Refog Inc.

Publisher Information

Refog Inc. is a software publisher located in Alexandria, Virginia in the United States*. The publisher primarily developes software that can be classified as adware. Thre are 2 additional code signing certificates issued to this publisher.
Remove Refog Inc. Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
2/4/2013 1:00:00 AM

Valid to:
3/6/2016 12:59:59 AM

Subject:
CN=Refog Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Refog Inc., L=Alexandria, S=Virginia, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7ff3daf8e8b0d4a05a226b85f1054e87

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Refog, PUP.Installer.Refog, PUP.Refog (M), PUP.Refog.Installer (M)
100.00%

VIPRE Antivirus
Refog Inc., Threat.4675967, REFOG Keylogger
54.00%

ESET NOD32
Win32/KeyLogger.Refog (variant), Win32/Monitor.MIPKOEmployeeMonitor.AC (variant), Generik.DTYQKFC (variant), Win32/Monitor.MIPKOEmployeeMonitor.AC potentially unsafe (variant)
42.00%

Comodo Security
UnclassifiedMalware
40.00%

Trend Micro House Call
Suspicious_GEN.F47V0822, TROJ_GEN.F47V1001, TROJ_SPNV.01K914, TROJ_GEN.F47V0420, TROJ_GEN.F47V0718, Suspicious_GEN.F47V0716, Suspicious_GEN.F47V0418
30.00%

McAfee
Keylog-Refog, Artemis!9BB191C8F141, Artemis!858FE463B70D, Artemis!DA739C03A337, Artemis!34AB3B710961, Artemis!41831BC863DF
30.00%

Sophos
Generic PUA MF, Generic PUA FE, Refog Keylogger, Generic PUA HP, Mal/Generic-S, PUA 'Refog Keylogger' (of type Spyware)
30.00%

McAfee Web Gateway
Keylog-Refog, BehavesLike.Win32.Obfuscated.tc , Artemis!858FE463B70D, Artemis!PUP, Artemis!Trojan
28.00%

Antiy Labs AVL
RiskWare[Monitor:not-a-virus]/Win64.Mikpo, Trojan[Spy]/Win32.KeyLogger, RiskWare[Monitor:not-a-virus]/Win32.KeyLogger, Trojan/Win32.TSGeneric
26.00%

Fortinet FortiGate
Riskware/KeyLogger, W32/Keylogger.AC!tr, Riskware/KGBSpy, W32/KeyLogger.AIUT!tr
26.00%

1 / 68      (PUP)
employee-monitor.exe (Employee Monitor by Refog)  (4cf27df5db06009e9515b392d592fa04)

1 / 68      (PUP)

1 / 68      (PUP)
mpk.exe  (bfdb316b47575f0a3755a631158acb29)

1 / 68      (PUP)
mpk.dll  (05d6c74a9e45eeb301a5a5183933efa8)

1 / 68      (PUP)
mpk64.dll  (ab54522efa05ad678725edade86e3a72)

1 / 68      (PUP)
mpk64.dll  (95757bd63a6f510d49cdb8d5d73b7ec9)

1 / 68      (PUP)
mpk64.exe  (863608408d3b34b8a6f3ede61c97722f)

24 / 68    (PUP)
personal-monitor.exe (Personal Monitor by Refog)  (9cf8e91b7ba362b1698f70550abdc9ae)

1 / 68      (PUP)

1 / 68      (PUP)
unins000.exe  (92ca449d3f0b9495b29b292f04ed1b73)

1 / 68      (PUP)
mpkhcq12.dll  (2cc21a650e4cd997d58eb6712c25ea55)

1 / 68      (PUP)
mpkhca.dll  (a22d10cb587515795336b6efc760e8c5)

1 / 68      (PUP)
unins000.exe  (b046a589d084df6543c974116e938d0f)

1 / 68      (PUP)

1 / 68      (PUP)
mpktsview.exe  (a7435740e904453f81389a66fbefb1d0)

1 / 68      (PUP)
mpkts64.exe  (a8a480ab685c49cbfb279719ee86fb44)

1 / 68      (PUP)
mpkts64.dll  (f585d490802736b796789c1aa3931b74)

1 / 68      (PUP)
mpkts.exe  (f049fa9e98499cde752a59e324bb4912)

1 / 68      (PUP)
mpkinst.exe  (1921e196c26ef392659483d7f02e4010)

1 / 68      (PUP)

1 / 68      (PUP)
mpkts.dll  (167dc175ffd5f47775952d63d8d6f2eb)

1 / 68      (PUP)
mpk.dll  (a7b1426c88a24ebee4c1999946ac31f5)

8 / 68      (PUP)
setup.exe  (68e832391d76d63909548251a13d7d1b)

17 / 68    (PUP)
refog_time_sheriff_setup_238.exe (Time Sheriff by Refog)  (d0637115f8cb722c57df21a13339815b)

23 / 68    (PUP)
keylogger.exe (Keylogger by Refog)  (599dac4f87980e4c22b1ddd096c6ce8d)

6 / 68      (PUP)
{5bfccbb2-73ab-446d-b1db-c717279ae8fc}  (fac806b22bce2d3523c66c70b8927be3)

12 / 68    (PUP)
mpk.exe  (54c818f191a578504dc53b6a2e4ba060)

15 / 68    (PUP)
mpk.exe  (41831bc863dffc08ac7b97cb54a76374)

14 / 68    (PUP)
employee-monitor.exe (Employee Monitor by Refog)  (ee32d20bb70e7da7fb92a7c0e1b60e78)

15 / 68    (PUP)
lsynchost.exe  (34ab3b71096180910cb800fbc9dea72f)

 
Latest 30 of 152 files

Downloads URLs for files signed by Refog Inc..

20 / 68    (PUP)

7 / 68      (PUP)
http://www.refrog.com/download/.../setup.exe  (74a6a6a31de96d762353125e4a0ecfaf)

The following websites host and distribute files published by Refog Inc..

The certificates below are also signed by Refog Inc..

1FC4489003E01028139915C2D888675C  (Dec 11, 2011 to Feb 05, 2013)

2C65F10795394990A2209CE7972CFBAC  (Feb 06, 2010 to Feb 07, 2012)

Remove Refog Inc. Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Refog Inc. by VeriSign, Inc. on February 04, 2013 with the serial number '7ff3daf8e8b0d4a05a226b85f1054e87'.