Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [code]
- HitmanPro 3.7.9.216
- www.hitmanpro.com
- Computer name . . . . : KEVIN-PC
- Windows . . . . . . . : 6.1.1.7601.X64/4
- User name . . . . . . : Kevin-PC\Kevin
- UAC . . . . . . . . . : Enabled
- License . . . . . . . : Free
- Scan date . . . . . . : 2014-04-24 14:17:44
- Scan mode . . . . . . : Normal
- Scan duration . . . . : 4m 22s
- Disk access mode . . : Direct disk access (SRB)
- Cloud . . . . . . . . : Internet
- Reboot . . . . . . . : No
- Threats . . . . . . . : 1
- Traces . . . . . . . : 17
- Objects scanned . . . : 1,750,913
- Files scanned . . . . : 66,342
- Remnants scanned . . : 484,461 files / 1,200,110 keys
- Malware _____________________________________________________________________
- C:\Windows\System32\sysprep\cryptbase.dll
- Size . . . . . . . : 193,536 bytes
- Age . . . . . . . : 2.8 days (2014-04-21 19:13:50)
- Entropy . . . . . : 6.2
- SHA-256 . . . . . : F86627DCF48FBB7A944F68AFFA673A8C816483D7233E47745E460DD2FC15A45D
- Product . . . . . : Microsoft® Windows® Operating System
- Publisher . . . . : Microsoft Corporation
- Description . . . : Software installation Service
- Version . . . . . : 6.1.7600.16385
- Copyright . . . . : © Microsoft Corporation. All rights reserved.
- > Kaspersky . . . . : Trojan.Win64.Rozena.rpcs
- Fuzzy . . . . . . : 102.0
- Forensic Cluster
- 0.0s C:\Windows\System32\sysprep\cryptbase.dll
- 0.5s C:\Windows\System32\sysprep\Panther\setuperr.log
- 0.5s C:\Windows\System32\sysprep\Panther\diagerr.xml
- 0.5s C:\Windows\System32\sysprep\Panther\diagwrn.xml
- 0.5s C:\Windows\System32\sysprep\Panther\setupact.log
- 0.5s C:\FRST\Quarantine\C\Windows\system32\kyen.eui.xBAD
- Potential Unwanted Programs _________________________________________________
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (Sweetpacks)
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (Sweetpacks)
- HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (Sweetpacks)
- HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (Sweetpacks)
- Cookies _____________________________________________________________________
- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\38Z1RAEZ.txt
- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\A3QDLSQW.txt
- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\E57ERQM6.txt
- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\LF4AMPDY.txt
- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\LOQQ6U1N.txt
- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\OQELLMJT.txt
- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\PI4B76DS.txt
- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\S9AZ7RNJ.txt
- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\SZNI0IF4.txt
- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\V09XLJF0.txt
- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\WKIEFQJ4.txt
- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\ehqfr476.default-1373654797431\cookies.sqlite:doubleclick.net
- [/code]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement