Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
HitmanPro found something that MWB didn't
Message
<blockquote data-quote="elharris6_9" data-source="post: 143299" data-attributes="member: 7429"><p>[code]</p><p>HitmanPro 3.7.8.208</p><p>www.hitmanpro.com</p><p></p><p> Computer name . . . . : ZHOLTZ</p><p> Windows . . . . . . . : 6.1.1.7601.X64/2</p><p> User name . . . . . . : Zholtz\Tryjoniche</p><p> UAC . . . . . . . . . : Enabled</p><p> License . . . . . . . : Free</p><p></p><p> Scan date . . . . . . : 2013-11-07 12:24:08</p><p> Scan mode . . . . . . : Quick</p><p> Scan duration . . . . : 3m 17s</p><p> Disk access mode . . : Direct disk access (SRB)</p><p> Cloud . . . . . . . . : Internet</p><p> Reboot . . . . . . . : No</p><p></p><p> Threats . . . . . . . : 0</p><p> Traces . . . . . . . : 2</p><p></p><p> Objects scanned . . . : 3,531</p><p> Files scanned . . . . : 3,531</p><p> Remnants scanned . . : 0 files / 0 keys</p><p></p><p>Suspicious files ____________________________________________________________</p><p></p><p> C:\Users\Tryjoniche\AppData\Local\Temp\_ir_tu2_temp_0\Wow64.lmd</p><p> Size . . . . . . . : 91,440 bytes</p><p> Age . . . . . . . : 968.0 days (2011-03-15 11:47:28)</p><p> Entropy . . . . . : 7.9</p><p> SHA-256 . . . . . : 971412AADE4CF64028CC855A632DAD99831877C2C2D098F4573C312A4D139736</p><p> Product . . . . . : Wow64 Actions Plugin</p><p> Publisher . . . . : MindQuake Serviços de Informática Ltda.</p><p> Description . . . : Wow64 Actions Plugin</p><p> Version . . . . . : 1.0.3.3</p><p> Copyright . . . . : Copyright © 2010 MindQuake Serviços de Informática Ltda.</p><p> RSA Key Size . . . : 2048</p><p> Authenticode . . . : Self-signed</p><p> Fuzzy . . . . . . : 22.0</p><p> Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.</p><p> The file name extension of this program is not common.</p><p> The .rsrc (resources) section in this program is set to executable. This is an indication of malware infection.</p><p> Program is code self-signed.</p><p> The file is in use by one or more active processes.</p><p> Program contains PE structure anomalies. This is not typical for most programs.</p><p> Authors name is missing in version info. This is not common to most programs.</p><p></p><p></p><p></p><p>[/code]</p></blockquote><p></p>
[QUOTE="elharris6_9, post: 143299, member: 7429"] [code] HitmanPro 3.7.8.208 www.hitmanpro.com Computer name . . . . : ZHOLTZ Windows . . . . . . . : 6.1.1.7601.X64/2 User name . . . . . . : Zholtz\Tryjoniche UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2013-11-07 12:24:08 Scan mode . . . . . . : Quick Scan duration . . . . : 3m 17s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 2 Objects scanned . . . : 3,531 Files scanned . . . . : 3,531 Remnants scanned . . : 0 files / 0 keys Suspicious files ____________________________________________________________ C:\Users\Tryjoniche\AppData\Local\Temp\_ir_tu2_temp_0\Wow64.lmd Size . . . . . . . : 91,440 bytes Age . . . . . . . : 968.0 days (2011-03-15 11:47:28) Entropy . . . . . : 7.9 SHA-256 . . . . . : 971412AADE4CF64028CC855A632DAD99831877C2C2D098F4573C312A4D139736 Product . . . . . : Wow64 Actions Plugin Publisher . . . . : MindQuake Serviços de Informática Ltda. Description . . . : Wow64 Actions Plugin Version . . . . . : 1.0.3.3 Copyright . . . . : Copyright © 2010 MindQuake Serviços de Informática Ltda. RSA Key Size . . . : 2048 Authenticode . . . : Self-signed Fuzzy . . . . . . : 22.0 Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. The file name extension of this program is not common. The .rsrc (resources) section in this program is set to executable. This is an indication of malware infection. Program is code self-signed. The file is in use by one or more active processes. Program contains PE structure anomalies. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. [/code] [/QUOTE]
Insert quotes…
Verification
Post reply
Top