Roaming\TuneUp Software
2014-05-11 03:17:44 —-D—- C:\Program Files\Mozilla Maintenance Service
2014-05-08 22:17:35 —-A—- C:\Windows\system32\PerfStringBackup.INI
2014-05-08 19:20:34 —-D—- C:\Users\User\AppData\Roaming\Belastingdienst
2014-05-01 20:09:11 —-D—- C:\ProgramData\CanonIJPLM
2014-04-30 21:49:13 —-D—- C:\Users\User\AppData\Roaming\Mozilla
2014-04-21 01:45:35 —-D—- C:\ProgramData\ParetoLogic
2014-04-21 00:39:16 —-D—- C:\Windows\system32\NDF
2014-04-20 13:22:22 —-RD—- C:\Program Files\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys
R0 pavboot;pavboot; C:\Windows\system32\drivers\pavboot.sys
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys
R2 pnarp;Pure Networks Device Discovery Driver; C:\Windows\system32\DRIVERS\pnarp.sys
R2 purendis;Pure Networks Wireless Driver; C:\Windows\system32\DRIVERS\purendis.sys
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys
S3 catchme;catchme; \??\C:\Users\User\AppData\Local\Temp\catchme.sys
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys
S3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista; C:\Windows\system32\DRIVERS\netr28u.sys
S3 NVENETFD;NVIDIA nForce-netwerkcontroller; C:\Windows\system32\DRIVERS\nvm62x32.sys
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys
S3 SPUVCbv;SPUVCb; C:\Windows\System32\Drivers\SPUVCbv.sys
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys
S3 USBPNPA;USB PnP Sound Device Interface; C:\Windows\system32\drivers\CM108.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
R2 MBAMScheduler;MBAMScheduler; C:\Malwarebytes Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService; C:\Malwarebytes Anti-Malware\mbamservice.exe
R2 nmservice;Pure Networks Platform Service; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
R2 ScrKlgSvc;ScrKlgSvc; C:\Program Files\Max Software\Keylogger\skgsvc.exe
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
S4 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
—————–EOF—————–
Lucas

22-05-2014 16:07

Deze keylogger is moedwillig op de pc gezet. Ik zou als ik u was de toegang tot de pc beter beveiligen!
Aangezien u aan crossposting doet en u hier verder geholpen wordt zal uw topic op het pchelpforum.nl worden gesloten.
Met vriendelijke groet,
Lucas (super administrator pchelpforum.nl)
Ben

22-05-2014 16:19

@ Lucas: leuk je weer eens te zien, ik dacht dat ze al bij jullie verder geholpen wilde worden?
Dus ben ik maar niet verder met een fix gegaan, wat anders tegenstrijdig gaat werken.
Lucas

22-05-2014 16:24

Er wordt niet meer gereageerd wij hebben het topic gesloten.
Is er een reden dat 1 van mijn postings hier weg is gehaald?
Ben

22-05-2014 16:29

Hallo Lucas,
Dat zal wel anders was het niet gebeurt.
Piet

24-05-2014 11:54

Ben Schreef:
——————————————————-
> Hallo Lucas,
>
> Dat zal wel anders was het niet gebeurt.
Lekker duidelijk antwoord(td)

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Problemen keylogger

Jaq

Jaq

Ben

Jaq

Jaq

Lucas

Ben

Lucas

Ben

Piet