cjoint

Publicité


Publicité

Format du document : application/octet-stream

Prévisualisation

ÿþ[code]
HitmanPro 3.7.14.265
www.hitmanpro.com

Computer name . . . . : AKRAM-PC
Windows . . . . . . . : 6.1.1.7601.X64/4
User name . . . . . . : Akram-PC\Akram
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)

Scan date . . . . . . : 2016-06-18 03:11:38
Scan mode . . . . . . : Normal
Scan duration . . . . : 8m 4s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : Yes

Threats . . . . . . . : 2
Traces . . . . . . . : 40

Objects scanned . . . : 1,659,391
Files scanned . . . . : 35,878
Remnants scanned . . : 429,074 files / 1,194,439 keys

Malware _____________________________________________________________________

C:\Program Files (x86)\netcut\netcut.exe -> Deleted
Size . . . . . . . : 417,792 bytes
Age . . . . . . . : 3494.2 days (2006-11-23 21:33:10)
Entropy . . . . . : 5.0
SHA-256 . . . . . : 15BF0C701D928B9A4FE5F23F0CC1B40E96DC2264CAFD75E8EE6CFE85EF8B4623
Product . . . . . : Arcai.com's NetCut
Publisher . . . . : Arcai.com
Description . . . : NetCut Arp Spoof Application
Version . . . . . : 2.0.6.0
LanguageID . . . . : 2052
> Kaspersky . . . . : not-a-virus:NetTool.Win32.Netcut.a
Fuzzy . . . . . . : 100.0
References
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com\netcut.lnk

C:\Users\Akram\Downloads\Programs\CrossFire_NA.exe -> Deleted
Size . . . . . . . : 2,874,584 bytes
Age . . . . . . . : 1083.1 days (2013-07-01 01:28:56)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 98271B84DE649AEBB53E34CED9676E636EC566C4750844B684F9A6472D7B8950
Product . . . . . : PMB Downloader
Publisher . . . . : Pando Networks Inc.
Description . . . : Pando Media Booster Downloader
Version . . . . . : 1.0
Copyright . . . . : Copyright (c) Pando Networks 2010
RSA Key Size . . . : 2048
LanguageID . . . . : 1033
Authenticode . . . : Valid
> HitmanPro . . . . : Malware
Fuzzy . . . . . . : 101.0


Suspicious files ____________________________________________________________

C:\Users\Akram\AppData\Local\PunkBuster\FC3\pb\pbcl.dll -> Deleted
Size . . . . . . . : 953,886 bytes
Age . . . . . . . : 1227.0 days (2013-02-07 04:14:01)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.

C:\Users\Akram\AppData\Local\PunkBuster\FC3\pb\PnkBstrK.sys -> PendingDelete
Size . . . . . . . : 138,032 bytes
Age . . . . . . . : 1227.0 days (2013-02-07 04:14:15)
Entropy . . . . . : 7.8
SHA-256 . . . . . : ABAF3FACF01E10E4C685F79C3B9E5D2118B3CF8629C4277EBE035B2A10474148
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
Program is code signed with a valid Authenticode certificate.


Potential Unwanted Programs _________________________________________________

HKLM\SOFTWARE\Classes\CLSID\{BAF87BD0-A924-4108-AFA5-A5FA720A2E86}\ (MindSpark) -> Deleted
HKLM\SOFTWARE\Wow6432Node\Auslogics\Google Analytics Package\ (TweakBit) -> Deleted

Cookies _____________________________________________________________________

C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:262855726.log.optimizely.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:3338050995.log.optimizely.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:abmr.net
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:adobe.tt.omtrdc.net
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:bizrate.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:bluekai.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:cdn.taboola.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:crwdcntrl.net
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:ctnsnet.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:demdex.net
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:dmtracker.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:dpm.demdex.net
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:krxd.net
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:lijit.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:mathtag.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:mmstat.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:outbrain.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:po.st
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:rlcdn.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:simpli.fi
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:skimresources.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:taboola.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:trc.taboola.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:visualdna.com
C:\Users\Akram\AppData\Local\Google\Chrome\User Data\Default\Cookies:w55c.net
C:\Users\Akram\AppData\Roaming\Mozilla\Firefox\Profiles\xapwkzzo.default\cookies.sqlite:addthis.com
C:\Users\Akram\AppData\Roaming\Mozilla\Firefox\Profiles\xapwkzzo.default\cookies.sqlite:adobe.tt.omtrdc.net
C:\Users\Akram\AppData\Roaming\Mozilla\Firefox\Profiles\xapwkzzo.default\cookies.sqlite:demdex.net


[/code]

Publicité


Signaler le contenu de ce document

Publicité