Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HitmanPro help


  • Please log in to reply
1 reply to this topic

#1 Darktune

Darktune

    Very Purple


  • Members
  • 1,139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales
  • Local time:03:26 AM

Posted 21 July 2013 - 06:17 PM

Hello everyone,

 

I ran HitmanPro free scan today and it didn't find any threats, it did find 16 'traces' I was just wondering what this is? I know it means traces of malware/worms etc.. but when I look in the logs it doesn't show these traces. 

 

Although it didn't find threats it did find suspicious items "PnkBstrK.sys", three of them although PunkBuster Is a program used by steam to prevent cheating on games servers. So I know that this is safe. I hope.

 

So any advice, thanks guys.

 

 

Craig

 


It's very hard to imagine all the crazy things that things really are like. 

Electrons act like waves.. no they don't exactly, they act like particles.. no they don't exactly.

Words and ideas can change the world.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:26 PM

Posted 22 July 2013 - 10:10 AM

Malware Traces are generally considered those leftover files/registry entries and remnants that malware leaves behind in various locations on a computer's system.

Each security vendor uses their own naming conventions to identify various types of malware so it's difficult to determine exactly what has been detected or the nature of the threat without knowing more information about the detection.For example, this is what Emsisoft says:

...the Anti-Malware Scanner looks for files, folders, registry entries and Tracking Cookies that are typically created by Spyware programs. Traces are exactly these trails that Spyware leaves behind...This approach has both advantages and disadvantages for Malware recognition...The negative side is that it provides a relatively inexact, or insufficiently differentiated to be more precise, Malware recognition. Benign software can be falsely recognized...if it uses the same file name or folder as a dangerous Spyware program. Software discovered via Traces should therefore first be double-checked to see if it is actually Malware before it is finally deleted...

Spyware Traces in Detail

You would need to contact and ask HitmanPro support to determine exactly how they define the term.


PnkBstrK.sys is a system driver...system drivers are prone to detection by various security scanning tools for a variety of reasons.

For example, Daemon Tools is a CD Emulator that uses rootkit-like techniques to hide from other applications and to circumvent copy protection schemes. Alchohol 120%, Astroburn and AnyDVD have similar capabilities. AnyDVD uses a driver that allows decryption of DVDs on-the-fly and targeted removal of copy preventions/user operation prohibitions. Alcohol uses a technology similar to hide it's drivers on the system so that game copy protection schemes are unable to detect and blacklist Alcohol virtual drives.

It is not uncommon for the drivers used by these and other anti-cheating or circumventing programs with such technology to be detected as suspicious. Since PnkBstrK.sys is Punk Buster's anti-cheating system driver file, it most likely uses similar techniques and therefore it too is detected as suspicious.

Anytime you come across a suspicious file or you want a second opinion, submit it to one of the following online services that analyzes suspicious files:--In the "File to Scan" (Upload or Submit) box, browse to the location of the suspicious file(s) and submit (upload) it for scanning/analysis. If you get a message saying "File has already been analyzed", click Reanalyze or Scan again.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users