[code] HitmanPro 3.7.15.281 www.hitmanpro.com Computer name . . . . : MINER-PBG_DAMIA Windows . . . . . . . : 10.0.0.14393.X64/4 User name . . . . . . : Miner-PBG_Damia\Damian UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2017-01-10 08:54:10 Scan mode . . . . . . : Normal Scan duration . . . . : 4m 9s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 3 Objects scanned . . . : 2 360 994 Files scanned . . . . : 49 568 Remnants scanned . . : 418 000 files / 1 893 426 keys Suspicious files ____________________________________________________________ C:\Users\Damian\AppData\Local\Microsoft\Windows\INetCache\IE\L6A1SU1O\FRST64[1].exe Size . . . . . . . : 2 419 200 bytes Age . . . . . . . : 1.0 days (2017-01-09 08:28:12) Entropy . . . . . : 7.6 SHA-256 . . . . . : 0B4E2E914C2BE30FF539A204F1BE480058F1BDAAE2483C0C960EB4A2CFAA2C4A Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Forensic Cluster -2.5s C:\Users\Damian\AppData\Local\Microsoft\Windows\INetCache\IE\0RLQ5Q3F\up64[2] -2.1s C:\Users\Damian\AppData\Local\Microsoft\Windows\INetCache\IE\0RLQ5Q3F\82[1].htm -0.9s C:\Users\Damian\AppData\Local\Microsoft\Windows\INetCookies\EW3NW0CN.cookie -0.9s C:\Users\Damian\AppData\Local\Microsoft\Windows\INetCache\IE\ZUCCOGQ1\82[1].htm -0.5s C:\Users\Damian\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2 -0.5s C:\Users\Damian\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2 -0.4s C:\Users\Damian\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F -0.4s C:\Users\Damian\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F -0.2s C:\Users\Damian\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E -0.2s C:\Users\Damian\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E 0.0s C:\Users\Damian\AppData\Local\Microsoft\Windows\INetCache\IE\L6A1SU1O\FRST64[1].exe 2.6s C:\Users\Damian\Downloads\FRST-OlderVersion\ C:\Users\Damian\Downloads\FRST-OlderVersion\FRST64.exe Size . . . . . . . : 2 418 176 bytes Age . . . . . . . : 5.0 days (2017-01-05 08:35:57) Entropy . . . . . : 7.6 SHA-256 . . . . . : 7B1EAFF262CB947F39609AA61124E60FD28DCD3CCD592DA5826588D3ECDA1E8F Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Forensic Cluster 0.0s C:\Users\Damian\Downloads\FRST64\FRST64.exe 0.0s C:\Users\Damian\Downloads\FRST-OlderVersion\FRST64.exe C:\Users\Damian\Downloads\FRST64\FRST64.exe Size . . . . . . . : 2 419 200 bytes Age . . . . . . . : 5.0 days (2017-01-05 08:35:57) Entropy . . . . . : 7.6 SHA-256 . . . . . : 0B4E2E914C2BE30FF539A204F1BE480058F1BDAAE2483C0C960EB4A2CFAA2C4A Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Forensic Cluster 0.0s C:\Users\Damian\Downloads\FRST64\FRST64.exe 0.0s C:\Users\Damian\Downloads\FRST-OlderVersion\FRST64.exe [/code]