[code] HitmanPro 3.7.2.190 www.hitmanpro.com Computer name . . . . : ACER-PC Windows . . . . . . . : 6.1.1.7601.X64/4 User name . . . . . . : Acer-PC\Acer UAC . . . . . . . . . : Enabled License . . . . . . . : Trial (30 days left) Scan date . . . . . . : 2013-03-19 19:49:16 Scan mode . . . . . . : Normal Scan duration . . . . : 9m 11s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 1 Traces . . . . . . . : 51 Objects scanned . . . : 2.047.974 Files scanned . . . . : 26.949 Remnants scanned . . : 373.207 files / 1.647.818 keys Malware _____________________________________________________________________ C:\Users\Acer\Documents\Documents\Downloads\Alcohol 120% 2.0.1.2033\Medicina 1\keymaker.exe -> Quarantined Size . . . . . . . : 1.961.472 bytes Age . . . . . . . : 542.2 days (2011-09-24 15:01:05) Entropy . . . . . : 7.8 SHA-256 . . . . . : DD616D8D8F56C11B8FC61702F94D8A7A508672882A1C311F0E95C5B1097F6203 Product Publisher . . . . : BetaMaster Description . . . : Activation keymaker for alcohol 120% v2.0.0.1331 Version . . . . . : 1.1.0.0 Copyright . . . . : BetaMaster > Ikarus . . . . . . : Trojan-Downloader.Win32.Bagle!IK Fuzzy . . . . . . : 108.0 Potential Unwanted Programs _________________________________________________ HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\ (Babylon) HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\ (Funmoods) HKLM\SOFTWARE\Classes\Prod.cap\ (Claro) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\ (Babylon) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\ (Funmoods) HKLM\SOFTWARE\Wow6432Node\Babylon\ (Babylon) HKLM\SOFTWARE\Wow6432Node\DataMngr\ (SearchQU) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}\ (Claro) HKU\S-1-5-21-3446388837-3113825323-3780517961-1000\Software\DataMngr\ (SearchQU) HKU\S-1-5-21-3446388837-3113825323-3780517961-1000\Software\DataMngr_Toolbar\ (SearchQU) HKU\S-1-5-21-3446388837-3113825323-3780517961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro) HKU\S-1-5-21-3446388837-3113825323-3780517961-1000\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings\ (Claro) HKU\S-1-5-21-3446388837-3113825323-3780517961-1000\Software\mozilla\Firefox\Extensions\{58bd07eb-0ee0-4df0-8121-dc9b693373df} (Claro) Cookies _____________________________________________________________________ C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adk2.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.atdmt.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:clubmednl.solution.weborama.fr C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:h.atdmt.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:msnportal.112.2o7.net C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:nl.sitestat.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:paypal.112.2o7.net C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:prisacom.112.2o7.net C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:server.cpmstar.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.paypal.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:view.atdmt.com C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:weborama.fr C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Cookies\5ECYS2PF.txt C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Cookies\67OGHGQF.txt C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Cookies\LKF5FOIH.txt C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Cookies\O90FARON.txt [/code]