[code] HitmanPro 3.7.9.240 www.hitmanpro.com Computer name . . . . : EQWDFWA Windows . . . . . . . : 6.3.0.9600.X64/4 User name . . . . . . : eqwdfwa\eafae UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2015-04-16 20:11:36 Scan mode . . . . . . : Normal Scan duration . . . . : 3m 52s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 1 Traces . . . . . . . : 18 Objects scanned . . . : 1 419 316 Files scanned . . . . : 25 932 Remnants scanned . . : 399 203 files / 994 181 keys Malware _____________________________________________________________________ C:\Users\eafae\Downloads\PowerISO6.exe Size . . . . . . . : 2 962 832 bytes Age . . . . . . . : 22.0 days (2015-03-25 20:06:08) Entropy . . . . . : 8.0 SHA-256 . . . . . : 6F9AB6073C65AEE8502041F2BAD24B8B9713436D69BA184F477C7940A86C7FAB Product . . . . . : PowerISO Setup Publisher . . . . : Power Software Ltd Description . . . : PowerISO Setup Version . . . . . : 6.1.0.0 Copyright . . . . : Copyright(c) 2004-2014 RSA Key Size . . . : 2048 LanguageID . . . . : 1033 Authenticode . . . : Valid > Bitdefender . . . : Application.Agent.HN > Kaspersky . . . . : not-a-virus:WebToolbar.Win32.Agent.axo Fuzzy . . . . . . : 101.0 Suspicious files ____________________________________________________________ C:\Users\eafae\Desktop\frst\FRST-OlderVersion\FRST64.exe Size . . . . . . . : 2 096 640 bytes Age . . . . . . . : 25.2 days (2015-03-22 15:40:01) Entropy . . . . . : 7.5 SHA-256 . . . . . : 0B3EE373079CC299A4DB366AAEF6EC8EBCDB33695C49276FAA34902DF73D9CE6 Needs elevation . : Yes Fuzzy . . . . . . : 22.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. C:\Users\eafae\Desktop\frst\FRST64.exe Size . . . . . . . : 2 097 152 bytes Age . . . . . . . : 1.2 days (2015-04-15 14:54:23) Entropy . . . . . : 7.5 SHA-256 . . . . . : 16CC9CDF83CB9B5F02660E38AD599A9C6F34CD3267EED763CC058D9FA1350693 Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. C:\Users\eafae\Downloads\FRST.exe Size . . . . . . . : 1 135 104 bytes Age . . . . . . . : 25.2 days (2015-03-22 15:39:10) Entropy . . . . . : 8.0 SHA-256 . . . . . : 27600BC2D6D1CBBD1FA5BB7A9157ACCCF3A068A6800ED4B6DC50D24A747F6CAB Needs elevation . : Yes Fuzzy . . . . . . : 22.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Potential Unwanted Programs _________________________________________________ HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}\ (Unisales) HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}\ (UniDeals) HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}\ (UniDeals) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\Software\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}\ (UniDeals) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}\ (UniDeals) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\Software\Linkey\ (Linkey) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey\ (Linkey) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001_Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}\ (UniDeals) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001_Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}\ (UniDeals) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001_Classes\Wow6432Node\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\ (UniDeals) HKU\S-1-5-21-4040340981-3488949422-2698820681-1001_Classes\Wow6432Node\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}\ (UniDeals) HKU\S-1-5-21-4040340981-3488949422-2698820681-1002_Classes\Wow6432Node\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\ (UniDeals) HKU\S-1-5-21-4040340981-3488949422-2698820681-1002_Classes\Wow6432Node\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}\ (UniDeals) Cookies _____________________________________________________________________ C:\Users\eafae\AppData\Local\Microsoft\Windows\INetCookies\N9O92NJ9.txt [/code]