cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : application/octet-stream

Prévisualisation

[code]
HitmanPro 3.7.15.281
www.hitmanpro.com

Computer name . . . . : KAMIKAZ
Windows . . . . . . . : 6.1.1.7601.X86/2
User name . . . . . . : KAMIKAZ\KAMIKAZ
UAC . . . . . . . . . : Disabled
License . . . . . . . : Trial (30 days left)

Scan date . . . . . . : 2016-12-14 23:14:43
Scan mode . . . . . . : Normal
Scan duration . . . . : 18m 10s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : Yes

Threats . . . . . . . : 1
Traces . . . . . . . : 20

Objects scanned . . . : 829 740
Files scanned . . . . : 34 152
Remnants scanned . . : 160 496 files / 635 092 keys

Malware _____________________________________________________________________

C:\Users\KAMIKAZ\Desktop\Desktop\Bureau\Dossiers\Nouveau dossier (5)\Nouveau dossier (3)\Disque amovible\myEGY.To.Update1.02.ERAGON\Crack\steam_api.dll -> Deleted
Size . . . . . . . : 1 380 868 bytes
Age . . . . . . . : 41.4 days (2016-11-03 14:30:11)
Entropy . . . . . : 7.7
SHA-256 . . . . . : 35EDD53232495926BAA5D595F4A37F53AFE9FCCC9F35E61173425E0C7CEF38E5
> HitmanPro . . . . : Mal/Generic-S
Fuzzy . . . . . . : 114.0


Suspicious files ____________________________________________________________

C:\Users\KAMIKAZ\Desktop\Desktop\Bureau\Dossiers\BoUaLeM AB3\incomplete\4152_a094020899_88.221.52.112_TCPxHTTP_0194.EXE
Size . . . . . . . : 15 585 952 bytes
Age . . . . . . . : 41.4 days (2016-11-03 14:26:01)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 063522EEE3912EB6CDC6D93BC94CC1BE6CAAAE68559C5B5445291E5F3E04AD6E
Product . . . . . : Microsoft Malware Protection
Publisher . . . . : Microsoft Corporation
Description . . . : AntiMalware Definition Update
Version . . . . . : 1.203.2523.0
Copyright . . . . : © Microsoft Corporation. All rights reserved.
RSA Key Size . . . : 2048
LanguageID . . . . : 1033
Authenticode . . . : Invalid
Fuzzy . . . . . . : 23.0
Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

C:\Users\KAMIKAZ\Desktop\Desktop\Bureau\Dossiers\BoUaLeM AB3\incomplete\4152_a094020b4f_54.230.79.128_TCPxHTTP_0442gup5setup.exe.EXE
Size . . . . . . . : 15 238 416 bytes
Age . . . . . . . : 41.4 days (2016-11-03 14:26:01)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 8A129A12FCC725FE7CAE56D6D1504BA3F8883FD3BEEF82D9B1ECAF81F676613B
RSA Key Size . . . : 2048
Authenticode . . . : Invalid
Fuzzy . . . . . . : 29.0
Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.

C:\Users\KAMIKAZ\Desktop\FRST.exe
Size . . . . . . . : 1 761 792 bytes
Age . . . . . . . : 0.3 days (2016-12-14 17:10:02)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 3157400629EB5821F60235C6335E39C932FF1FC4F5A8146B6FDC85101989B3BD
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.


Potential Unwanted Programs _________________________________________________

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\BCSShellMenuExt\ (Babylon) -> Deleted
HKLM\SOFTWARE\Classes\.bdc\ (Babylon) -> Deleted
HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\BCSShellMenuExt\ (Babylon) -> Deleted
HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\BCSShellMenuExt\ (Babylon) -> Deleted
HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/bdc\ (Babylon) -> Deleted
HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/bgl\ (Babylon) -> Deleted
HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/bof\ (Babylon) -> Deleted
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ (Babylon) -> Deleted
HKU\.DEFAULT\Software\Microsoft\Office\Excel\Addins\BabylonOfficeAddin.OfficeAddin\ (Babylon) -> Deleted
HKU\.DEFAULT\Software\Microsoft\Office\PowerPoint\Addins\BabylonOfficeAddin.OfficeAddin\ (Babylon) -> Deleted
HKU\.DEFAULT\Software\Microsoft\Office\Word\Addins\BabylonOfficeAddin.OfficeAddin\ (Babylon) -> Deleted
HKU\S-1-5-18\Software\Microsoft\Office\Excel\Addins\BabylonOfficeAddin.OfficeAddin\ (Babylon) -> PendingDelete
HKU\S-1-5-18\Software\Microsoft\Office\PowerPoint\Addins\BabylonOfficeAddin.OfficeAddin\ (Babylon) -> PendingDelete
HKU\S-1-5-18\Software\Microsoft\Office\Word\Addins\BabylonOfficeAddin.OfficeAddin\ (Babylon) -> PendingDelete
HKU\S-1-5-21-2240328502-4235292055-2088451052-1000\Software\Microsoft\Internet Explorer\LowRegistry\Extensions\CmdMapping\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} (Babylon) -> Deleted
HKU\S-1-5-21-2240328502-4235292055-2088451052-1000\Software\Microsoft\Office\Excel\Addins\BabylonOfficeAddin.OfficeAddin\ (Babylon) -> Deleted


[/code]

Publicité

Signaler le contenu de ce document

Publicité