cjoint

Publicité


Publicité

Format du document : application/octet-stream

Prévisualisation

ÿþ[code]
HitmanPro 3.7.12.253
www.hitmanpro.com

Computer name . . . . : TECHNOLOGY-PC
Windows . . . . . . . : 6.1.0.7600.X86/2
User name . . . . . . : TECHNOLOGY-PC\TECHNOLOGY
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free

Scan date . . . . . . : 2016-01-26 23:50:08
Scan mode . . . . . . : Normal
Scan duration . . . . : 9m 35s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No

Threats . . . . . . . : 0
Traces . . . . . . . : 17

Objects scanned . . . : 811 819
Files scanned . . . . : 14 036
Remnants scanned . . : 159 148 files / 638 635 keys

Suspicious files ____________________________________________________________

C:\Program Files\tuEagles\EagleRes.dll
Size . . . . . . . : 373 970 bytes
Age . . . . . . . : 5.0 days (2016-01-22 00:47:24)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 600E7F1B103EFB9DF3BFF145F17692FF491B7E9CBE38E180A91B1D500DDCCFF1
Fuzzy . . . . . . : 27.0
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
The hidden file attribute bit is set. This is not common to most programs.
Program is running but currently exposes no human-computer interface (GUI).
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
The file is in use by one or more active processes.
Forensic Cluster
-8.4s C:\Windows\Prefetch\VERCLSID.EXE-4D95F5A7.pf
-6.8s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\
-6.8s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\
-6.8s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\
-6.8s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\
-6.8s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\
-0.3s C:\Program Files\tuEagles\
-0.3s C:\Program Files\tuEagles\control.exe
-0.2s C:\Program Files\tuEagles\desktop.ini
-0.2s C:\Program Files\tuEagles\eagleh.ini
-0.1s C:\Program Files\tuEagles\Flt32.dll
-0.1s C:\Program Files\tuEagles\EagleP.dll
-0.1s C:\Program Files\tuEagles\eglsrv.exe
-0.0s C:\Program Files\tuEagles\EagleR.dll
0.0s C:\Program Files\tuEagles\EagleRes.dll
0.0s C:\Program Files\tuEagles\Eagles.tdb
0.1s C:\Program Files\tuEagles\eaglesvr.exe
0.1s C:\Program Files\tuEagles\EagleSvr.log
0.1s C:\Windows\Prefetch\CACLS.EXE-1F538DC1.pf
0.1s C:\Program Files\tuEagles\EagleT.dll
0.2s C:\Program Files\tuEagles\Egllogin.dll
0.2s C:\Program Files\tuEagles\EglScrn.dll
0.2s C:\Program Files\tuEagles\Eglsetu1.exe
0.3s C:\Program Files\tuEagles\Forbid.htm
0.3s C:\Program Files\tuEagles\Forbid_url.htm
0.3s C:\Program Files\tuEagles\time_limit.htm
0.3s C:\Program Files\tuEagles\only_white.htm
0.4s C:\Program Files\tuEagles\help.chm
0.4s C:\Program Files\tuEagles\logview.exe
0.4s C:\Program Files\tuEagles\Setup.ini
0.5s C:\Program Files\tuEagles\ssview.exe
0.5s C:\Program Files\tuEagles\sxdomain.dat
0.5s C:\Program Files\tuEagles\Update.dat
0.6s C:\Program Files\tuEagles\Update.exe
0.6s C:\Program Files\tuEagles\EglAgent.exe
0.6s C:\Program Files\tuEagles\agent1.gif
0.7s C:\Program Files\tuEagles\agent2.gif
0.7s C:\Program Files\tuEagles\agent3.gif
0.7s C:\Program Files\tuEagles\agent4.gif
0.8s C:\Program Files\tuEagles\logo.jpg
0.8s C:\Program Files\tuEagles\egldrv.sys
0.8s C:\Program Files\tuEagles\EglR.exe
0.8s C:\Program Files\tuEagles\EagleObj.dll
0.9s C:\Program Files\tuEagles\PngRes.dll
0.9s C:\Program Files\tuEagles\uninst.exe
1.0s C:\Program Files\tuEagles\eglabout.exe
1.0s C:\Program Files\tuEagles\parent.ico
1.0s C:\Program Files\tuEagles\kids.ico
1.0s C:\Program Files\tuEagles\eagleprx.exe
1.1s C:\Program Files\tuEagles\flt64.dll
1.1s C:\Program Files\tuEagles\BWK.dat
1.1s C:\Program Files\tuEagles\eglfs.sys
1.2s C:\Program Files\tuEagles\eglfs64.sys
1.2s C:\Program Files\tuEagles\EglNokl.sys
1.2s C:\Program Files\tuEagles\EglNokl64.sys
1.3s C:\Program Files\tuEagles\eglps.sys
1.3s C:\Program Files\tuEagles\eglps64.sys
1.3s C:\Windows\NFCHS.exe
1.4s C:\Program Files\tuEagles\img_reco.exe
1.4s C:\Program Files\tuEagles\img_reco_lang.dat
1.4s C:\Program Files\tuEagles\opencv_objdetect243.dll
1.5s C:\Program Files\tuEagles\opencv_highgui243.dll
1.5s C:\Program Files\tuEagles\opencv_imgproc243.dll
1.5s C:\Program Files\tuEagles\opencv_core243.dll
1.5s C:\Program Files\tuEagles\1.wmv
1.6s C:\Program Files\tuEagles\I_l.dat
1.6s C:\Program Files\tuEagles\I_n.dat
4.7s C:\Windows\Prefetch\ANTIPORN233.EXE-AA8B8949.pf
45.0s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\
45.0s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Help.lnk
45.0s C:\Windows\Prefetch\UPDATE.EXE-6E12D3A2.pf
45.0s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Review Screen Log.lnk
45.0s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Review URL Log.lnk
45.0s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Anti-Porn Setings.lnk
45.0s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Run Anti-Porn.lnk
45.0s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Uninstall Anti-Porn.lnk
45.0s C:\Windows\Retafte.bmp
45.2s C:\Windows\Prefetch\ICACLS.EXE-028E30CE.pf
45.3s C:\Windows\Prefetch\EGLSRV.EXE-FFDD5F42.pf
55.7s C:\Windows\Prefetch\EAGLESVR.EXE-8EA59540.pf
55.9s C:\Windows\Prefetch\IMG_RECO.EXE-C57CCBFC.pf
56.2s C:\Windows\Prefetch\EGLABOUT.EXE-E73763AA.pf
75.9s C:\Windows\Prefetch\EGLR.EXE-0C1A9C25.pf

C:\Program Files\tuEagles\opencv_core243.dll
Size . . . . . . . : 2 330 112 bytes
Age . . . . . . . : 5.0 days (2016-01-22 00:47:25)
Entropy . . . . . : 6.7
SHA-256 . . . . . : B028DB0AC364F7F680832D1A60C538992ACAD1304A2BCD94B01C8D3CD60F504D
Fuzzy . . . . . . : 25.0
File belongs to an identified security risk.
The hidden file attribute bit is set. This is not common to most programs.
Program is running but currently exposes no human-computer interface (GUI).
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
The file is in use by one or more active processes.
Forensic Cluster
-10.0s C:\Windows\Prefetch\VERCLSID.EXE-4D95F5A7.pf
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\
-1.8s C:\Program Files\tuEagles\
-1.8s C:\Program Files\tuEagles\control.exe
-1.7s C:\Program Files\tuEagles\desktop.ini
-1.7s C:\Program Files\tuEagles\eagleh.ini
-1.6s C:\Program Files\tuEagles\Flt32.dll
-1.6s C:\Program Files\tuEagles\EagleP.dll
-1.6s C:\Program Files\tuEagles\eglsrv.exe
-1.5s C:\Program Files\tuEagles\EagleR.dll
-1.5s C:\Program Files\tuEagles\EagleRes.dll
-1.5s C:\Program Files\tuEagles\Eagles.tdb
-1.5s C:\Program Files\tuEagles\eaglesvr.exe
-1.4s C:\Program Files\tuEagles\EagleSvr.log
-1.4s C:\Windows\Prefetch\CACLS.EXE-1F538DC1.pf
-1.4s C:\Program Files\tuEagles\EagleT.dll
-1.4s C:\Program Files\tuEagles\Egllogin.dll
-1.3s C:\Program Files\tuEagles\EglScrn.dll
-1.3s C:\Program Files\tuEagles\Eglsetu1.exe
-1.3s C:\Program Files\tuEagles\Forbid.htm
-1.2s C:\Program Files\tuEagles\Forbid_url.htm
-1.2s C:\Program Files\tuEagles\time_limit.htm
-1.2s C:\Program Files\tuEagles\only_white.htm
-1.1s C:\Program Files\tuEagles\help.chm
-1.1s C:\Program Files\tuEagles\logview.exe
-1.1s C:\Program Files\tuEagles\Setup.ini
-1.0s C:\Program Files\tuEagles\ssview.exe
-1.0s C:\Program Files\tuEagles\sxdomain.dat
-1.0s C:\Program Files\tuEagles\Update.dat
-1.0s C:\Program Files\tuEagles\Update.exe
-0.9s C:\Program Files\tuEagles\EglAgent.exe
-0.9s C:\Program Files\tuEagles\agent1.gif
-0.9s C:\Program Files\tuEagles\agent2.gif
-0.8s C:\Program Files\tuEagles\agent3.gif
-0.8s C:\Program Files\tuEagles\agent4.gif
-0.8s C:\Program Files\tuEagles\logo.jpg
-0.7s C:\Program Files\tuEagles\egldrv.sys
-0.7s C:\Program Files\tuEagles\EglR.exe
-0.7s C:\Program Files\tuEagles\EagleObj.dll
-0.6s C:\Program Files\tuEagles\PngRes.dll
-0.6s C:\Program Files\tuEagles\uninst.exe
-0.6s C:\Program Files\tuEagles\eglabout.exe
-0.5s C:\Program Files\tuEagles\parent.ico
-0.5s C:\Program Files\tuEagles\kids.ico
-0.5s C:\Program Files\tuEagles\eagleprx.exe
-0.4s C:\Program Files\tuEagles\flt64.dll
-0.4s C:\Program Files\tuEagles\BWK.dat
-0.4s C:\Program Files\tuEagles\eglfs.sys
-0.3s C:\Program Files\tuEagles\eglfs64.sys
-0.3s C:\Program Files\tuEagles\EglNokl.sys
-0.3s C:\Program Files\tuEagles\EglNokl64.sys
-0.3s C:\Program Files\tuEagles\eglps.sys
-0.2s C:\Program Files\tuEagles\eglps64.sys
-0.2s C:\Windows\NFCHS.exe
-0.2s C:\Program Files\tuEagles\img_reco.exe
-0.1s C:\Program Files\tuEagles\img_reco_lang.dat
-0.1s C:\Program Files\tuEagles\opencv_objdetect243.dll
-0.1s C:\Program Files\tuEagles\opencv_highgui243.dll
-0.0s C:\Program Files\tuEagles\opencv_imgproc243.dll
0.0s C:\Program Files\tuEagles\opencv_core243.dll
0.0s C:\Program Files\tuEagles\1.wmv
0.1s C:\Program Files\tuEagles\I_l.dat
0.1s C:\Program Files\tuEagles\I_n.dat
3.2s C:\Windows\Prefetch\ANTIPORN233.EXE-AA8B8949.pf
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Help.lnk
43.5s C:\Windows\Prefetch\UPDATE.EXE-6E12D3A2.pf
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Review Screen Log.lnk
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Review URL Log.lnk
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Anti-Porn Setings.lnk
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Run Anti-Porn.lnk
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Uninstall Anti-Porn.lnk
43.5s C:\Windows\Retafte.bmp
43.7s C:\Windows\Prefetch\ICACLS.EXE-028E30CE.pf
43.8s C:\Windows\Prefetch\EGLSRV.EXE-FFDD5F42.pf
54.2s C:\Windows\Prefetch\EAGLESVR.EXE-8EA59540.pf
54.4s C:\Windows\Prefetch\IMG_RECO.EXE-C57CCBFC.pf
54.7s C:\Windows\Prefetch\EGLABOUT.EXE-E73763AA.pf
74.4s C:\Windows\Prefetch\EGLR.EXE-0C1A9C25.pf

C:\Program Files\tuEagles\opencv_highgui243.dll
Size . . . . . . . : 2 297 856 bytes
Age . . . . . . . : 5.0 days (2016-01-22 00:47:25)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 5DC72410061893D3F03793DEA8FD05696A412A294CC5B270E02A1F256CEA792F
Fuzzy . . . . . . : 25.0
File belongs to an identified security risk.
The hidden file attribute bit is set. This is not common to most programs.
Program is running but currently exposes no human-computer interface (GUI).
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
The file is in use by one or more active processes.
Forensic Cluster
-9.9s C:\Windows\Prefetch\VERCLSID.EXE-4D95F5A7.pf
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\
-1.7s C:\Program Files\tuEagles\
-1.7s C:\Program Files\tuEagles\control.exe
-1.6s C:\Program Files\tuEagles\desktop.ini
-1.6s C:\Program Files\tuEagles\eagleh.ini
-1.6s C:\Program Files\tuEagles\Flt32.dll
-1.5s C:\Program Files\tuEagles\EagleP.dll
-1.5s C:\Program Files\tuEagles\eglsrv.exe
-1.5s C:\Program Files\tuEagles\EagleR.dll
-1.5s C:\Program Files\tuEagles\EagleRes.dll
-1.4s C:\Program Files\tuEagles\Eagles.tdb
-1.4s C:\Program Files\tuEagles\eaglesvr.exe
-1.4s C:\Program Files\tuEagles\EagleSvr.log
-1.3s C:\Windows\Prefetch\CACLS.EXE-1F538DC1.pf
-1.3s C:\Program Files\tuEagles\EagleT.dll
-1.3s C:\Program Files\tuEagles\Egllogin.dll
-1.3s C:\Program Files\tuEagles\EglScrn.dll
-1.2s C:\Program Files\tuEagles\Eglsetu1.exe
-1.2s C:\Program Files\tuEagles\Forbid.htm
-1.2s C:\Program Files\tuEagles\Forbid_url.htm
-1.1s C:\Program Files\tuEagles\time_limit.htm
-1.1s C:\Program Files\tuEagles\only_white.htm
-1.1s C:\Program Files\tuEagles\help.chm
-1.0s C:\Program Files\tuEagles\logview.exe
-1.0s C:\Program Files\tuEagles\Setup.ini
-1.0s C:\Program Files\tuEagles\ssview.exe
-1.0s C:\Program Files\tuEagles\sxdomain.dat
-0.9s C:\Program Files\tuEagles\Update.dat
-0.9s C:\Program Files\tuEagles\Update.exe
-0.9s C:\Program Files\tuEagles\EglAgent.exe
-0.8s C:\Program Files\tuEagles\agent1.gif
-0.8s C:\Program Files\tuEagles\agent2.gif
-0.8s C:\Program Files\tuEagles\agent3.gif
-0.7s C:\Program Files\tuEagles\agent4.gif
-0.7s C:\Program Files\tuEagles\logo.jpg
-0.7s C:\Program Files\tuEagles\egldrv.sys
-0.6s C:\Program Files\tuEagles\EglR.exe
-0.6s C:\Program Files\tuEagles\EagleObj.dll
-0.6s C:\Program Files\tuEagles\PngRes.dll
-0.5s C:\Program Files\tuEagles\uninst.exe
-0.5s C:\Program Files\tuEagles\eglabout.exe
-0.5s C:\Program Files\tuEagles\parent.ico
-0.4s C:\Program Files\tuEagles\kids.ico
-0.4s C:\Program Files\tuEagles\eagleprx.exe
-0.4s C:\Program Files\tuEagles\flt64.dll
-0.3s C:\Program Files\tuEagles\BWK.dat
-0.3s C:\Program Files\tuEagles\eglfs.sys
-0.3s C:\Program Files\tuEagles\eglfs64.sys
-0.3s C:\Program Files\tuEagles\EglNokl.sys
-0.2s C:\Program Files\tuEagles\EglNokl64.sys
-0.2s C:\Program Files\tuEagles\eglps.sys
-0.2s C:\Program Files\tuEagles\eglps64.sys
-0.1s C:\Windows\NFCHS.exe
-0.1s C:\Program Files\tuEagles\img_reco.exe
-0.1s C:\Program Files\tuEagles\img_reco_lang.dat
-0.0s C:\Program Files\tuEagles\opencv_objdetect243.dll
0.0s C:\Program Files\tuEagles\opencv_highgui243.dll
0.0s C:\Program Files\tuEagles\opencv_imgproc243.dll
0.1s C:\Program Files\tuEagles\opencv_core243.dll
0.1s C:\Program Files\tuEagles\1.wmv
0.1s C:\Program Files\tuEagles\I_l.dat
0.2s C:\Program Files\tuEagles\I_n.dat
3.3s C:\Windows\Prefetch\ANTIPORN233.EXE-AA8B8949.pf
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Help.lnk
43.5s C:\Windows\Prefetch\UPDATE.EXE-6E12D3A2.pf
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Review Screen Log.lnk
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Review URL Log.lnk
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Anti-Porn Setings.lnk
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Run Anti-Porn.lnk
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Uninstall Anti-Porn.lnk
43.5s C:\Windows\Retafte.bmp
43.7s C:\Windows\Prefetch\ICACLS.EXE-028E30CE.pf
43.8s C:\Windows\Prefetch\EGLSRV.EXE-FFDD5F42.pf
54.3s C:\Windows\Prefetch\EAGLESVR.EXE-8EA59540.pf
54.5s C:\Windows\Prefetch\IMG_RECO.EXE-C57CCBFC.pf
54.8s C:\Windows\Prefetch\EGLABOUT.EXE-E73763AA.pf
74.5s C:\Windows\Prefetch\EGLR.EXE-0C1A9C25.pf

C:\Program Files\tuEagles\opencv_imgproc243.dll
Size . . . . . . . : 2 134 016 bytes
Age . . . . . . . : 5.0 days (2016-01-22 00:47:25)
Entropy . . . . . : 6.6
SHA-256 . . . . . : BD0D4B27D6A82EB0FEB9F2830F7DF307B801F7FCCE1030EB0583AC9C8108B5C2
Fuzzy . . . . . . : 25.0
File belongs to an identified security risk.
The hidden file attribute bit is set. This is not common to most programs.
Program is running but currently exposes no human-computer interface (GUI).
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
The file is in use by one or more active processes.
Forensic Cluster
-9.9s C:\Windows\Prefetch\VERCLSID.EXE-4D95F5A7.pf
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\
-1.7s C:\Program Files\tuEagles\
-1.7s C:\Program Files\tuEagles\control.exe
-1.7s C:\Program Files\tuEagles\desktop.ini
-1.6s C:\Program Files\tuEagles\eagleh.ini
-1.6s C:\Program Files\tuEagles\Flt32.dll
-1.6s C:\Program Files\tuEagles\EagleP.dll
-1.5s C:\Program Files\tuEagles\eglsrv.exe
-1.5s C:\Program Files\tuEagles\EagleR.dll
-1.5s C:\Program Files\tuEagles\EagleRes.dll
-1.5s C:\Program Files\tuEagles\Eagles.tdb
-1.4s C:\Program Files\tuEagles\eaglesvr.exe
-1.4s C:\Program Files\tuEagles\EagleSvr.log
-1.4s C:\Windows\Prefetch\CACLS.EXE-1F538DC1.pf
-1.4s C:\Program Files\tuEagles\EagleT.dll
-1.3s C:\Program Files\tuEagles\Egllogin.dll
-1.3s C:\Program Files\tuEagles\EglScrn.dll
-1.3s C:\Program Files\tuEagles\Eglsetu1.exe
-1.2s C:\Program Files\tuEagles\Forbid.htm
-1.2s C:\Program Files\tuEagles\Forbid_url.htm
-1.2s C:\Program Files\tuEagles\time_limit.htm
-1.1s C:\Program Files\tuEagles\only_white.htm
-1.1s C:\Program Files\tuEagles\help.chm
-1.1s C:\Program Files\tuEagles\logview.exe
-1.0s C:\Program Files\tuEagles\Setup.ini
-1.0s C:\Program Files\tuEagles\ssview.exe
-1.0s C:\Program Files\tuEagles\sxdomain.dat
-1.0s C:\Program Files\tuEagles\Update.dat
-0.9s C:\Program Files\tuEagles\Update.exe
-0.9s C:\Program Files\tuEagles\EglAgent.exe
-0.9s C:\Program Files\tuEagles\agent1.gif
-0.8s C:\Program Files\tuEagles\agent2.gif
-0.8s C:\Program Files\tuEagles\agent3.gif
-0.8s C:\Program Files\tuEagles\agent4.gif
-0.7s C:\Program Files\tuEagles\logo.jpg
-0.7s C:\Program Files\tuEagles\egldrv.sys
-0.7s C:\Program Files\tuEagles\EglR.exe
-0.6s C:\Program Files\tuEagles\EagleObj.dll
-0.6s C:\Program Files\tuEagles\PngRes.dll
-0.6s C:\Program Files\tuEagles\uninst.exe
-0.5s C:\Program Files\tuEagles\eglabout.exe
-0.5s C:\Program Files\tuEagles\parent.ico
-0.5s C:\Program Files\tuEagles\kids.ico
-0.4s C:\Program Files\tuEagles\eagleprx.exe
-0.4s C:\Program Files\tuEagles\flt64.dll
-0.4s C:\Program Files\tuEagles\BWK.dat
-0.3s C:\Program Files\tuEagles\eglfs.sys
-0.3s C:\Program Files\tuEagles\eglfs64.sys
-0.3s C:\Program Files\tuEagles\EglNokl.sys
-0.3s C:\Program Files\tuEagles\EglNokl64.sys
-0.2s C:\Program Files\tuEagles\eglps.sys
-0.2s C:\Program Files\tuEagles\eglps64.sys
-0.2s C:\Windows\NFCHS.exe
-0.1s C:\Program Files\tuEagles\img_reco.exe
-0.1s C:\Program Files\tuEagles\img_reco_lang.dat
-0.1s C:\Program Files\tuEagles\opencv_objdetect243.dll
-0.0s C:\Program Files\tuEagles\opencv_highgui243.dll
0.0s C:\Program Files\tuEagles\opencv_imgproc243.dll
0.0s C:\Program Files\tuEagles\opencv_core243.dll
0.1s C:\Program Files\tuEagles\1.wmv
0.1s C:\Program Files\tuEagles\I_l.dat
0.1s C:\Program Files\tuEagles\I_n.dat
3.2s C:\Windows\Prefetch\ANTIPORN233.EXE-AA8B8949.pf
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Help.lnk
43.5s C:\Windows\Prefetch\UPDATE.EXE-6E12D3A2.pf
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Review Screen Log.lnk
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Review URL Log.lnk
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Anti-Porn Setings.lnk
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Run Anti-Porn.lnk
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Uninstall Anti-Porn.lnk
43.5s C:\Windows\Retafte.bmp
43.7s C:\Windows\Prefetch\ICACLS.EXE-028E30CE.pf
43.8s C:\Windows\Prefetch\EGLSRV.EXE-FFDD5F42.pf
54.2s C:\Windows\Prefetch\EAGLESVR.EXE-8EA59540.pf
54.4s C:\Windows\Prefetch\IMG_RECO.EXE-C57CCBFC.pf
54.8s C:\Windows\Prefetch\EGLABOUT.EXE-E73763AA.pf
74.4s C:\Windows\Prefetch\EGLR.EXE-0C1A9C25.pf

C:\Program Files\tuEagles\opencv_objdetect243.dll
Size . . . . . . . : 889 856 bytes
Age . . . . . . . : 5.0 days (2016-01-22 00:47:25)
Entropy . . . . . : 6.7
SHA-256 . . . . . : 117609AF4FB9B253F07498449EAE04D942706FBF5645D39B9D3E7E758FE5ED63
Fuzzy . . . . . . : 25.0
File belongs to an identified security risk.
The hidden file attribute bit is set. This is not common to most programs.
Program is running but currently exposes no human-computer interface (GUI).
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
The file is in use by one or more active processes.
Forensic Cluster
-9.9s C:\Windows\Prefetch\VERCLSID.EXE-4D95F5A7.pf
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\
-8.3s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\
-1.7s C:\Program Files\tuEagles\
-1.7s C:\Program Files\tuEagles\control.exe
-1.6s C:\Program Files\tuEagles\desktop.ini
-1.6s C:\Program Files\tuEagles\eagleh.ini
-1.5s C:\Program Files\tuEagles\Flt32.dll
-1.5s C:\Program Files\tuEagles\EagleP.dll
-1.5s C:\Program Files\tuEagles\eglsrv.exe
-1.5s C:\Program Files\tuEagles\EagleR.dll
-1.4s C:\Program Files\tuEagles\EagleRes.dll
-1.4s C:\Program Files\tuEagles\Eagles.tdb
-1.4s C:\Program Files\tuEagles\eaglesvr.exe
-1.3s C:\Program Files\tuEagles\EagleSvr.log
-1.3s C:\Windows\Prefetch\CACLS.EXE-1F538DC1.pf
-1.3s C:\Program Files\tuEagles\EagleT.dll
-1.3s C:\Program Files\tuEagles\Egllogin.dll
-1.2s C:\Program Files\tuEagles\EglScrn.dll
-1.2s C:\Program Files\tuEagles\Eglsetu1.exe
-1.2s C:\Program Files\tuEagles\Forbid.htm
-1.1s C:\Program Files\tuEagles\Forbid_url.htm
-1.1s C:\Program Files\tuEagles\time_limit.htm
-1.1s C:\Program Files\tuEagles\only_white.htm
-1.0s C:\Program Files\tuEagles\help.chm
-1.0s C:\Program Files\tuEagles\logview.exe
-1.0s C:\Program Files\tuEagles\Setup.ini
-1.0s C:\Program Files\tuEagles\ssview.exe
-0.9s C:\Program Files\tuEagles\sxdomain.dat
-0.9s C:\Program Files\tuEagles\Update.dat
-0.9s C:\Program Files\tuEagles\Update.exe
-0.8s C:\Program Files\tuEagles\EglAgent.exe
-0.8s C:\Program Files\tuEagles\agent1.gif
-0.8s C:\Program Files\tuEagles\agent2.gif
-0.7s C:\Program Files\tuEagles\agent3.gif
-0.7s C:\Program Files\tuEagles\agent4.gif
-0.7s C:\Program Files\tuEagles\logo.jpg
-0.6s C:\Program Files\tuEagles\egldrv.sys
-0.6s C:\Program Files\tuEagles\EglR.exe
-0.6s C:\Program Files\tuEagles\EagleObj.dll
-0.5s C:\Program Files\tuEagles\PngRes.dll
-0.5s C:\Program Files\tuEagles\uninst.exe
-0.5s C:\Program Files\tuEagles\eglabout.exe
-0.4s C:\Program Files\tuEagles\parent.ico
-0.4s C:\Program Files\tuEagles\kids.ico
-0.4s C:\Program Files\tuEagles\eagleprx.exe
-0.3s C:\Program Files\tuEagles\flt64.dll
-0.3s C:\Program Files\tuEagles\BWK.dat
-0.3s C:\Program Files\tuEagles\eglfs.sys
-0.3s C:\Program Files\tuEagles\eglfs64.sys
-0.2s C:\Program Files\tuEagles\EglNokl.sys
-0.2s C:\Program Files\tuEagles\EglNokl64.sys
-0.2s C:\Program Files\tuEagles\eglps.sys
-0.1s C:\Program Files\tuEagles\eglps64.sys
-0.1s C:\Windows\NFCHS.exe
-0.1s C:\Program Files\tuEagles\img_reco.exe
-0.0s C:\Program Files\tuEagles\img_reco_lang.dat
0.0s C:\Program Files\tuEagles\opencv_objdetect243.dll
0.0s C:\Program Files\tuEagles\opencv_highgui243.dll
0.1s C:\Program Files\tuEagles\opencv_imgproc243.dll
0.1s C:\Program Files\tuEagles\opencv_core243.dll
0.1s C:\Program Files\tuEagles\1.wmv
0.2s C:\Program Files\tuEagles\I_l.dat
0.2s C:\Program Files\tuEagles\I_n.dat
3.3s C:\Windows\Prefetch\ANTIPORN233.EXE-AA8B8949.pf
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\
43.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Help.lnk
43.5s C:\Windows\Prefetch\UPDATE.EXE-6E12D3A2.pf
43.6s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Review Screen Log.lnk
43.6s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Review URL Log.lnk
43.6s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Anti-Porn Setings.lnk
43.6s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Run Anti-Porn.lnk
43.6s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Uninstall Anti-Porn.lnk
43.6s C:\Windows\Retafte.bmp
43.8s C:\Windows\Prefetch\ICACLS.EXE-028E30CE.pf
43.9s C:\Windows\Prefetch\EGLSRV.EXE-FFDD5F42.pf
54.3s C:\Windows\Prefetch\EAGLESVR.EXE-8EA59540.pf
54.5s C:\Windows\Prefetch\IMG_RECO.EXE-C57CCBFC.pf
54.8s C:\Windows\Prefetch\EGLABOUT.EXE-E73763AA.pf
74.5s C:\Windows\Prefetch\EGLR.EXE-0C1A9C25.pf

C:\Program Files\tuEagles\PngRes.dll
Size . . . . . . . : 423 304 bytes
Age . . . . . . . : 5.0 days (2016-01-22 00:47:25)
Entropy . . . . . : 8.0
SHA-256 . . . . . : F1870A965538CCC151A990B684E0291E1DAECD1962FEDBE04014BDDBE7B3CCDB
RSA Key Size . . . : 1024
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
File belongs to an identified security risk.
The hidden file attribute bit is set. This is not common to most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
The file is in use by one or more active processes.
Program is code signed with a valid Authenticode certificate.
Forensic Cluster
-9.3s C:\Windows\Prefetch\VERCLSID.EXE-4D95F5A7.pf
-7.7s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\
-7.7s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\
-7.7s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\
-7.7s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\
-7.7s C:\Users\TECHNOLOGY\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\
-1.1s C:\Program Files\tuEagles\
-1.1s C:\Program Files\tuEagles\control.exe
-1.1s C:\Program Files\tuEagles\desktop.ini
-1.0s C:\Program Files\tuEagles\eagleh.ini
-1.0s C:\Program Files\tuEagles\Flt32.dll
-1.0s C:\Program Files\tuEagles\EagleP.dll
-1.0s C:\Program Files\tuEagles\eglsrv.exe
-0.9s C:\Program Files\tuEagles\EagleR.dll
-0.9s C:\Program Files\tuEagles\EagleRes.dll
-0.9s C:\Program Files\tuEagles\Eagles.tdb
-0.8s C:\Program Files\tuEagles\eaglesvr.exe
-0.8s C:\Program Files\tuEagles\EagleSvr.log
-0.8s C:\Windows\Prefetch\CACLS.EXE-1F538DC1.pf
-0.8s C:\Program Files\tuEagles\EagleT.dll
-0.7s C:\Program Files\tuEagles\Egllogin.dll
-0.7s C:\Program Files\tuEagles\EglScrn.dll
-0.7s C:\Program Files\tuEagles\Eglsetu1.exe
-0.6s C:\Program Files\tuEagles\Forbid.htm
-0.6s C:\Program Files\tuEagles\Forbid_url.htm
-0.6s C:\Program Files\tuEagles\time_limit.htm
-0.5s C:\Program Files\tuEagles\only_white.htm
-0.5s C:\Program Files\tuEagles\help.chm
-0.5s C:\Program Files\tuEagles\logview.exe
-0.5s C:\Program Files\tuEagles\Setup.ini
-0.4s C:\Program Files\tuEagles\ssview.exe
-0.4s C:\Program Files\tuEagles\sxdomain.dat
-0.4s C:\Program Files\tuEagles\Update.dat
-0.3s C:\Program Files\tuEagles\Update.exe
-0.3s C:\Program Files\tuEagles\EglAgent.exe
-0.3s C:\Program Files\tuEagles\agent1.gif
-0.2s C:\Program Files\tuEagles\agent2.gif
-0.2s C:\Program Files\tuEagles\agent3.gif
-0.2s C:\Program Files\tuEagles\agent4.gif
-0.1s C:\Program Files\tuEagles\logo.jpg
-0.1s C:\Program Files\tuEagles\egldrv.sys
-0.1s C:\Program Files\tuEagles\EglR.exe
-0.0s C:\Program Files\tuEagles\EagleObj.dll
0.0s C:\Program Files\tuEagles\PngRes.dll
0.0s C:\Program Files\tuEagles\uninst.exe
0.1s C:\Program Files\tuEagles\eglabout.exe
0.1s C:\Program Files\tuEagles\parent.ico
0.1s C:\Program Files\tuEagles\kids.ico
0.2s C:\Program Files\tuEagles\eagleprx.exe
0.2s C:\Program Files\tuEagles\flt64.dll
0.2s C:\Program Files\tuEagles\BWK.dat
0.3s C:\Program Files\tuEagles\eglfs.sys
0.3s C:\Program Files\tuEagles\eglfs64.sys
0.3s C:\Program Files\tuEagles\EglNokl.sys
0.3s C:\Program Files\tuEagles\EglNokl64.sys
0.4s C:\Program Files\tuEagles\eglps.sys
0.4s C:\Program Files\tuEagles\eglps64.sys
0.4s C:\Windows\NFCHS.exe
0.5s C:\Program Files\tuEagles\img_reco.exe
0.5s C:\Program Files\tuEagles\img_reco_lang.dat
0.5s C:\Program Files\tuEagles\opencv_objdetect243.dll
0.6s C:\Program Files\tuEagles\opencv_highgui243.dll
0.6s C:\Program Files\tuEagles\opencv_imgproc243.dll
0.6s C:\Program Files\tuEagles\opencv_core243.dll
0.7s C:\Program Files\tuEagles\1.wmv
0.7s C:\Program Files\tuEagles\I_l.dat
0.7s C:\Program Files\tuEagles\I_n.dat
3.8s C:\Windows\Prefetch\ANTIPORN233.EXE-AA8B8949.pf
44.1s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\
44.1s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Help.lnk
44.1s C:\Windows\Prefetch\UPDATE.EXE-6E12D3A2.pf
44.1s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Review Screen Log.lnk
44.1s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Review URL Log.lnk
44.1s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Anti-Porn Setings.lnk
44.1s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Run Anti-Porn.lnk
44.1s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn\Uninstall Anti-Porn.lnk
44.1s C:\Windows\Retafte.bmp
44.3s C:\Windows\Prefetch\ICACLS.EXE-028E30CE.pf
44.4s C:\Windows\Prefetch\EGLSRV.EXE-FFDD5F42.pf
54.8s C:\Windows\Prefetch\EAGLESVR.EXE-8EA59540.pf
55.0s C:\Windows\Prefetch\IMG_RECO.EXE-C57CCBFC.pf
55.3s C:\Windows\Prefetch\EGLABOUT.EXE-E73763AA.pf
75.0s C:\Windows\Prefetch\EGLR.EXE-0C1A9C25.pf

C:\Windows\system32\stdvcl32.dll
Size . . . . . . . : 346 560 bytes
Age . . . . . . . : 4.9 days (2016-01-22 01:44:10)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 709DF0AE2A15E14BFADF52D13BB178C8C2255001C35456ED89F55C0E81DDF188
Product . . . . . : Delphi standard VCL type library
Publisher . . . . : Borland International
Description . . . : Delphi standard VCL type library
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © Borland International 1996-97
RSA Key Size . . . : 512
LanguageID . . . . : 1033
Authenticode . . . : Self-signed
Fuzzy . . . . . . : 28.0
Program is code signed with a weak certificate. This is common to malware.
Program is code self-signed.
Time indicates that the file appeared recently on this computer.
The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.


Cookies _____________________________________________________________________

C:\Users\TECHNOLOGY\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net



[/code]

Publicité


Signaler le contenu de ce document

Publicité