HitmanPro Log

1. [code]
2. HitmanPro 3.7.8.208
3. www.hitmanpro.com
4.  
5. Computer name . . . . : HERTZOG327-PC
6. Windows . . . . . . . : 6.1.0.7600.X64/4
7. User name . . . . . . : hertzog327-PC\hertzog327
8. UAC . . . . . . . . . : Disabled
9. License . . . . . . . : Free
10.  
11. Scan date . . . . . . : 2014-01-05 11:13:29
12. Scan mode . . . . . . : Normal
13. Scan duration . . . . : 10m 8s
14. Disk access mode . . : Direct disk access (SRB)
15. Cloud . . . . . . . . : Internet
16. Reboot . . . . . . . : No
17.  
18. Threats . . . . . . . : 0
19. Traces . . . . . . . : 64
20.  
21. Objects scanned . . . : 2,787,090
22. Files scanned . . . . : 160,536
23. Remnants scanned . . : 1,292,965 files / 1,333,589 keys
24.  
25. Suspicious files ____________________________________________________________
26.  
27. C:\Users\hertzog327\AppData\Local\PunkBuster\FC3\pb\pbcl.dll
28. Size . . . . . . . : 953,886 bytes
29. Age . . . . . . . : 99.3 days (2013-09-28 05:05:43)
30. Entropy . . . . . : 7.6
31. SHA-256 . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
32. Fuzzy . . . . . . : 29.0
33. The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
34. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
35. Authors name is missing in version info. This is not common to most programs.
36. Version control is missing. This file is probably created by an individual. This is not typical for most programs.
37. Program contains PE structure anomalies. This is not typical for most programs.
38.  
39. C:\Users\hertzog327\AppData\Local\PunkBuster\FC3\pb\pbcls.dll
40. Size . . . . . . . : 953,886 bytes
41. Age . . . . . . . : 99.3 days (2013-09-28 05:05:42)
42. Entropy . . . . . : 7.6
43. SHA-256 . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
44. Fuzzy . . . . . . : 29.0
45. The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
46. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
47. Authors name is missing in version info. This is not common to most programs.
48. Version control is missing. This file is probably created by an individual. This is not typical for most programs.
49. Program contains PE structure anomalies. This is not typical for most programs.
50.  
51. C:\Users\hertzog327\AppData\Local\PunkBuster\FC3\pb\PnkBstrK.sys
52. Size . . . . . . . : 138,032 bytes
53. Age . . . . . . . : 99.3 days (2013-09-28 05:05:58)
54. Entropy . . . . . : 7.8
55. SHA-256 . . . . . : ABAF3FACF01E10E4C685F79C3B9E5D2118B3CF8629C4277EBE035B2A10474148
56. RSA Key Size . . . : 2048
57. Authenticode . . . : Valid
58. Fuzzy . . . . . . : 22.0
59. The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
60. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
61. Authors name is missing in version info. This is not common to most programs.
62. Version control is missing. This file is probably created by an individual. This is not typical for most programs.
63. Program contains PE structure anomalies. This is not typical for most programs.
64. The file is a device driver. Device drivers run as trusted (highly privileged) code.
65. Program is code signed with a valid Authenticode certificate.
66.  
67.  
68. Potential Unwanted Programs _________________________________________________
69.  
70. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\ (Yontoo)
71. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll (Yontoo)
72. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat (Yontoo)
73. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe (Yontoo)
74. Size . . . . . . . : 227,984 bytes
75. Age . . . . . . . : 287.5 days (2013-03-23 22:17:30)
76. Entropy . . . . . : 6.4
77. SHA-256 . . . . . : 17936188EFAC05A0EF9FD87A79B268445CE307DD37A6F9206D116F195AB049C9
78. Product . . . . . : Tarma® Installer
79. Publisher . . . . : Tarma Software Research Pty Ltd
80. Description . . . : Tarma® Installer
81. Version . . . . . : 2011.03.11.1355U
82. Copyright . . . . : © 1990-2011 Tarma Software Research Pty Ltd
83. RSA Key Size . . . : 2048
84. Authenticode . . . : Valid
85. Fuzzy . . . . . . : -15.0
86.  
87. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico (Yontoo)
88. HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
89. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\ (Yontoo)
90. HKLM\SOFTWARE\Tarma Installer\Components\{8D8654CD-7FBC-4C7E-84E9-371BFA8DB04E}\ (Yontoo)
91. HKLM\SOFTWARE\Tarma Installer\Components\{9D9785E5-3424-40B6-A287-BA143AD53109}\ (Yontoo)
92. HKLM\SOFTWARE\Tarma Installer\Components\{B6783DFA-B8C8-4CB6-AB9F-EF1A1F7F7AE8}\ (Yontoo)
93. HKLM\SOFTWARE\Tarma Installer\Products\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\ (Yontoo)
94. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc\ (Yontoo)
95. HKU\S-1-5-21-166366992-1187241683-1984212088-1000\Software\AppDataLow\Software\Smartbar\ (Conduit)
96. HKU\S-1-5-21-166366992-1187241683-1984212088-1000\Software\Softonic\ (Softonic)
97. HKU\S-1-5-21-166366992-1187241683-1984212088-1000_Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
98.  
99. Cookies _____________________________________________________________________
100.  
101. C:\Users\hertzog327\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
102. C:\Users\hertzog327\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
103. C:\Users\hertzog327\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
104. C:\Users\hertzog327\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
105. C:\Users\hertzog327\AppData\Local\Google\Chrome\User Data\Default\Cookies:dmtracker.com
106. C:\Users\hertzog327\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
107. C:\Users\hertzog327\AppData\Local\Google\Chrome\User Data\Default\Cookies:emjcd.com
108. C:\Users\hertzog327\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
109. C:\Users\hertzog327\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
110. C:\Users\hertzog327\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
111. C:\Users\hertzog327\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.youporn.com
112. C:\Users\hertzog327\AppData\Local\Google\Chrome\User Data\Default\Cookies:youporn.com
113. C:\Users\hertzog327\AppData\Roaming\Microsoft\Windows\Cookies\JPAGEGZC.txt
114. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:ads.eurogamer.net
115. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:adultswim.com
116. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:animalsexzone.com
117. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:apmebf.com
118. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:cnt.proporn.com
119. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:engine.phn.doublepimp.com
120. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:fastclick.net
121. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:freecamsexposed.com
122. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:freepornerotica.com
123. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:fuckingtoons.com
124. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:games.adultswim.com
125. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:h2porn.com
126. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:hellporno.com
127. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:m.freecamsexposed.com
128. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:pornhub.com
129. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:pornpoly.com
130. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:proporn.com
131. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:rule34.xxx
132. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:sexplaycam.com
133. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:stats.tf
134. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:statse.webtrendslive.com
135. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:sunporno.com
136. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:tokyofacefuck.com
137. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:www.freecamsexposed.com
138. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:www.freepornerotica.com
139. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:www.googleadservices.com
140. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:www.pornhub.com
141. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:www.proporn.com
142. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:www.sexplaycam.com
143. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:www.sunporno.com
144. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:www.youporn.com
145. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:youporn.com
146. C:\Users\hertzog327\AppData\Roaming\Mozilla\Firefox\Profiles\at9efaal.default\cookies.sqlite:yourfreeporn.us
147.  
148.  
149. [/code]