HitmanPro-20170701-0157.log

Document joint : GGbc6hdRI1a_HitmanPro-20170701-0157.log

Cliquez pour partager vos propres fichiers

Format du document : application/octet-stream

Prévisualisation

[code]
HitmanPro 3.7.20.286
www.hitmanpro.com

Computer name . . . . : A_MAHDI_-PC
Windows . . . . . . . : 6.1.1.7601.X86/2
User name . . . . . . : A_Mahdi_-PC\A_Mahdi_
UAC . . . . . . . . . : Disabled
License . . . . . . . : Free

Scan date . . . . . . : 2017-07-01 01:41:18
Scan mode . . . . . . : Normal
Scan duration . . . . : 15m 42s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No

Threats . . . . . . . : 4
Traces . . . . . . . : 10

Objects scanned . . . : 1 179 599
Files scanned . . . . : 21 546
Remnants scanned . . : 200 917 files / 957 136 keys

Malware _____________________________________________________________________

C:\Users\A_Mahdi_\Desktop\TV\EmbratoriaG6.5.2\EmbratoriaG6.exe
Size . . . . . . . : 756 736 bytes
Age . . . . . . . : 0.6 days (2017-06-30 11:01:07)
Entropy . . . . . : 2.4
SHA-256 . . . . . : 7F557F727D966C95C318549EEACFCED912C417D938C7E55193C4ED9E9262D288
Needs elevation . : Yes
Product . . . . . : LuncherG6
Publisher
Description . . . : LuncherG6
Version . . . . . : 1.0.0.0
LanguageID . . . . : 0
> Bitdefender . . . : Gen:Variant.MSILPerseus.96877
Fuzzy . . . . . . : 105.0

C:\Users\A_Mahdi_\Desktop\TV\EmbratoriaG6\EmbratoriaG6.exe
Size . . . . . . . : 756 736 bytes
Age . . . . . . . : 0.6 days (2017-06-30 11:01:07)
Entropy . . . . . : 2.4
SHA-256 . . . . . : 8F9E107D286630F9DFBB0C1133FC72EAF4443362722A458F4AB5B94065F52C2A
Needs elevation . : Yes
Product . . . . . : LuncherG6
Publisher
Description . . . : LuncherG6
Version . . . . . : 1.0.0.0
LanguageID . . . . : 0
> Bitdefender . . . : Gen:Variant.MSILPerseus.96877
Fuzzy . . . . . . : 105.0

C:\Users\A_Mahdi_\Desktop\TV\EmbratoriaG7\EmbratoriaG7.exe
Size . . . . . . . : 756 736 bytes
Age . . . . . . . : 0.6 days (2017-06-30 11:01:08)
Entropy . . . . . : 2.4
SHA-256 . . . . . : 709479009AB2017FCD7377E1479AC1554EB6633999BD5C504D3B6C0D30E4712A
Needs elevation . : Yes
Product . . . . . : LuncherG6
LanguageID . . . . : 0
> Bitdefender . . . : Gen:Variant.MSILPerseus.96877
Fuzzy . . . . . . : 108.0

C:\Users\A_Mahdi_\Desktop\'D3F) 'D.'E3)\D.N.A 5AP\islam\anbeye.exe
Size . . . . . . . : 4 590 037 bytes
Age . . . . . . . : 0.6 days (2017-06-30 11:04:14)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 851B84D138424F3A80917213A7278A11881496BB7851B648E8AE9597A9C3FC11
Product . . . . . : eBook Workshop
Publisher . . . . : Ada99.com
Description . . . : eBook Workshop
Version . . . . . : 1.4.0.0
Copyright . . . . : Copyright (C) 2002-2003 Ada99.com
LanguageID . . . . : 1033
> Bitdefender . . . : Spyware.9379
Fuzzy . . . . . . : 105.0

Suspicious files ____________________________________________________________

C:\Program Files\MediatekWiFi\Common\ApUI.exe
Size . . . . . . . : 9 509 008 bytes
Age . . . . . . . : 1.1 days (2017-06-29 22:55:35)
Entropy . . . . . : 5.0
SHA-256 . . . . . : 76FA05F7D3761E3C9555225CCDCEF979A6D9B438CF209B58B206AFA10B8367B7
Product . . . . . : ApUI Application
Publisher . . . . : Mediatek Inc.
Description . . . : Mediatek Wireless Access Point Utility
Version . . . . . : 5.0.6.5
Copyright . . . . : (c) Copyright 2014, Mediatek Inc. All rights reserved.
RSA Key Size . . . : 2048
LanguageID . . . . : 1033
Authenticode . . . : Invalid
Fuzzy . . . . . . : 28.0
Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
File belongs to an identified security risk.
Time indicates that the file appeared recently on this computer.

C:\Program Files\MediatekWiFi\Common\RaUI.exe
Size . . . . . . . : 15 624 336 bytes
Age . . . . . . . : 1.1 days (2017-06-29 22:55:44)
Entropy . . . . . : 5.4
SHA-256 . . . . . : 79847790732D79889FA13012C1D660AD081CB898A73A1CE3856583AE22196093
Product . . . . . : RaUI Application
Publisher . . . . : Mediatek Inc.
Description . . . : Mediatek Wireless LAN Card Utility
Version . . . . . : 5.0.9.19
Copyright . . . . : (c) Copyright 2014, Mediatek Inc. All rights reserved.
RSA Key Size . . . : 2048
Parent Name . . . : C:\Windows\Explorer.EXE
LanguageID . . . . : 1033
Authenticode . . . : Invalid
Running processes : 3076
Fuzzy . . . . . . : 34.0
Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
Uses the Startup folder in the Start Menu to run each time the user logs on.
Program is running but currently exposes no human-computer interface (GUI).
Program starts automatically without user intervention.
Time indicates that the file appeared recently on this computer.
The file is in use by one or more active processes.
Startup
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mediatek Wireless Utility.lnk
References
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mediatek Wireless\Mediatek Wireless Utility.lnk

C:\Users\A_Mahdi_\Desktop\*9DE 'DD:) 'DA1F3J) H'D'FDJ,2J)\'DD:) 'DA1F3J)\(1'E,\B'EH3\speech\lhttsgrm.exe
Size . . . . . . . : 2 296 520 bytes
Age . . . . . . . : 0.6 days (2017-06-30 11:08:55)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 23091FA678F994B8EE848779CD8B119565997A785CD5FDB8773395921BEEDE9C
Product . . . . . : Betriebssystem Microsoft(R) Windows NT(R)
Publisher . . . . : Microsoft Corporation
Description . . . : Win32 Cabinet Self-Extractor
Version . . . . . : 4.72.3110.0
RSA Key Size . . . : 1024
LanguageID . . . . : 1031
Authenticode . . . : Invalid
Fuzzy . . . . . . : 30.0
Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.

[/code]

Signaler le contenu de ce document