HitmanPro-20170731-2255.log

Document joint : GGFv5ysoGTF_HitmanPro-20170731-2255.log

Cliquez pour partager vos propres fichiers

Format du document : application/octet-stream

Prévisualisation

[code]
HitmanPro 3.7.20.286
www.hitmanpro.com

Computer name . . . . : YOUNESJR-PC
Windows . . . . . . . : 6.1.1.7601.X86/4
User name . . . . . . : YOUNESJR-PC\YOUNESJR
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free

Scan date . . . . . . : 2017-07-31 22:48:37
Scan mode . . . . . . : Normal
Scan duration . . . . : 6m 14s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No

Threats . . . . . . . : 11
Traces . . . . . . . : 31

Objects scanned . . . : 1 267 731
Files scanned . . . . : 49 327
Remnants scanned . . : 363 422 files / 854 982 keys

Malware _____________________________________________________________________

C:\AdwCleaner\Quarantine\rQF69AzBla\msminer.exe
Size . . . . . . . : 1 490 432 bytes
Age . . . . . . . : 1.9 days (2017-07-30 00:43:54)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 7374051E75AE97BA687CD153927FACCD21FCDCC0B41A42867D38AC62064F6ABA
> Bitdefender . . . : Trojan.Generic.19781622
> Kaspersky . . . . : not-a-virus:RiskTool.Win32.BitCoinMiner.hzkc
> HitmanPro . . . . : Mal/Miner-C
Fuzzy . . . . . . : 116.0
Forensic Cluster
-10.4s C:\AdwCleaner\Quarantine\frAQBc8Wsa\
-6.3s C:\AdwCleaner\Quarantine\frAQBc8Wsa\conf.db
-6.3s C:\AdwCleaner\Quarantine\1xVPfvJcrg\
-5.0s C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.150.gthr
-5.0s C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.150.Crwl
-2.1s C:\AdwCleaner\Quarantine\RYwTiizs2t\
-1.7s C:\AdwCleaner\Quarantine\RYwTiizs2t\AVBoost.exe
-1.5s C:\AdwCleaner\Quarantine\RYwTiizs2t\unins000.dat
-1.0s C:\AdwCleaner\Quarantine\RYwTiizs2t\unins000.exe
-0.5s C:\AdwCleaner\Quarantine\RYwTiizs2t\uninstaller.exe.config
-0.1s C:\AdwCleaner\Quarantine\rQF69AzBla\
-0.1s C:\AdwCleaner\Quarantine\rQF69AzBla\isMiner.log
-0.1s C:\AdwCleaner\Quarantine\rQF69AzBla\minerstart.vbs
0.0s C:\AdwCleaner\Quarantine\rQF69AzBla\msminer.exe
0.9s C:\AdwCleaner\Quarantine\x3CF3EDNhm\
0.9s C:\AdwCleaner\Quarantine\x3CF3EDNhm\pchandller.exe
1.0s C:\AdwCleaner\Quarantine\x3CF3EDNhm\uninstaller.exe
1.3s C:\AdwCleaner\Quarantine\3soLBPh71Y\
1.4s C:\AdwCleaner\Quarantine\exuieaoEiI
1.4s C:\AdwCleaner\Quarantine\gxIX4a2dRE
1.4s C:\AdwCleaner\Quarantine\bbSqWy6yhK
1.5s C:\AdwCleaner\Quarantine\IDCdJOyapn
1.5s C:\AdwCleaner\Quarantine\xrpMCARCr4
1.6s C:\AdwCleaner\Quarantine\sMlaZTXC1O
1.7s C:\AdwCleaner\Quarantine\8YFOGKjxRr
1.8s C:\AdwCleaner\Quarantine\JBdT3hVOfo
1.9s C:\AdwCleaner\Quarantine\aMeAjSWfch
2.0s C:\AdwCleaner\Quarantine\zMCk8R6BEu

C:\AdwCleaner\Quarantine\x3CF3EDNhm\uninstaller.exe
Size . . . . . . . : 273 408 bytes
Age . . . . . . . : 1.9 days (2017-07-30 00:43:55)
Entropy . . . . . : 7.0
SHA-256 . . . . . : 37AA535003770F59467B04BA6AD830C24D39A94D38A00EF9A006C5B544154D46
Needs elevation . : Yes
Product
Publisher
Description
Version . . . . . : 5.25.8.7
LanguageID . . . . : 0
> Bitdefender . . . : Trojan.GenericKD.12069884
Fuzzy . . . . . . : 105.0
Forensic Cluster
-11.4s C:\AdwCleaner\Quarantine\frAQBc8Wsa\
-7.3s C:\AdwCleaner\Quarantine\frAQBc8Wsa\conf.db
-7.3s C:\AdwCleaner\Quarantine\1xVPfvJcrg\
-6.0s C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.150.gthr
-6.0s C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.150.Crwl
-3.1s C:\AdwCleaner\Quarantine\RYwTiizs2t\
-2.7s C:\AdwCleaner\Quarantine\RYwTiizs2t\AVBoost.exe
-2.4s C:\AdwCleaner\Quarantine\RYwTiizs2t\unins000.dat
-1.9s C:\AdwCleaner\Quarantine\RYwTiizs2t\unins000.exe
-1.5s C:\AdwCleaner\Quarantine\RYwTiizs2t\uninstaller.exe.config
-1.1s C:\AdwCleaner\Quarantine\rQF69AzBla\
-1.1s C:\AdwCleaner\Quarantine\rQF69AzBla\isMiner.log
-1.1s C:\AdwCleaner\Quarantine\rQF69AzBla\minerstart.vbs
-1.0s C:\AdwCleaner\Quarantine\rQF69AzBla\msminer.exe
-0.1s C:\AdwCleaner\Quarantine\x3CF3EDNhm\
-0.1s C:\AdwCleaner\Quarantine\x3CF3EDNhm\pchandller.exe
0.0s C:\AdwCleaner\Quarantine\x3CF3EDNhm\uninstaller.exe
0.4s C:\AdwCleaner\Quarantine\3soLBPh71Y\
0.4s C:\AdwCleaner\Quarantine\exuieaoEiI
0.4s C:\AdwCleaner\Quarantine\gxIX4a2dRE
0.5s C:\AdwCleaner\Quarantine\bbSqWy6yhK
0.5s C:\AdwCleaner\Quarantine\IDCdJOyapn
0.6s C:\AdwCleaner\Quarantine\xrpMCARCr4
0.6s C:\AdwCleaner\Quarantine\sMlaZTXC1O
0.7s C:\AdwCleaner\Quarantine\8YFOGKjxRr
0.8s C:\AdwCleaner\Quarantine\JBdT3hVOfo
0.9s C:\AdwCleaner\Quarantine\aMeAjSWfch
1.0s C:\AdwCleaner\Quarantine\zMCk8R6BEu

C:\Users\YOUNESJR\AppData\Roaming\uTorrent\updates\3.4.9_43388.exe
Size . . . . . . . : 2 147 520 bytes
Age . . . . . . . : 138.9 days (2017-03-15 00:21:42)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 89722873520E16F57A6381C5AD01498F19FB35B1C89BC7DA9874D381C33AB62B
Product . . . . . : µTorrent
Publisher . . . . : BitTorrent Inc.
Description . . . : µTorrent
Version . . . . . : 3.4.9.43388
Copyright . . . . : ©2016 BitTorrent, Inc. All Rights Reserved.
RSA Key Size . . . : 2048
LanguageID . . . . : 1033
Authenticode . . . : Valid
> HitmanPro . . . . : Malware
Fuzzy . . . . . . : 101.0

C:\Users\YOUNESJR\AppData\Roaming\uTorrent\updates\3.5.0_43580.exe
Size . . . . . . . : 2 144 448 bytes
Age . . . . . . . : 113.0 days (2017-04-09 22:40:38)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 2BDD1B4013349975B1CF4FBC764E4D5ED7C01B39D9B0D5A20BE0A742634AE1D3
Product . . . . . : µTorrent
Publisher . . . . : BitTorrent Inc.
Description . . . : µTorrent
Version . . . . . : 3.5.0.43580
Copyright . . . . : ©2016 BitTorrent, Inc. All Rights Reserved.
RSA Key Size . . . : 2048
LanguageID . . . . : 1033
Authenticode . . . : Valid
> HitmanPro . . . . : Malware
Fuzzy . . . . . . : 101.0

C:\Users\YOUNESJR\AppData\Roaming\uTorrent\uTorrent.exe
Size . . . . . . . : 2 144 448 bytes
Age . . . . . . . : 166.4 days (2017-02-15 13:39:58)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 2BDD1B4013349975B1CF4FBC764E4D5ED7C01B39D9B0D5A20BE0A742634AE1D3
Product . . . . . : µTorrent
Publisher . . . . : BitTorrent Inc.
Description . . . : µTorrent
Version . . . . . : 3.5.0.43580
Copyright . . . . : ©2016 BitTorrent, Inc. All Rights Reserved.
RSA Key Size . . . : 2048
LanguageID . . . . : 1033
Authenticode . . . : Valid
> HitmanPro . . . . : Malware
Fuzzy . . . . . . : 101.0
References
C:\Users\YOUNESJR\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
C:\Users\YOUNESJR\Desktop\µTorrent.lnk

C:\Users\YOUNESJR\Downloads\Compressed\EmbratoriaG6.5.1\EmbratoriaG6.exe
Size . . . . . . . : 756 736 bytes
Age . . . . . . . : 168.1 days (2017-02-13 20:54:52)
Entropy . . . . . : 2.4
SHA-256 . . . . . : 7F557F727D966C95C318549EEACFCED912C417D938C7E55193C4ED9E9262D288
Needs elevation . : Yes
Product . . . . . : LuncherG6
Publisher
Description . . . : LuncherG6
Version . . . . . : 1.0.0.0
LanguageID . . . . : 0
> Bitdefender . . . : Gen:Variant.MSILPerseus.96877
Fuzzy . . . . . . : 103.0

C:\Users\YOUNESJR\Downloads\Compressed\EmbratoriaG6.5.1\libs.exe
Size . . . . . . . : 4 789 248 bytes
Age . . . . . . . : 146.1 days (2017-03-07 20:29:56)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 861951A1672F6FFA5729D91481D133A352EADE97B11D4D0F6F6B72FDA1DEE4FF
Product . . . . . : Embracore
Publisher
Description . . . : Embracore
Version . . . . . : 6.5.1.0
LanguageID . . . . : 0
> HitmanPro . . . . : Malware
Fuzzy . . . . . . : 106.0

C:\Users\YOUNESJR\Downloads\Compressed\EmbratoriaG6.5.1\libs_updated.exe
Size . . . . . . . : 4 795 904 bytes
Age . . . . . . . : 134.2 days (2017-03-19 17:22:36)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 2B5D9475A72E4CFAC74F462DEE9FC0F9931D976D6CC494DFE9451A4F5E7A2587
Product . . . . . : Embracore
Publisher . . . . : Embratoria
Description . . . : Embracore
Version . . . . . : 6.5.2.0
LanguageID . . . . : 0
> HitmanPro . . . . : Malware
Fuzzy . . . . . . : 103.0

C:\Users\YOUNESJR\Downloads\Compressed\EmbratoriaG6.5.2\EmbratoriaG6.exe
Size . . . . . . . : 756 736 bytes
Age . . . . . . . : 134.2 days (2017-03-19 17:19:46)
Entropy . . . . . : 2.4
SHA-256 . . . . . : 7F557F727D966C95C318549EEACFCED912C417D938C7E55193C4ED9E9262D288
Needs elevation . : Yes
Product . . . . . : LuncherG6
Publisher
Description . . . : LuncherG6
Version . . . . . : 1.0.0.0
LanguageID . . . . : 0
> Bitdefender . . . : Gen:Variant.MSILPerseus.96877
Fuzzy . . . . . . : 103.0

C:\Users\YOUNESJR\Downloads\Compressed\EmbratoriaG6.5.2\libs.exe
Size . . . . . . . : 4 794 880 bytes
Age . . . . . . . : 134.2 days (2017-03-19 17:19:46)
Entropy . . . . . : 7.8
SHA-256 . . . . . : BB09BED58482C258CA020E1BAC268137641D09C5ADCE5CAB65AEFE721D07B4BD
Product . . . . . : Embracore
Publisher . . . . : Embratoria
Description . . . : Embracore
Version . . . . . : 6.5.2.0
LanguageID . . . . : 0
> HitmanPro . . . . : Malware
Fuzzy . . . . . . : 103.0

C:\Users\YOUNESJR\Downloads\Programs\rkill-unsigned.exe
Size . . . . . . . : 1 780 224 bytes
Age . . . . . . . : 0.2 days (2017-07-31 18:11:27)
Entropy . . . . . : 6.6
SHA-256 . . . . . : 8C198B1C484085CD6F8FC66438025FACF9117B3B7A11A1CDF3BAB49562AC1678
Product . . . . . : Rkill
Publisher . . . . : Bleeping Computer, LLC
Description . . . : Terminates malware processes so that you can run your normal security programs.
Version . . . . . : 2.9.1
Copyright . . . . : © BleepingComputer.com. All rights reserved.
LanguageID . . . . : 1033
> Bitdefender . . . : Trojan.GenericKD.12064097
> Kaspersky . . . . : Trojan.Win32.Droma.abdf
> HitmanPro . . . . : Mal/Generic-S
Fuzzy . . . . . . : 102.0

Cookies _____________________________________________________________________

C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:262855726.log.optimizely.com
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:4177821143.log.optimizely.com
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:abmr.net
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrn.com
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsymptotic.com
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:agkn.com
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:bluekai.com
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:crwdcntrl.net
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:demdex.net
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:dynamicyield.com
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:imrworldwide.com
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:po.st
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com
C:\Users\YOUNESJR\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.trafficmarket.pro
C:\Users\YOUNESJR\AppData\Roaming\Microsoft\Windows\Cookies\5WF49X1E.txt
C:\Users\YOUNESJR\AppData\Roaming\Microsoft\Windows\Cookies\IUKNRLMN.txt

[/code]

Signaler le contenu de ce document