[code] HitmanPro 3.7.14.263 www.hitmanpro.com Computer name . . . . : TOM615-PC Windows . . . . . . . : 10.0.0.10586.X64/4 User name . . . . . . : tom615-PC\tom615 UAC . . . . . . . . . : Disabled License . . . . . . . : Free Scan date . . . . . . : 2016-05-01 13:24:03 Scan mode . . . . . . : Normal Scan duration . . . . : 10m 56s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 1 Traces . . . . . . . : 8 Objects scanned . . . : 1 906 750 Files scanned . . . . : 22 581 Remnants scanned . . : 487 536 files / 1 396 633 keys Malware _____________________________________________________________________ C:\Users\tom615\Desktop\TSO\TSO_Tools\Updater.exe Size . . . . . . . : 1 754 112 bytes Age . . . . . . . : 64.8 days (2016-02-26 17:46:18) Entropy . . . . . : 6.5 SHA-256 . . . . . : 5C9352998A969A6A99F204D9A764C073CA03178FE9B9324D17B744D62D00DBE8 Product Publisher Description Version . . . . . : 0.1.0.9 LanguageID . . . . : 1045 > Bitdefender . . . : Trojan.Generic.14731411 Fuzzy . . . . . . : 103.0 Suspicious files ____________________________________________________________ C:\Users\tom615\Desktop\FRST64.exe Size . . . . . . . : 2 377 216 bytes Age . . . . . . . : 0.1 days (2016-05-01 09:48:52) Entropy . . . . . : 7.6 SHA-256 . . . . . : AA42F1CEF95A1550936B4EC88811274645F9A07B19C564798998F63F85C17E2F Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Potential Unwanted Programs _________________________________________________ HKLM\SOFTWARE\Classes\TypeLib\{DA624F8F-98BF-4B03-AD11-A12D07119E81}\ (Baidu) HKLM\SOFTWARE\Classes\WOW6432Node\TypeLib\{DA624F8F-98BF-4B03-AD11-A12D07119E81}\ (Baidu) HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar) HKLM\SOFTWARE\WOW6432Node\Auslogics\Google Analytics Package\ (TweakBit) HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}\ (CouponBar) Cookies _____________________________________________________________________ C:\Users\tom615\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com [/code]