[code] HitmanPro 3.7.10.251 www.hitmanpro.com Computer name . . . . : ADMIN-KOMPUTER Windows . . . . . . . : 10.0.0.10240.X64/4 User name . . . . . . : Admin-Komputer\Admin UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2015-11-25 11:44:40 Scan mode . . . . . . : Normal Scan duration . . . . : 9m 47s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 86 Objects scanned . . . : 1 624 041 Files scanned . . . . : 52 032 Remnants scanned . . : 372 503 files / 1 199 506 keys Suspicious files ____________________________________________________________ C:\Users\Admin\Downloads\FRST-OlderVersion\FRST64.exe Size . . . . . . . : 2 346 496 bytes Age . . . . . . . : 6.0 days (2015-11-19 11:58:11) Entropy . . . . . : 7.6 SHA-256 . . . . . : 9EE8D5EEDD6832D90E1DB586A08CF841AEAA82F9AC004B1B5D23D4DEFCD7AAB6 Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Forensic Cluster -2.8s C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\E3B4D810CDA56990F6FC5106B77DA149_91D7B4B31E7581603335CF4FBCD8556C -2.8s C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\E3B4D810CDA56990F6FC5106B77DA149_91D7B4B31E7581603335CF4FBCD8556C 0.0s C:\Users\Admin\Downloads\FRST-OlderVersion\FRST64.exe C:\Users\Admin\Downloads\FRST64.exe Size . . . . . . . : 2 348 544 bytes Age . . . . . . . : 1.1 days (2015-11-24 09:20:22) Entropy . . . . . : 7.6 SHA-256 . . . . . : 6EC4FE14AD8BE023E61B51891170B717EF278A39423398D71F147575B651F955 Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Potential Unwanted Programs _________________________________________________ HKU\S-1-5-21-1042416182-98707671-1076778749-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_\ (Crossrider) HKU\S-1-5-21-1042416182-98707671-1076778749-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_\ (Crossrider) Cookies _____________________________________________________________________ C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\16N85IMR.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\38V297D6.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\49MQO5FO.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\4N8B0PL4.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\55QY53FO.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\6QP2LE33.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\7CQBFL10.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\86BU5IZR.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\8AH3O5BA.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\8XWBT0DO.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\91NB5UGA.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\9WI71IE2.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\AIGV2YYC.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\BJ0L44ZY.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\BN9KO3ES.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\E829A88I.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\FBWFOOZH.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\GFCNAL1Y.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\H1DS5OOS.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\I84A1M01.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\IHRT647K.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\KI2SYUUP.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\KLPMZ7QH.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\L9JK5P51.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\MDYLO8T7.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\P1N2GWTW.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\PULR0UF7.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\QQJS8AZM.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\TCMVVOXV.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\VEIU26TJ.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\VKS38QHE.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\XA92WZ31.txt C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\YD7UB6FR.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0LO2RLDU.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\0SLR4Q0H.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\281WDHRJ.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\33ZIW9V4.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3AFJZX62.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\558NN1D8.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\558ZRKQ6.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6705P8O6.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6FNKLEUR.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\6R903VK4.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\791922G0.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\7IOESCD0.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\9MIDN62X.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\9UMM0YZ1.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\C2PUG9M2.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\EJ4C5VJY.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FP0TECB4.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\GFE44P0W.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\GVZNQMHZ.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\GXCOEPHE.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HMISONM0.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\HW98WZQ2.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\I53S99F5.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\IUDA4J8J.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\J38QN0U7.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JH9XVG6F.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JM7FFC0T.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\K9KZIGNT.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\KY3PKZKA.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\LBM0NOSK.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\LSMNM3ED.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\M66DYPHA.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\MJI08S29.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\MW8Z2FGQ.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\N7BCIZR4.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\NUJNAROH.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\P2WI7QGL.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\PJZ721L6.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\SBYSPZDM.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\SEZX14I1.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\T8GT6X67.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\VOP92XEI.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\XTTRBOJS.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\XV2U0RC9.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\YE0ZDYM4.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\YW2MYS46.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\YXM6UP59.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\Z41QL1PR.txt C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\ZYYLAVCD.txt [/code]