HitmanPro-20171006-2130.log

Document joint : GJgvOJDWxXs_HitmanPro-20171006-2130.log

Cliquez pour partager vos propres fichiers

Format du document : application/octet-stream

Prévisualisation

[code]
HitmanPro 3.7.20.286
www.hitmanpro.com

Computer name . . . . : PCQ-PC
Windows . . . . . . . : 6.1.1.7601.X86/2
User name . . . . . . : PCQ-PC\PC Q
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (31 days left)

Scan date . . . . . . : 2017-10-06 21:17:08
Scan mode . . . . . . : Normal
Scan duration . . . . : 9m 0s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No

Threats . . . . . . . : 2
Traces . . . . . . . : 19

Objects scanned . . . : 817 086
Files scanned . . . . : 25 422
Remnants scanned . . : 163 644 files / 628 020 keys

Malware _____________________________________________________________________

C:\Users\PC Q\Downloads\Music\Programs\BenVista_PhotoZoom_Pro_7.0.8_Crack.exe -> Deleted
Size . . . . . . . : 532 112 bytes
Age . . . . . . . : 36.9 days (2017-08-31 00:20:02)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 3A09786E0BEDCF8B66756E5C3F1DD567CBD9C8C5F43D8D55C4650490085397F6
Product . . . . . : lTdFkHTzCqg7Dbzl
Publisher . . . . :
Description . . . : lTdFkHTzCqg7Dbzl Setup
Version
LanguageID . . . . : 0
> Bitdefender . . . : Gen:Variant.Razy.219416
> HitmanPro . . . . : App/Generic-FG
Fuzzy . . . . . . : 111.0

C:\Users\PC Q\Downloads\Programs\rkill-unsigned_2.exe -> Deleted
Size . . . . . . . : 1 780 224 bytes
Age . . . . . . . : 0.1 days (2017-10-06 19:10:02)
Entropy . . . . . : 6.6
SHA-256 . . . . . : 8C198B1C484085CD6F8FC66438025FACF9117B3B7A11A1CDF3BAB49562AC1678
Product . . . . . : Rkill
Publisher . . . . : Bleeping Computer, LLC
Description . . . : Terminates malware processes so that you can run your normal security programs.
Version . . . . . : 2.9.1
Copyright . . . . : © BleepingComputer.com. All rights reserved.
LanguageID . . . . : 1033
> Bitdefender . . . : Trojan.GenericKD.12064097
> Kaspersky . . . . : Trojan.Win32.Droma.abdl
> HitmanPro . . . . : Mal/Generic-S
Fuzzy . . . . . . : 102.0
Forensic Cluster
-2.9s C:\Users\PC Q\AppData\Roaming\IDM\DwnlData\PC Q\rkill-unsigned_361\
-0.2s C:\Users\PC Q\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MMVL3OAH\wpad[1].dat
0.0s C:\Users\PC Q\Downloads\Programs\rkill-unsigned_2.exe
7.4s C:\Users\PC Q\Downloads\Programs\

Suspicious files ____________________________________________________________

C:\Users\PC Q\Desktop\FRST.exe
Size . . . . . . . : 1 792 512 bytes
Age . . . . . . . : 27.5 days (2017-09-09 09:04:27)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 67CE0D2256326FA562A3E86D17EC1B829DF3D4BCE40D196108BBBA4027984D7A
Needs elevation . : Yes
Fuzzy . . . . . . : 22.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Forensic Cluster
-2.7s C:\Users\PC Q\AppData\Roaming\IDM\DwnlData\PC Q\FRST_220\
0.0s C:\Users\PC Q\Desktop\FRST.exe

Cookies _____________________________________________________________________

C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsymptotic.com
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:angsrvr.com
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidswitch.net
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:bluekai.com
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:crwdcntrl.net
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:cw.addthis.com
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:lijit.com
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:mmstat.com
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:outbrain.com
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:rlcdn.com
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:simpli.fi
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:taboola.com
C:\Users\PC Q\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com

[/code]

Signaler le contenu de ce document