[code] HitmanPro 3.7.15.281 www.hitmanpro.com Computer name . . . . : JANUSZ Windows . . . . . . . : 6.3.0.9600.X64/4 User name . . . . . . : Janusz\Janusz042 UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2017-03-20 20:54:43 Scan mode . . . . . . : Normal Scan duration . . . . : 6m 40s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 171 Objects scanned . . . : 2 540 001 Files scanned . . . . : 28 713 Remnants scanned . . : 365 913 files / 2 145 375 keys Suspicious files ____________________________________________________________ C:\Users\Janusz042\Downloads\FRST-OlderVersion\FRST64.exe Size . . . . . . . : 2 423 808 bytes Age . . . . . . . : 19.1 days (2017-03-01 19:14:56) Entropy . . . . . : 7.6 SHA-256 . . . . . : 60B968082A72AB85CF54E6FF5EE03588CD1F6CA566CC7CCDE96AA4F6080083CF Needs elevation . : Yes Fuzzy . . . . . . : 23.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. C:\Users\Janusz042\Downloads\FRST64.exe Size . . . . . . . : 2 423 808 bytes Age . . . . . . . : 11.0 days (2017-03-09 20:25:54) Entropy . . . . . : 7.6 SHA-256 . . . . . : 0C11A0E7E1D7950EAAB54F640609BD62DC8E7F6CCBDD4520ACD6E0A67C252262 Needs elevation . : Yes Fuzzy . . . . . . : 23.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Forensic Cluster -6.2s C:\Users\Janusz042\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_6CBA2C06D5985DD95AE59AF8FC7C6220 -6.2s C:\Users\Janusz042\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_6CBA2C06D5985DD95AE59AF8FC7C6220 -1.0s C:\Users\Janusz042\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2 -1.0s C:\Users\Janusz042\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2 -0.6s C:\Users\Janusz042\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F -0.6s C:\Users\Janusz042\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F 0.0s C:\Users\Janusz042\Downloads\FRST64.exe Cookies _____________________________________________________________________ C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:1982700803.log.optimizely.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:2103950122.log.optimizely.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:254a.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:262855726.log.optimizely.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:abmr.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:acuityplatform.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:acxiom-online.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.admitad.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.adocean.pl C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.sara.media C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adaptv.advertising.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrn.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adfarm1.adition.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adform.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adformdsp.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adgrx.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adhigh.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adingo.jp C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.avocet.io C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.betweendigital.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.businessclick.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.chargeads.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.kiosked.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.linkedin.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.programattik.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.trafficjunky.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.travelaudience.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yieldmo.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adscale.de C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adscience.nl C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.exoticads.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.magazyn.pl C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver01.de C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserving-dev.ancora.iponweb.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsrvr.org C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsymptotic.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechjp.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adultfriendfinder.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:adx.adform.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:agkn.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:angsrvr.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:asoscomltd.tt.omtrdc.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:atemda.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:basebanner.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidr.io C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidswitch.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:bizrate.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:bluekai.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.appier.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:chango.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:connexity.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:contextweb.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:crwdcntrl.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ctnsnet.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:d.adroll.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:default.atemda.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:demdex.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:domdex.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:dotomi.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:dpm.demdex.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:dsp.linksynergy.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ebayinc.demdex.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:emjcd.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:erne.co C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:everesttech.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:exoclick.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:eyereturn.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:eyeviewads.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:gm.demdex.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:gmeurope.112.2o7.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:go.flx1.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:go.sonobi.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:gssprt.jp C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:gwallet.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ibeu2.mookie1.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ibillboard.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ih.adscale.de C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:imrworldwide.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ipredictive.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:krxd.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:legolas-media.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:leguide.d3.sc.omtrdc.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:lijit.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:linksynergy.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:m6r.eu C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:match.adsby.bidtheatre.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:match.rundsp.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:mathtag.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:metrigo.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ml314.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:mmstat.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:mookie1.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:mxptint.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:nexac.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:openx.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:optimatic.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:owneriq.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ox-d.imgur.servedbyopenx.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:pixel-a.sitescout.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:pixel.rubiconproject.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:pixel.sitescout.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:pool.admedo.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:pubmatic.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:rd.linksynergy.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:rfihub.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:rlcdn.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:rubiconproject.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:sandbox.bidswitch.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:server.adformdsp.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:shopstyle.sc.omtrdc.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:simpli.fi C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:sitescout.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:skimresources.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:stags.bluekai.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:stat.komoona.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:swid.switchads.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:sxp.smartclip.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:sync.go.sonobi.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:taboola.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:tap-t.rubiconproject.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:tap.rubiconproject.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:tap2-cdn.rubiconproject.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:tapad.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:tidaltv.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.rtb-media.me C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.vitringez.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:trc.taboola.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:tremorhub.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:tubemogul.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:turn.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:uk.at.atwola.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:univide.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:virool.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:w55c.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:weborama.fr C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:wtp101.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:ww1097.smartadserver.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:yieldlab.net C:\Users\Janusz042\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com [/code]