continuation~
3. Malwarebytes Anti-malware ReportMalwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.orgDatabase version: v2013.06.25.01
Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Paolo :: CLINXR [administrator]
6/25/2013 8:34:07 PM
mbam-log-2013-06-25 (20-34-07).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 293522
Time elapsed: 9 minute(s), 28 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
C:\Windows\System32\28463 (Keylogger.Ardamax) -> Quarantined and deleted successfully.
Files Detected: 43
C:\Windows\System32\bpk.dat (Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\inst.dat (Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\pk.bin (Keylogger) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\DOME.009 (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__05_08_40.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__07_38_41.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\BIAJ.001 (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\BIAJ.002 (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\BIAJ.002.tmp (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\BIAJ.009 (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\BIAJ.009.tmp (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\DOME.001 (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\DOME.002 (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__05_18_40.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__05_28_40.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__05_38_40.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__05_48_40.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__05_58_40.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__06_08_40.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__06_18_40.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__06_28_41.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__06_38_41.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__06_48_41.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__06_58_41.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__07_08_41.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__07_18_41.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__07_28_41.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__07_48_41.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__07_58_41.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__08_08_41.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__08_18_42.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__08_28_42.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__08_38_42.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\key.bin (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__03_38_39.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__03_48_39.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__03_58_39.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__04_08_39.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__04_18_40.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__04_28_40.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__04_38_40.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__04_48_40.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Windows\System32\28463\Feb_04_2013__04_58_40.jpg (Keylogger.Ardamax) -> Quarantined and deleted successfully.
(end)
next post continuation