HitmanPro-20161216-2110.log

Document joint : FLquldOy3dI_HitmanPro-20161216-2110.log

Cliquez pour partager vos propres fichiers

Format du document : application/octet-stream

Prévisualisation

[code]
HitmanPro 3.7.15.281
www.hitmanpro.com

Computer name . . . . : SERVER
Windows . . . . . . . : 6.1.1.7601.X64/2
User name . . . . . . : SERVER\SERVER
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)

Scan date . . . . . . : 2016-12-16 20:54:14
Scan mode . . . . . . : Normal
Scan duration . . . . : 9m 25s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : Yes

Threats . . . . . . . : 0
Traces . . . . . . . : 135

Objects scanned . . . : 1 320 562
Files scanned . . . . : 35 311
Remnants scanned . . : 260 368 files / 1 024 883 keys

Suspicious files ____________________________________________________________

C:\Users\SERVER\Desktop\FRST64.exe
Size . . . . . . . : 2 420 224 bytes
Age . . . . . . . : 1.0 days (2016-12-15 19:44:52)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 6BC88900020E928F2EA88503357CC8B182FF2015A88AF456AF3F2212BA73FE1E
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
References
HKU\S-1-5-21-444279093-2062295991-3838736036-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\SERVER\Desktop\FRST64.exe
Forensic Cluster
-1.0s C:\Users\SERVER\AppData\Roaming\IDM\DwnlData\SERVER\FRST64_931\
0.0s C:\Users\SERVER\Desktop\FRST64.exe

Potential Unwanted Programs _________________________________________________

HKLM\SOFTWARE\Classes\TypeLib\{DA624F8F-98BF-4B03-AD11-A12D07119E81}\ (Baidu) -> Deleted
HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{DA624F8F-98BF-4B03-AD11-A12D07119E81}\ (Baidu) -> PendingDelete

Cookies _____________________________________________________________________

C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:262855726.log.optimizely.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:abmr.net
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrn.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:adingo.jp
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.linkedin.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsymptotic.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidswitch.net
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:bluekai.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:crwdcntrl.net
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:demdex.net
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:dotomi.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:dpclk.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:dpm.demdex.net
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:googleadservices.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:gssprt.jp
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:krxd.net
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:mathtag.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:ml314.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:po.st
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:rfihub.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:rlcdn.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:sxp.smartclip.net
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:taboola.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:trc.taboola.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:visualdna.com
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:w55c.net
C:\Users\SERVER\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@ad.daum[1].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@ad.daum[3].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@ad.daum[4].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@bluekai[2].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@bluekai[3].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@scorecardresearch[2].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@scorecardresearch[3].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@taboola[1].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@taboola[3].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@taboola[4].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@trc.taboola[1].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@trc.taboola[2].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@trc.taboola[3].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@trc.taboola[4].txt
C:\Users\SERVER\AppData\Roaming\Microsoft\Windows\Cookies\server@trc.taboola[5].txt
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:4177821143.log.optimizely.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:ad.directrev.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:adaptv.advertising.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:adbrn.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:addthis.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:adfarm1.adition.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:adform.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:adingo.jp
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:adnxs.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:ads.stickyadstv.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:adscale.de
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:adserver.adreactor.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:adsrvr.org
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:adsymptotic.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:adtech.advertising.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:adtech.de
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:adtechus.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:advertising.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:agkn.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:atdmt.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:bidswitch.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:bluekai.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:casalemedia.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:chango.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:connexity.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:contextweb.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:crwdcntrl.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:d.adroll.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:demdex.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:dotomi.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:doubleclick.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:dpm.demdex.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:dsp.linksynergy.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:effectivemeasure.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:everesttech.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:go.sonobi.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:googleadservices.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:gwallet.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:ibeu2.mookie1.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:ih.adscale.de
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:imrworldwide.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:ipredictive.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:krxd.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:lijit.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:linksynergy.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:liverail.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:match.rundsp.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:mathtag.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:media6degrees.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:ml314.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:mookie1.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:mxptint.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:nexac.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:openx.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:owneriq.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:pagefair.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:pixel.rubiconproject.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:pubmatic.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:revsci.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:rfihub.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:rlcdn.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:ru4.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:rubiconproject.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:scorecardresearch.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:simpli.fi
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:smartadserver.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:statcounter.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:swid.switchads.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:sxp.smartclip.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:sync.go.sonobi.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:taboola.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:tap-secure.rubiconproject.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:tap.rubiconproject.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:tapad.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:tidaltv.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:trc.taboola.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:tremorhub.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:tribalfusion.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:tubemogul.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:turn.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:w55c.net
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:ww1097.smartadserver.com
C:\Users\SERVER\AppData\Roaming\Mozilla\Firefox\Profiles\w0jy8d21.default\cookies.sqlite:zedo.com

[/code]

Signaler le contenu de ce document