cjoint

Publicité


Publicité

Format du document : application/octet-stream

Prévisualisation

[code]
HitmanPro 3.7.9.242
www.hitmanpro.com

Computer name . . . . : CAPOU
Windows . . . . . . . : 6.1.1.7601.X86/1
User name . . . . . . : capou\carlex
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)

Scan date . . . . . . : 2015-06-26 20:01:44
Scan mode . . . . . . : Normal
Scan duration . . . . : 5m 55s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No

Threats . . . . . . . : 0
Traces . . . . . . . : 17

Objects scanned . . . : 1 410 016
Files scanned . . . . : 33 779
Remnants scanned . . : 238 251 files / 1 137 986 keys

Suspicious files ____________________________________________________________

C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\mpglib.dll
Size . . . . . . . : 65 024 bytes
Age . . . . . . . : 2.1 days (2015-06-24 17:38:29)
Entropy . . . . . : 4.9
SHA-256 . . . . . : 3760C77F34F7F5B7993BCECD628EC2DC187A229E29EB1B4C0877044580420FF1
Fuzzy . . . . . . : 24.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Program contains PE structure anomalies. This is not typical for most programs.
Forensic Cluster
-0.7s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\
-0.6s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\arabic.lang
-0.6s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\catalan.lang
-0.6s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\czech.lang
-0.5s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\done.wav
-0.5s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\dutch.lang
-0.5s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\english.lang
-0.4s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\error.wav
-0.4s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\espanol.lang
-0.3s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\FreeRipLicenseAgreement.txt
-0.3s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\french.lang
-0.3s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\german.lang
-0.3s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\greek.lang
-0.2s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\hungarian.lang
-0.2s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\italiano.lang
-0.2s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\korean.lang
-0.1s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\lame_enc.dll
-0.1s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\latvian.lang
-0.0s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\lgpl.txt
0.0s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\mpglib.dll
0.0s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\norsk-B.lang
0.0s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\polish.lang
0.1s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\portuguese-Brazil.lang
0.1s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\readme.txt
0.1s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\russian.lang
0.2s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\slovenian.lang
0.2s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\s_chinese.lang
0.2s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\türkçe.lang
0.2s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\ukrainian.lang
0.3s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\unins000.exe
0.3s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\valencian.lang
0.4s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\FreeRIP.DIR\wnaspi32.dll
1.3s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Spybot - Search & Destroy.DIR\
1.3s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Spybot - Search & Destroy.DIR\ClientCount.bin
1.3s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Spybot - Search & Destroy.DIR\Logs\
1.3s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Spybot - Search & Destroy.DIR\Logs\Firewall.log
1.4s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Spybot - Search & Destroy.DIR\Logs\Proxy.log
1.4s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Spybot - Search & Destroy.DIR\Logs\Scanner.log
1.4s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Spybot - Search & Destroy.DIR\Logs\Updates.log
2.1s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Ad-Aware Antivirus.DIR\
2.1s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Ad-Aware Antivirus.DIR\Logs\
2.1s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Ad-Aware Antivirus.DIR\Logs\20141025T133734.480468PID4900\
2.1s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Ad-Aware Antivirus.DIR\Logs\20141025T133734.480468PID4900\GlamorousInstaller.log
2.2s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Ad-Aware Antivirus.DIR\Logs\20141025T133734.480468PID4900\GuiFramework.log
2.2s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Ad-Aware Antivirus.DIR\Logs\20141025T133957.188476PID3404\
2.2s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Ad-Aware Antivirus.DIR\Logs\20141025T133957.188476PID3404\GlamorousInstaller.log
2.2s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\Ad-Aware Antivirus.DIR\Logs\20141025T133957.188476PID3404\GuiFramework.log
3.4s C:\Users\carlex\AppData\Roaming\ZHP\Quarantine\1390535878.bdinstall.bin.VIR


Potential Unwanted Programs _________________________________________________

ask.com
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Web Data


Cookies _____________________________________________________________________

C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:247realmedia.com
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
C:\Users\carlex\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com


[/code]

Publicité


Signaler le contenu de ce document

Publicité