cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : application/octet-stream

Prévisualisation

[code]
HitmanPro 3.7.15.281
www.hitmanpro.com

Computer name . . . . : YONDAIME-PC
Windows . . . . . . . : 6.1.1.7601.X64/2
User name . . . . . . : Yondaime-PC\Yondaime
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free

Scan date . . . . . . : 2017-01-05 19:31:26
Scan mode . . . . . . : Normal
Scan duration . . . . : 1m 53s
Disk access mode . . : Direct disk access (SPTI)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No

Threats . . . . . . . : 3
Traces . . . . . . . : 15

Objects scanned . . . : 979,599
Files scanned . . . . : 18,484
Remnants scanned . . : 139,136 files / 821,979 keys

Malware _____________________________________________________________________

C:\Users\Yondaime\Desktop\PS3 U\ps3tools\tools\BruteforceSaveData\tools\Cod MW3\DevComponents.DotNetBar2.dll
Size . . . . . . . : 663,552 bytes
Age . . . . . . . : 26.8 days (2016-12-09 23:55:59)
Entropy . . . . . : 6.9
SHA-256 . . . . . : 2E8FFE0C7397A0F19133B6167D4193C61D063F38633C735979B6B9C47F4600F4
Product . . . . . : DNGuard HVM Runtime Library
Publisher . . . . : ZiYuXuan Studio
Description . . . : DNGuard HVM Runtime Library
Version . . . . . : 3.6.0.1
LanguageID . . . . : 0
> Kaspersky . . . . : Trojan.MSIL.Agent.fmzg
Fuzzy . . . . . . : 100.0

C:\Users\Yondaime\Desktop\PS3 U\ps3tools\tools\ExtractPupPKG.exe
Size . . . . . . . : 87,552 bytes
Age . . . . . . . : 26.8 days (2016-12-09 23:55:11)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 71A8C88527E7AD61EBFB06B066A5AEDA392DE3BB58DBEE68F360A68CBE958AFC
Product . . . . . : ExtractPupPKG
Publisher . . . . : Aldo Vargas - http://www.aldostools.org
Description . . . : ExtractPupPKG
Version . . . . . : 1.01
Copyright . . . . : 2014 by aldostools.org
LanguageID . . . . : 1033
> Bitdefender . . . : Gen:Variant.Kazy.81325
Fuzzy . . . . . . : 108.0

C:\Users\Yondaime\Desktop\PS3 U\ps3tools\tools\ps3netsrv.exe
Size . . . . . . . : 184,334 bytes
Age . . . . . . . : 26.8 days (2016-12-09 23:55:17)
Entropy . . . . . : 5.7
SHA-256 . . . . . : FE88920985664E1C44000CE74640A6E6A4CE81CB17FE5FCD7A30EA467CECE84E
> Bitdefender . . . : Gen:Variant.Kazy.48398
Fuzzy . . . . . . : 106.0


Suspicious files ____________________________________________________________

C:\Users\Yondaime\Desktop\FRST64.exe
Size . . . . . . . : 2,418,176 bytes
Age . . . . . . . : 0.1 days (2017-01-05 18:19:11)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 7B1EAFF262CB947F39609AA61124E60FD28DCD3CCD592DA5826588D3ECDA1E8F
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
-1.1s C:\Users\Yondaime\AppData\Roaming\IDM\DwnlData\Yondaime\FRST64_554\
0.0s C:\Users\Yondaime\Desktop\FRST64.exe
2.2s C:\Users\Yondaime\AppData\Roaming\IDM\foldresHistory.txt


Cookies _____________________________________________________________________

C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com
C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\Default\Cookies:agkn.com
C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\Default\Cookies:effectivemeasure.net
C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\Default\Cookies:googleadservices.com
C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\Default\Cookies:gwallet.com
C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\Default\Cookies:mookie1.com
C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\Default\Cookies:po.st
C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com
C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com


[/code]

Publicité

Signaler le contenu de ce document

Publicité