[code] HitmanPro 3.7.15.281 www.hitmanpro.com Computer name . . . . : MARCIN Windows . . . . . . . : 6.1.1.7601.X64/4 User name . . . . . . : MARCIN\Marcin UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2017-03-15 12:28:17 Scan mode . . . . . . : Normal Scan duration . . . . : 11m 17s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 2 Objects scanned . . . : 1 742 657 Files scanned . . . . : 28 569 Remnants scanned . . : 247 938 files / 1 466 150 keys Suspicious files ____________________________________________________________ C:\Users\Marcin\Desktop\logi\FRST-OlderVersion\FRST64.exe Size . . . . . . . : 2 424 832 bytes Age . . . . . . . : 1.1 days (2017-03-14 09:07:35) Entropy . . . . . : 7.6 SHA-256 . . . . . : CCAB47F4440A8DA984A082F2109AF6E983AA3AB9862302FA24D5A2EA8FCFBA58 Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. C:\Users\Marcin\Desktop\logi\FRST64.exe Size . . . . . . . : 2 424 832 bytes Age . . . . . . . : 0.0 days (2017-03-15 12:24:10) Entropy . . . . . : 7.6 SHA-256 . . . . . : 3A3DCD0D3C9C1FE10C45AF795DC9452DA192246BB67D896AB7F16151A53C1B5F Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Forensic Cluster -41.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\79\C1301D2497C928BF.dat -40.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\RtSigs\Data\bb652e9b5714102b57dfefebebd85f995525ed1c -13.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\91\9F88500410FA6163.dat -0.2s C:\Users\Marcin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E -0.2s C:\Users\Marcin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E -0.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\11\70A6CB452F22A767.dat 0.0s C:\Users\Marcin\Desktop\logi\FRST64.exe 9.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Store\CB213B0BED37157AE6A59E4654A6F282 9.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\75\8EBD34A5462CA20B.dat 9.6s C:\Users\Marcin\Desktop\logi\FRST-OlderVersion\ 10.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\36\B05F11D9A3962E48.dat 12.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{CBABE161-3FA9-440E-8731-768C01617FF5} 19.1s C:\FRST\Logs\ct 19.2s C:\Users\Marcin\Desktop\logi\Fixlog.txt [/code]