[code] HitmanPro 3.7.9.212 www.hitmanpro.com Computer name . . . . : IVAN-PC Windows . . . . . . . : 6.1.1.7601.X64/4 User name . . . . . . : Ivan-PC\Ivan UAC . . . . . . . . . : Enabled License . . . . . . . : Paid (255 days left) Scan date . . . . . . : 2015-06-16 11:23:27 Scan mode . . . . . . : Quick Scan duration . . . . : 48s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 3 Objects scanned . . . : 4.733 Files scanned . . . . : 4.733 Remnants scanned . . : 0 files / 0 keys Miniport ____________________________________________________________________ Primary DriverObject . . . : FFFFFA80074E2A70 DriverName . . . . : \Driver\atapi DriverPath . . . . : \SystemRoot\System32\drivers\atapi.sys StartIo . . . . . : 0000000000000000 +0 IRP_MJ_SCSI . . . : FFFFFA80066DC2C0 +0 Solution DriverObject . . . : FFFFFA80074E2A70 DriverName . . . . : \Driver\atapi DriverPath . . . . : \SystemRoot\System32\drivers\atapi.sys StartIo . . . . . : 0000000000000000 +0 IRP_MJ_SCSI . . . : FFFFF88000E274D8 \SystemRoot\System32\drivers\ataport.SYS+29912 Suspicious files ____________________________________________________________ C:\Windows\SysWOW64\java.exe Size . . . . . . . : 1.008.648 bytes Age . . . . . . . : 0.6 days (2015-06-15 21:40:28) Entropy . . . . . : 6.5 SHA-256 . . . . . : 67F4D9239835EA69F406C2B85164A30E2C038AE5D94FCC16D9CE37B18C68D47C Product . . . . . : Evernote® Publisher . . . . : Evernote Corp., 305 Walnut Street, Redwood City, CA 94063 Description . . . : Filters Dynamic Link Library Version . . . . . : 5,8,8,7837 Copyright . . . . : Copyright 2015 Evernote Corporation. All rights reserved. Fuzzy . . . . . . : 24.0 The file is completely hidden from view and most antivirus products. It may belong to a rootkit. Time indicates that the file appeared recently on this computer. The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities. C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log Size . . . . . . . : 28.160 bytes Age . . . . . . . : 34.0 days (2015-05-13 10:43:08) Entropy . . . . . : 5.3 SHA-256 . . . . . : AB7CD7BAE5BB6F0882AB7DAFE1F1C1EA8A94A49D80C81F37EB364FC485D27225 Product . . . . . : Microsoft® Windows® Operating System Publisher . . . . : Microsoft Corporation Description . . . : Security Support Provider Interface Version . . . . . : 6.1.7601.18812 Copyright . . . . : © Microsoft Corporation. All rights reserved. Fuzzy . . . . . . : 22.0 The file is completely hidden from view and most antivirus products. It may belong to a rootkit. The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities. C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log Size . . . . . . . : 404.992 bytes Age . . . . . . . : 34.0 days (2015-05-13 10:42:49) Entropy . . . . . : 6.0 SHA-256 . . . . . : 574381811F418735B118DC0CA94E4EE2C6D0BBD4D439F0E594382CE2B10428FB Product . . . . . : Microsoft® Windows® Operating System Publisher . . . . : Microsoft Corporation Description . . . : Event Trace Report Tool Version . . . . . : 6.1.7601.23040 Copyright . . . . : © Microsoft Corporation. All rights reserved. Fuzzy . . . . . . : 22.0 The file is completely hidden from view and most antivirus products. It may belong to a rootkit. The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities. [/code]