hitman

1. [code]
2. HitmanPro 3.7.9.216
3. www.hitmanpro.com
4.  
5. Computer name . . . . : KEVIN-PC
6. Windows . . . . . . . : 6.1.1.7601.X64/4
7. User name . . . . . . : Kevin-PC\Kevin
8. UAC . . . . . . . . . : Enabled
9. License . . . . . . . : Free
10.  
11. Scan date . . . . . . : 2014-04-24 14:17:44
12. Scan mode . . . . . . : Normal
13. Scan duration . . . . : 4m 22s
14. Disk access mode . . : Direct disk access (SRB)
15. Cloud . . . . . . . . : Internet
16. Reboot . . . . . . . : No
17.  
18. Threats . . . . . . . : 1
19. Traces . . . . . . . : 17
20.  
21. Objects scanned . . . : 1,750,913
22. Files scanned . . . . : 66,342
23. Remnants scanned . . : 484,461 files / 1,200,110 keys
24.  
25. Malware _____________________________________________________________________
26.  
27. C:\Windows\System32\sysprep\cryptbase.dll
28. Size . . . . . . . : 193,536 bytes
29. Age . . . . . . . : 2.8 days (2014-04-21 19:13:50)
30. Entropy . . . . . : 6.2
31. SHA-256 . . . . . : F86627DCF48FBB7A944F68AFFA673A8C816483D7233E47745E460DD2FC15A45D
32. Product . . . . . : Microsoft® Windows® Operating System
33. Publisher . . . . : Microsoft Corporation
34. Description . . . : Software installation Service
35. Version . . . . . : 6.1.7600.16385
36. Copyright . . . . : © Microsoft Corporation. All rights reserved.
37. > Kaspersky . . . . : Trojan.Win64.Rozena.rpcs
38. Fuzzy . . . . . . : 102.0
39. Forensic Cluster
40. 0.0s C:\Windows\System32\sysprep\cryptbase.dll
41. 0.5s C:\Windows\System32\sysprep\Panther\setuperr.log
42. 0.5s C:\Windows\System32\sysprep\Panther\diagerr.xml
43. 0.5s C:\Windows\System32\sysprep\Panther\diagwrn.xml
44. 0.5s C:\Windows\System32\sysprep\Panther\setupact.log
45. 0.5s C:\FRST\Quarantine\C\Windows\system32\kyen.eui.xBAD
46.  
47.  
48. Potential Unwanted Programs _________________________________________________
49.  
50. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (Sweetpacks)
51. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (Sweetpacks)
52. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (Sweetpacks)
53. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (Sweetpacks)
54.  
55. Cookies _____________________________________________________________________
56.  
57. C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\38Z1RAEZ.txt
58. C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\A3QDLSQW.txt
59. C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\E57ERQM6.txt
60. C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\LF4AMPDY.txt
61. C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\LOQQ6U1N.txt
62. C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\OQELLMJT.txt
63. C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\PI4B76DS.txt
64. C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\S9AZ7RNJ.txt
65. C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\SZNI0IF4.txt
66. C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\V09XLJF0.txt
67. C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\WKIEFQJ4.txt
68. C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\ehqfr476.default-1373654797431\cookies.sqlite:doubleclick.net
69.  
70.  
71. [/code]