Windows BBS The Place for Microsoft Windows Support! Windows, Support, Help Site

Go Back   Windows BBS > Security > Malware and Virus Removal
Reload this Page

[Resolved] Error message "C:\WINDOWS\system32\drivers\service.exe"

Register FAQDonate Mark Forums Read

Malware and Virus Removal Problems removing malware/viruses? Get help from our Malware removal experts.

Register your FREE account to unlock additional features at WindowsBBS.com
Register
Welcome to WindowsBBS.com
Microsoft Windows Support

Mission Statement

WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.

Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.

Discussion Forums
Operating Systems
Windows 7 Windows 7
Windows Vista Windows Vista
Windows XP Windows XP
Windows Server System Windows Server System
Windows 2000 Windows 2000
Windows 95/98/Me/NT Windows 95/98/Me/NT
Internet & Networking
Networking
Internet Explorer
Microsoft Mail
Firefox, Thunderbird
      & SeaMonkey
General Internet
Security
General Security
Malware and Virus
     Removal
Other
Other Software
Hardware
Test Posts
Community
Introductions
General Discussions
Comments
      & Suggestions
News @ WindowsBBS

Forum Sponsor
Image

Reply
 
LinkBack Thread Tools
Old 9th December 2008   #1
Inactive
 
Profile:
Join Date: Dec 2008
Location: Lisbon, Portugal
Posts: 7
Computer Experience:
Beginner
Teresinha Reputation Level
[Resolved] Error message "C:\WINDOWS\system32\drivers\service.exe"
Hi!

I have this Toshiba laptop, running Windows XP Home Edition SP3, which lately, every time I login, prompts me with an error message saying Windows cannot find the path "C:\WINDOWS\system32\drivers\service.exe".

I've run various virus and spyware removal programs, but can't get rid of this annoying message. Nothing else seems affected!

Don't know what else to do... Any suggestions?

Thanks in advance

-----

As requested, here goes the RSIT logs:

LOG

Logfile of random's system information tool 1.04 (written by random/random)
Run by Ondina Velez Lago at 2008-12-09 20:15:13
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 30 GB (80%) free of 38 GB
Total RAM: 478 MB (24% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\SuperCleaner.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Facilitador de Leitor de Link Adobe PDF - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Programas\AVG\AVG8\avgssie.dll [2008-11-06 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Programas\Java\jre6\bin\ssv.dll [2008-11-06 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programa Auxiliar de Início de Sessão do Windows Live - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\Programas\AVG\AVG8\avgtoolbar.dll [2008-11-06 2055960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programas\Java\jre6\bin\jp2ssv.dll [2008-11-06 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-06 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\Programas\AVG\AVG8\avgtoolbar.dll [2008-11-06 2055960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\System32\i [2008-11-06 79]
"HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2003-05-29 114688]
"Apoint"=C:\Programas\Apoint2K\Apoint.exe [2003-06-18 151552]
"CeEPOWER"=C:\Programas\TOSHIBA\Power Management\CePMTray.exe [2003-07-23 135168]
"CPLDBL10"=C:\Programas\EzButton\CPLDBL10.EXE [2003-07-03 204800]
"CeEKEY"=C:\Programas\TOSHIBA\E-KEY\CeEKey.exe [2003-07-29 638976]
"TPNF"=C:\Programas\TOSHIBA\TouchPad\TPTray.exe [2003-07-18 49152]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-05 1261336]
"Adobe Reader Speed Launcher"=C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"SunJavaUpdateSched"=C:\Programas\Java\jre6\bin\jusched.exe [2008-11-06 136600]
"Windows Defender"=C:\Programas\Windows Defender\MSASCui.exe [2006-11-03 866584]
"CameraFixer"=C:\WINDOWS\CameraFixer.exe [2006-06-02 20480]
"tsnpstd3"=C:\WINDOWS\tsnpstd3.exe [2006-06-19 114688]
"snpstd3"=C:\WINDOWS\vsnpstd3.exe [2005-09-05 339968]
"WinPatrol"=C:\Programas\BillP Studios\WinPatrol\winpatrol.exe [2008-09-18 333120]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Programas\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SuperCleaner"=C:\Programas\SuperCleaner\SuperCleaner.exe [2008-11-05 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-05-29 319488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceOb jectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-05-09 52224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell ExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawser vice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDef end]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawser vice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Upload Mgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDef end]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Syste m]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explor er]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x psp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x psp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{37cf66aa-c2cd-11dd-83b3-a7dd70e6ca64}]
shell\AutoRun\command - E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{37cf66ab-c2cd-11dd-83b3-a7dd70e6ca64}]
shell\AutoRun\command - E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{37cf66ac-c2cd-11dd-83b3-a7dd70e6ca64}]
shell\AutoRun\command - E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{a134e916-acd5-11dd-83a8-99279b65b666}]
shell\AutoRun\command - E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{a134e917-acd5-11dd-83a8-99279b65b666}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{a2b26c98-c2d6-11dd-83b4-a9731c35f464}]
shell\AutoRun\command - E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{e23830cc-acca-11dd-83a6-f66b7cee4b19}]
shell\AutoRun\command - E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{fc3f257d-abb0-11dd-839d-e79b886b3e3d}]
shell\AutoRun\command - E:\VMC_PBStarter.exe


======List of files/folders created in the last 3 months======

2008-12-09 20:15:14 ----D---- C:\Programas\trend micro
2008-12-09 20:15:13 ----D---- C:\rsit
2008-12-06 18:53:22 ----D---- C:\WINDOWS\pss
2008-12-06 15:45:47 ----A---- C:\WINDOWS\TPTray.INI
2008-12-06 00:09:38 ----SHD---- C:\Config.Msi
2008-12-05 14:57:08 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-05 13:32:49 ----A---- C:\WINDOWS\E220AutoRunLog.tmp
2008-11-17 17:37:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-12 14:57:34 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-11-12 14:51:14 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\WinPatrol
2008-11-12 12:51:05 ----D---- C:\WINDOWS\BDOSCAN8
2008-11-12 12:25:51 ----D---- C:\Programas\BillP Studios
2008-11-12 12:22:23 ----D---- C:\Programas\Lavasoft
2008-11-12 12:22:05 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-12 12:20:53 ----D---- C:\Programas\Ficheiros comuns\Wise Installation Wizard
2008-11-12 12:20:22 ----D---- C:\Programas\SpywareBlaster
2008-11-11 19:55:31 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-11 19:53:51 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-11 19:51:45 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-07 14:33:25 ----D---- C:\Programas\MODEM MF622
2008-11-07 14:15:19 ----D---- C:\WINDOWS\system32\SupportAppPT
2008-11-07 12:57:57 ----D---- C:\WINDOWS\Minidump
2008-11-07 10:16:48 ----A---- C:\WINDOWS\wininit.ini
2008-11-07 00:17:49 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-11-07 00:15:02 ----D---- C:\Programas\VoIPvoice Cyber Series Camera AP
2008-11-07 00:14:51 ----A---- C:\WINDOWS\tsnpstd3.exe
2008-11-07 00:14:51 ----A---- C:\WINDOWS\CameraFixer.exe
2008-11-07 00:14:48 ----A---- C:\WINDOWS\vsnpstd3.exe
2008-11-07 00:14:47 ----A---- C:\WINDOWS\snpstd3.ini
2008-11-07 00:14:41 ----A---- C:\WINDOWS\vsnpstd3.dll
2008-11-07 00:14:41 ----A---- C:\WINDOWS\usnpstd3.exe
2008-11-07 00:14:41 ----A---- C:\WINDOWS\system32\rsnpstd3.dll
2008-11-07 00:14:41 ----A---- C:\WINDOWS\system32\csnpstd3.dll
2008-11-07 00:14:39 ----D---- C:\Programas\Ficheiros comuns\snpstd3
2008-11-06 19:44:09 ----A---- C:\WINDOWS\ODBC.INI
2008-11-06 19:43:52 ----A---- C:\WINDOWS\system32\mdimon.dll
2008-11-06 19:40:44 ----D---- C:\Programas\Microsoft.NET
2008-11-06 19:39:29 ----D---- C:\Programas\Ficheiros comuns\DESIGNER
2008-11-06 19:38:46 ----D---- C:\WINDOWS\SHELLNEW
2008-11-06 19:36:35 ----D---- C:\Programas\Microsoft Office
2008-11-06 19:34:28 ----RHD---- C:\MSOCache
2008-11-06 19:16:28 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-11-06 19:16:28 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-11-06 19:04:56 ----D---- C:\Programas\Windows Defender
2008-11-06 16:17:57 ----SHDC---- C:\Programas\Ficheiros comuns\WindowsLiveInstaller
2008-11-06 16:17:23 ----D---- C:\Programas\Windows Live
2008-11-06 15:46:52 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\Macromedia
2008-11-06 15:35:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-11-06 15:29:50 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-06 15:29:50 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-06 15:29:49 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-06 15:29:49 ----A---- C:\WINDOWS\system32\java.exe
2008-11-06 14:54:33 ----A---- C:\WINDOWS\system32\msvcp71.dll
2008-11-06 14:44:47 ----D---- C:\WINDOWS\system32\Adobe
2008-11-06 14:13:45 ----D---- C:\WINDOWS\Prefetch
2008-11-06 13:41:38 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-06 13:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-06 13:41:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-06 13:41:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-06 13:41:05 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-06 13:40:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-06 13:40:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-06 13:40:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-06 13:40:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-06 13:40:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-06 13:40:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-06 13:40:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-06 13:40:09 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-06 13:40:02 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-06 13:34:19 ----D---- C:\WINDOWS\l2schemas
2008-11-06 12:50:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-11-06 12:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-11-06 12:50:39 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-11-06 12:50:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-11-06 12:48:38 ----D---- C:\WINDOWS\ie7updates
2008-11-06 12:47:11 ----D---- C:\WINDOWS\WBEM
2008-11-06 12:47:10 ----D---- C:\WINDOWS\system32\pt-pt
2008-11-06 12:45:28 ----HDC---- C:\WINDOWS\ie7
2008-11-06 12:45:11 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-11-06 12:44:53 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-11-06 12:44:22 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-11-06 12:44:13 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-11-06 12:42:25 ----D---- C:\WINDOWS\network diagnostic
2008-11-06 12:42:23 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2008-11-06 12:42:11 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2008-11-06 12:27:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-06 12:27:47 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-11-06 12:27:40 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-11-06 12:27:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2008-11-06 12:27:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-11-06 12:27:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-11-06 12:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-11-06 12:26:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-11-06 12:26:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-11-06 12:26:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-11-06 12:26:28 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-11-06 12:26:21 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-11-06 12:25:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-11-06 12:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-11-06 12:09:51 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-11-06 12:09:37 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-11-06 12:09:37 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-11-06 12:09:21 ----N---- C:\WINDOWS\system32\setupn.exe
2008-11-06 12:09:15 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-11-06 12:09:14 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-11-06 12:09:12 ----N---- C:\WINDOWS\system32\qutil.dll
2008-11-06 12:09:10 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-11-06 12:09:10 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-11-06 12:09:10 ----N---- C:\WINDOWS\system32\qagent.dll
2008-11-06 12:09:03 ----N---- C:\WINDOWS\system32\onex.dll
2008-11-06 12:08:48 ----N---- C:\WINDOWS\system32\napstat.exe
2008-11-06 12:08:48 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-11-06 12:08:48 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-11-06 12:08:46 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-11-06 12:08:46 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-11-06 12:08:42 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-11-06 12:08:42 ----N---- C:\WINDOWS\system32\mssha.dll
2008-11-06 12:08:24 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-11-06 12:08:24 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-11-06 12:08:23 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-11-06 12:08:23 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-11-06 12:08:10 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-11-06 12:08:02 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-11-06 12:08:02 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-11-06 12:08:02 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-11-06 12:08:01 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-11-06 12:08:01 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-11-06 12:07:33 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-11-06 12:07:33 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-11-06 12:07:33 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-11-06 12:07:33 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-11-06 12:07:33 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-11-06 12:07:32 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-11-06 12:07:32 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-11-06 12:07:32 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-11-06 12:07:27 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-11-06 12:07:27 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-11-06 12:07:26 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-11-06 12:07:22 ----N---- C:\WINDOWS\system32\credssp.dll
2008-11-06 12:07:15 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-11-06 12:07:15 ----N---- C:\WINDOWS\system32\azroles.dll
2008-11-06 12:07:04 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-11-06 11:57:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-06 11:57:36 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-11-06 11:56:24 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2008-11-06 11:07:31 ----D---- C:\Programas\Windows Live Safety Center
2008-11-06 10:38:35 ----D---- C:\Programas\Microsoft
2008-11-06 10:30:15 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2008-11-06 10:30:05 ----HDC---- C:\WINDOWS\$NtUninstallKB924191$
2008-11-06 10:29:48 ----HDC---- C:\WINDOWS\$NtUninstallKB922819$
2008-11-06 10:29:37 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2008-11-06 10:29:26 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2008-11-06 10:29:15 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
2008-11-06 10:29:02 ----HDC---- C:\WINDOWS\$NtUninstallKB921883$
2008-11-06 10:28:50 ----HDC---- C:\WINDOWS\$NtUninstallKB922616$
2008-11-06 10:28:34 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2008-11-06 10:28:10 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2008-11-06 10:24:12 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2008-11-06 10:24:01 ----HDC---- C:\WINDOWS\$NtUninstallKB896424$
2008-11-06 10:23:51 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2008-11-06 10:23:42 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2008-11-06 10:23:32 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2008-11-06 10:23:17 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2008-11-06 10:23:06 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2008-11-06 10:22:52 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
2008-11-06 10:22:06 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$
2008-11-06 10:21:49 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\InterVideo
2008-11-06 10:21:11 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2008-11-06 10:20:54 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2008-11-06 10:20:38 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2008-11-06 10:20:28 ----D---- C:\Programas\Ficheiros comuns\Windows Live
2008-11-06 10:20:04 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2008-11-06 10:19:55 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2008-11-06 10:19:43 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2008-11-06 10:19:34 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$
2008-11-06 10:19:25 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2008-11-06 10:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
2008-11-06 10:19:03 ----HDC---- C:\WINDOWS\$NtUninstallKB873333$
2008-11-06 10:18:49 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2008-11-06 10:18:38 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
2008-11-06 10:18:27 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2008-11-06 10:18:15 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2008-11-06 10:18:04 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$
2008-11-06 10:17:52 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2008-11-06 10:17:38 ----HDC---- C:\WINDOWS\$NtUninstallKB912919$
2008-11-06 10:17:28 ----HDC---- C:\WINDOWS\$NtUninstallKB904706$
2008-11-06 10:17:14 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2008-11-06 10:16:59 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2008-11-06 10:16:15 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2008-11-06 10:15:52 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2008-11-06 10:15:28 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2008-11-06 10:14:52 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2008-11-06 10:14:35 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2008-11-06 10:13:21 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-11-06 10:13:19 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2008-11-06 10:02:24 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2008-11-06 09:55:12 ----HD---- C:\$AVG8.VAULT$
2008-11-06 02:45:41 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-11-06 02:44:28 ----D---- C:\WINDOWS\system32\LogFiles
2008-11-06 02:44:21 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-11-06 02:42:52 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-11-06 02:41:57 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-11-06 02:05:50 ----HDC---- C:\WINDOWS\$NtUninstallKB884020$
2008-11-06 02:00:49 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-06 01:52:00 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-11-06 01:51:49 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\AVGTOOLBAR
2008-11-06 01:51:29 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-11-06 01:43:34 ----A---- C:\WINDOWS\CeEKey.INI
2008-11-06 01:42:18 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2008-11-06 01:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2008-11-06 01:35:00 ----N---- C:\WINDOWS\system32\proxycfg.exe
2008-11-06 01:35:00 ----N---- C:\WINDOWS\system32\logman.exe
2008-11-06 01:34:45 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-11-06 01:34:45 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-11-06 01:34:45 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-11-06 01:34:45 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-11-06 01:34:44 ----N---- C:\WINDOWS\system32\bthci.dll
2008-11-06 01:34:44 ----N---- C:\WINDOWS\system32\blastcln.exe
2008-11-06 01:34:44 ----N---- C:\WINDOWS\system32\auditusr.exe
2008-11-06 01:34:44 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-11-06 01:34:44 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-11-06 01:34:44 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-11-06 01:34:43 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2008-11-06 01:34:43 ----N---- C:\WINDOWS\system32\btpanui.dll
2008-11-06 01:34:43 ----N---- C:\WINDOWS\system32\bthserv.dll
2008-11-06 01:34:42 ----N---- C:\WINDOWS\system32\fsquirt.exe
2008-11-06 01:34:42 ----N---- C:\WINDOWS\system32\fltmc.exe
2008-11-06 01:34:42 ----N---- C:\WINDOWS\system32\fltlib.dll
2008-11-06 01:34:42 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-11-06 01:34:41 ----N---- C:\WINDOWS\system32\httpapi.dll
2008-11-06 01:34:41 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-11-06 01:34:41 ----N---- C:\WINDOWS\system32\fwcfg.dll
2008-11-06 01:34:41 ----A---- C:\WINDOWS\system32\ieencode.dll
2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdukx.dll
2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdno1.dll
2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdinben.dll
2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2008-11-06 01:34:38 ----N---- C:\WINDOWS\system32\msdadiag.dll
2008-11-06 01:34:37 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-11-06 01:34:37 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\powercfg.exe
2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\p2psvc.dll
2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\p2p.dll
2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\smbinst.exe
2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\slserv.exe
2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\slgen.dll
2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2008-11-06 01:34:35 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2008-11-06 01:34:34 ----N---- C:\WINDOWS\system32\winshfhc.dll
2008-11-06 01:34:34 ----N---- C:\WINDOWS\system32\w3ssl.dll
2008-11-06 01:34:34 ----N---- C:\WINDOWS\system32\twext.dll
2008-11-06 01:34:34 ----N---- C:\WINDOWS\system32\strmfilt.dll
2008-11-06 01:34:31 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2008-11-06 01:34:31 ----N---- C:\WINDOWS\system32\xmlprov.dll
2008-11-06 01:34:31 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2008-11-06 01:34:31 ----N---- C:\WINDOWS\system32\wuauclt1.exe
2008-11-06 01:34:31 ----N---- C:\WINDOWS\system32\wshbth.dll
2008-11-06 01:34:31 ----N---- C:\WINDOWS\system32\wscntfy.exe
2008-11-06 01:34:31 ----N---- C:\WINDOWS\slrundll.exe
2008-11-06 01:34:31 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-11-06 01:34:28 ----D---- C:\WINDOWS\peernet
2008-11-06 01:34:26 ----D---- C:\WINDOWS\provisioning
2008-11-06 01:31:13 ----D---- C:\WINDOWS\ServicePackFiles
2008-11-06 01:21:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-11-06 01:21:09 ----D---- C:\WINDOWS\EHome
2008-11-06 00:02:29 ----D---- C:\Programas\TeaTimer (Spybot - Search & Destroy)
2008-11-06 00:02:29 ----D---- C:\Programas\SDHelper (Spybot - Search & Destroy)
2008-11-06 00:02:29 ----D---- C:\Programas\Misc. Support Library (Spybot - Search & Destroy)
2008-11-06 00:02:28 ----D---- C:\Programas\File Scanner Library (Spybot - Search & Destroy)
2008-11-05 23:54:42 ----D---- C:\WINDOWS\system32\PreInstall
2008-11-05 23:54:39 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-11-05 23:54:37 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-11-05 23:51:09 ----HDC---- C:\WINDOWS\$NtUninstallKB911927_0$
2008-11-05 23:50:50 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-11-05 23:50:02 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-05 23:49:49 ----HDC---- C:\WINDOWS\$NtUninstallKB888302_0$
2008-11-05 23:19:25 ----A---- C:\WINDOWS\system32\webclnt.dll
2008-11-05 23:11:40 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-05 22:38:03 ----D---- C:\Programas\AVG
2008-11-05 22:32:15 ----D---- C:\WINDOWS\system32\bits
2008-11-05 22:32:03 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2008-11-05 22:21:06 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2008-11-05 22:21:06 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2008-11-05 22:21:06 ----A---- C:\WINDOWS\system32\winhttp.dll
2008-11-05 22:21:06 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-11-05 22:09:28 ----A---- C:\WINDOWS\system32\wups2.dll
2008-11-05 22:09:28 ----A---- C:\WINDOWS\system32\wups.dll
2008-11-05 22:09:28 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-11-05 22:09:28 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-11-05 22:09:28 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-11-05 22:09:26 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-11-05 22:09:26 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-11-05 22:04:05 ----D---- C:\WINDOWS\SoftwareDistribution
2008-11-05 21:48:45 ----A---- C:\WINDOWS\ModemLog_ZTE Proprietary USB Modem.txt
2008-11-05 21:41:35 ----D---- C:\Programas\WinRAR
2008-11-05 21:41:26 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-11-05 21:40:45 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-05 21:40:43 ----D---- C:\Programas\Spybot - Search & Destroy
2008-11-05 21:40:05 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2008-11-05 21:40:05 ----A---- C:\WINDOWS\system32\pndx5032.dll
2008-11-05 21:40:05 ----A---- C:\WINDOWS\system32\pndx5016.dll
2008-11-05 21:40:05 ----A---- C:\WINDOWS\system32\pncrt.dll
2008-11-05 21:40:04 ----A---- C:\WINDOWS\system32\unrar.dll
2008-11-05 21:40:01 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2008-11-05 21:40:01 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2008-11-05 21:40:01 ----A---- C:\WINDOWS\system32\xvidcore.dll
2008-11-05 21:40:00 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2008-11-05 21:40:00 ----A---- C:\WINDOWS\system32\dpl100.dll
2008-11-05 21:40:00 ----A---- C:\WINDOWS\system32\divx.dll
2008-11-05 21:39:59 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-11-05 21:39:59 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2008-11-05 21:39:58 ----D---- C:\Programas\K-Lite Codec Pack
2008-11-05 21:39:58 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\Real
2008-11-05 21:39:58 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2008-11-05 21:39:58 ----A---- C:\WINDOWS\system32\msvcr71.dll
2008-11-05 21:36:33 ----D---- C:\Programas\SuperCleaner
2008-11-05 21:12:43 ----HD---- C:\Programas\Uninstall Information
2008-11-05 21:12:35 ----ASH---- C:\Documents and Settings\Ondina Velez Lago\Application Data\desktop.ini
2008-11-05 21:12:34 ----SD---- C:\Documents and Settings\Ondina Velez Lago\Application Data\Microsoft
2008-11-05 21:12:34 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\Sun
2008-11-05 21:12:34 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\Identities
2008-11-05 21:12:34 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\AdobeUM
2008-11-05 21:12:34 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\Adobe

======List of files/folders modified in the last 3 months======

2008-12-09 20:15:14 ----RD---- C:\Programas
2008-12-09 20:15:09 ----D---- C:\WINDOWS\Temp
2008-12-09 19:34:56 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-09 19:34:50 ----SD---- C:\WINDOWS\Tasks
2008-12-06 18:53:22 ----D---- C:\WINDOWS
2008-12-06 15:48:07 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-06 15:44:09 ----D---- C:\WINDOWS\system32
2008-12-06 00:10:15 ----SHD---- C:\WINDOWS\Installer
2008-12-05 15:10:03 ----HD---- C:\WINDOWS\inf
2008-12-05 14:57:24 ----D---- C:\WINDOWS\Help
2008-11-12 22:08:06 ----SHD---- C:\System Volume Information
2008-11-12 22:08:06 ----D---- C:\WINDOWS\system32\Restore
2008-11-12 17:09:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-12 17:08:53 ----D---- C:\WINDOWS\Registration
2008-11-12 15:17:23 ----D---- C:\WINDOWS\repair
2008-11-12 12:51:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-12 12:22:23 ----D---- C:\WINDOWS\system32\drivers
2008-11-12 12:20:53 ----D---- C:\Programas\Ficheiros comuns
2008-11-11 21:21:22 ----RSD---- C:\WINDOWS\assembly
2008-11-11 21:21:22 ----D---- C:\WINDOWS\Microsoft.NET
2008-11-11 21:06:04 ----D---- C:\WINDOWS\WinSxS
2008-11-11 21:02:28 ----D---- C:\WINDOWS\system32\mui
2008-11-11 21:00:48 ----D---- C:\WINDOWS\system32\URTTemp
2008-11-07 15:21:44 ----A---- C:\WINDOWS\win.ini
2008-11-07 14:33:22 ----HD---- C:\Programas\InstallShield Installation Information
2008-11-07 00:14:48 ----D---- C:\WINDOWS\twain_32
2008-11-07 00:13:45 ----D---- C:\Programas\Ficheiros comuns\InstallShield
2008-11-07 00:05:28 ----RSD---- C:\WINDOWS\Fonts
2008-11-07 00:04:35 ----D---- C:\Programas\Ficheiros comuns\Microsoft Shared
2008-11-06 21:17:55 ----D---- C:\WINDOWS\system32\wbem
2008-11-06 19:38:50 ----D---- C:\Programas\Ficheiros comuns\System
2008-11-06 19:36:36 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-11-06 19:34:39 ----D---- C:\WINDOWS\system
2008-11-06 18:13:49 ----D---- C:\WINDOWS\PCHealth
2008-11-06 15:38:14 ----D---- C:\WINDOWS\system32\Macromed
2008-11-06 15:29:33 ----D---- C:\Programas\Java
2008-11-06 14:13:07 ----D---- C:\WINDOWS\system32\Setup
2008-11-06 14:13:06 ----D---- C:\WINDOWS\AppPatch
2008-11-06 13:45:41 ----D---- C:\WINDOWS\security
2008-11-06 13:42:04 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-06 13:40:11 ----D---- C:\Programas\Messenger
2008-11-06 13:34:52 ----D---- C:\WINDOWS\ime
2008-11-06 13:34:21 ----D---- C:\WINDOWS\system32\usmt
2008-11-06 13:34:17 ----D---- C:\Programas\Movie Maker
2008-11-06 13:27:47 ----D---- C:\WINDOWS\system32\npp
2008-11-06 13:27:44 ----D---- C:\WINDOWS\msagent
2008-11-06 13:27:41 ----D---- C:\WINDOWS\srchasst
2008-11-06 13:27:40 ----D---- C:\Programas\NetMeeting
2008-11-06 13:27:37 ----D---- C:\WINDOWS\system32\Com
2008-11-06 13:27:32 ----D---- C:\Programas\Windows Media Player
2008-11-06 13:27:31 ----D---- C:\Programas\Windows NT
2008-11-06 13:27:31 ----D---- C:\Programas\Outlook Express
2008-11-06 13:27:00 ----D---- C:\WINDOWS\system32\oobe
2008-11-06 13:21:00 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-06 12:57:48 ----D---- C:\Programas\Internet Explorer
2008-11-06 12:47:16 ----D---- C:\WINDOWS\system32\config
2008-11-06 12:47:01 ----D---- C:\WINDOWS\Media
2008-11-06 11:57:38 ----D---- C:\WINDOWS\system32\DirectX
2008-11-06 02:34:06 ----D---- C:\WINDOWS\Debug
2008-11-06 02:01:20 ----D---- C:\Programas\Ficheiros comuns\Adobe
2008-11-06 02:00:05 ----D---- C:\Programas\Adobe
2008-11-06 01:36:14 ----RASH---- C:\boot.ini
2008-11-06 01:27:32 ----RD---- C:\WINDOWS\Web
2008-11-06 01:27:06 ----RASH---- C:\NTDETECT.COM
2008-11-05 22:37:02 ----SD---- C:\WINDOWS\system32\Microsoft
2008-11-05 22:09:30 ----HD---- C:\Programas\WindowsUpdate
2008-11-05 21:34:27 ----D---- C:\Programas\Serviços online
2008-11-05 21:32:45 ----SHD---- C:\RECYCLER
2008-11-05 21:12:33 ----D---- C:\Documents and Settings
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\muweb.dll
2008-10-15 16:36:07 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-03 17:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-11-06 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-11-06 26824]
R1 intelppm;Controlador de processador Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40320]
R1 SrvcEKIOMngr;SrvcEKIOMngr; C:\WINDOWS\System32\Drivers\EKIoMngr.sys [2002-12-18 5888]
R1 SrvcEPIOMngr;SrvcEPIOMngr; C:\WINDOWS\System32\Drivers\EPIoMngr.sys [2002-12-18 5888]
R1 SrvcSSIOMngr;SrvcSSIOMngr; C:\WINDOWS\System32\Drivers\SSIoMngr.sys [2002-12-18 5888]
R1 SrvcTPIOMngr;SrvcTPIOMngr; C:\WINDOWS\System32\Drivers\TPIoMngr.sys [2002-07-17 4183]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-11-06 76040]
R2 DPortIO;Dritek Port I/O Driver; C:\WINDOWS\System32\Drivers\DPortIO.sys [2001-04-12 3674]
R2 irda;Protocolo IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-06-13 114880]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-06-13 80512]
R3 {E2B953A6-195A-44F9-9BA3-3D5F4E32BB55};AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011; C:\WINDOWS\system32\drivers\wA301a.sys [2003-06-13 33847]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-05-14 740044]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\System32\DRIVERS\Apfiltr.sys [2003-06-20 93912]
R3 Arp1394;Protocolo de cliente ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 CmBatt;Controlador Microsoft ACPI Control Method Battery; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2003-01-16 16256]
R3 EPOWER;Compal E-POWER Driver; C:\WINDOWS\System32\Drivers\hkdrv.sys [2003-09-10 6896]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-06-13 89787]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 Rasirda;Miniport WAN (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 TOSHIBASoftModem;TOSHIBA Software Modem; C:\WINDOWS\System32\DRIVERS\LTSM.sys [2002-09-17 809872]
R3 usbehci;Microsoft USB 2.0 - controlador Miniport de anfitrião melhorado; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrador activado por USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Controlador de armazenamento de massa USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Controlador miniport do controlador Microsoft USB universal; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 AR5211;Atheros AR5001 Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\ar5211.sys [2003-07-29 322720]
S3 CCDECODE;Descodificador de captura fechada; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-04-16 100736]
S3 MSTEE;Conversor da Microsoft para fluxos Tee/Sink-to-Sink; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Ligação de TV/Vídeo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2002-06-13 45568]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\System32\DRIVERS\smcirda.sys [2002-04-23 35913]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 VoIPvoiceCyberSeriesCamera;VoIPvoice Cyber Series Camera (C7); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2006-02-06 8410880]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-04-11 82944]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-04-11 87808]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\System32\DRIVERS\ZTEusbmdm6k.sys [2007-06-18 101120]
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\System32\DRIVERS\ZTEusbnmea.sys [2007-06-18 101120]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\System32\DRIVERS\ZTEusbser6k.sys [2007-06-18 101120]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-11-06 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-11-06 231704]
R2 CeEPwrSvc;CeEPwrSvc; C:\Programas\TOSHIBA\Power Management\CeEPwrSvc.exe [2003-07-11 73728]
R2 Irmon;Monitor de infravermelhos; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programas\Java\jre6\bin\jqs.exe [2008-11-06 152984]
R2 WinDefend;Windows Defender; C:\Programas\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 ZTE CDROM Monitor;ZTE CDROM Monitor; C:\WINDOWS\system32\SupportAppPT\ztemon.exe [2007-08-31 81920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:\Programas\Ficheiros comuns\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Serviço de Compartilhamento de Pastas Messenger do USN Journal Reader; C:\Programas\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Programas\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Serviço de Partilha de Rede do Windows Media Player; C:\Programas\Windows Media Player\WMPNetwk.exe [2006-05-17 825344]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------



INFO

info.txt logfile of random's system information tool 1.04 2008-12-09 20:15:20

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Actualização de segurança para Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Actualização de segurança para Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Actualização de segurança para Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Actualização de segurança para Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Actualização para Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Actualização para Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.0 - Português-->MsiExec.exe /I{AC76BA86-7AD7-1046-7B44-A81000000003}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
Assistente de Início de Sessão do Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}
AVG Free 8.0-->C:\Programas\AVG\AVG8\setup.exe /UNINSTALL
Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}
Compressor WinRAR-->C:\Programas\WinRAR\uninstall.exe
Consola TOSHIBA-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{3CF0858D-1AC5-4308-9DE7-AD15288A8BDC}\SETUP.EXE" -l0x816
Easy Button-->C:\WINDOWS\UnInst32.exe CPLDBL10.UNI
Hotfix para Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582
InterVideo WinDVD 4-->"C:\Programas\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
Java 2 Runtime Environment, SE v1.4.2-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
K-Lite Mega Codec Pack 3.5.3-->"C:\Programas\K-Lite Codec Pack\unins000.exe"
Manuais da TOSHIBA-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{188BA1CC-F3A1-49B0-A34D-8C861C64E1AE}\SETUP.EXE" -l0x816
Microsoft .NET Framework (Portuguese) v1.0.3705-->C:\WINDOWS\Microsoft.NET\Framework\Install.exe /u /p Microsoft .NET Framework Full v1.0.3705 (2070)
Microsoft .NET Framework 1.0 Hotfix (KB928367)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\M9283672070\M92836720 70Uninstall.msp"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninst all.msp"
Microsoft .NET Framework 1.1 Portuguese Language Pack-->MsiExec.exe /X{0D70FCFE-2102-4951-A56E-22DD07DFA5B6}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack - PTG-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - PTG\install.exe
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.ex e"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst. exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110816-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MODEM MF622 HSDPA EDGE USB -->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,Launc hSetup "C:\Programas\InstallShield Installation Information\{57739DDB-AAEC-43FE-881F-9F58C077C699}\setup.exe" -l0x816 -removeonly
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Realtek Fast Ethernet Adapter Driver-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}\SETUP.EXE" -l0x9 REMOVE
SMSC IrCC Driver V5.1.2462.0 (WinXP)-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{EC86822D-3A20-11D5-801B-00E029348F40}\SETUP.EXE"
Spybot - Search & Destroy 1.4-->"C:\Programas\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy-->"C:\Programas\Spybot - Search & Destroy\unins001.exe"
SpywareBlaster 4.1-->"C:\Programas\SpywareBlaster\unins000.exe"
SuperCleaner-->"C:\Programas\SuperCleaner\Uninst.exe" C:\Programas\SuperCleaner\Uninst.ini
TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe"
Toshiba screensaver-->C:\WINDOWS\uninst.exe -f"C:\Programas\Toshiba\Toshiba screensaver\DeIsL1.isu" -c"C:\Programas\Toshiba\Toshiba screensaver\_ISREG32.DLL"
Utilit?io TOSHIBA Hotkey-->C:\PROGRA~1\FICHEI~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{41DBA4F1-E295-41B3-9922-7B346C5B8EBF} /l2070
Utilit?io TOSHIBA Power Management-->C:\PROGRA~1\FICHEI~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{B83DA26B-5237-41E8-8612-8F3F63F69811} /l2070
Utilit?io TouchPad On/Off-->C:\PROGRA~1\FICHEI~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{107C7E59-F4CF-444F-BCCC-8223137D1AD1} /l2070
VoIPvoice Cyber Series Camera (C7)-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,Launch Setup "C:\Programas\InstallShield Installation Information\{ECD03DA7-5952-406A-8156-5F0C93618D1F}\Setup.exe" -l0x816
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{3A417047-2E30-4D05-8977-F706D40BFF39}
Windows Live Messenger-->MsiExec.exe /X{8EADB73B-026D-4978-A8F0-1EEF5E1ECEC7}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Programas\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"C:\Programas\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Programas\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPatrol 2008-->C:\PROGRA~1\BILLPS~1\WINPAT~1\Setup.exe /remove /q0

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: AVG Anti-Virus Free

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------
Teresinha is offline   Reply With Quote
Didn't find the information you thought to find?
Check out these Similar Threads
Old 11th December 2008   #2
SuperGeek
 
Profile:
Join Date: Apr 2003
Location: New Bremen, Ohio U.S.A.
Posts: 12,523
Computer Experience:
~@<*+
noahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Level

My System

Hi Teresinha, and welcome to WindowsBBS

Download RegSearch.zip and extract the contents of the zip file to it's own folder.
Open the folder and double-click the icon for RegSearch.exe to launch the program.
Enter service.exe on the top line and click OK. After completion, notepad will be opened with all the found instances, if any. Please post that log here.
noahdfear is offline   Reply With Quote
Old 11th December 2008   #3
Inactive
 
Profile:
Join Date: Dec 2008
Location: Lisbon, Portugal
Posts: 7
Computer Experience:
Beginner
Teresinha Reputation Level
Hi!
I've done what you said, here goes the log:

Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.6.0

; Results at 11-12-2008 4:35:20 for strings:
; 'service.exe'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\User Data\S-1-5-18\Components\4AAC1A996D57E5F42ACF11EE9C3161A4]
"B0B35DEDC76B4424EAA66DDFC3821DFE"="C:\\Programas\\Lavasoft\\Ad-Aware\\aawservice.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="Explorer.exe %WINDIR%\\system32\\drivers\\service.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\aawservice]
; Contents of value:
; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
"ImagePath"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d ,00,\
61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41, \
00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00, \
65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\aawservice]
; Contents of value:
; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
"ImagePath"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d ,00,\
61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41, \
00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00, \
65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aawservice]
; Contents of value:
; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
"ImagePath"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d ,00,\
61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41, \
00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00, \
65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

[HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\Detected\ActiveTasks]
"C:\\PROGRAMAS\\Lavasoft\\Ad-Aware\\AAWSERVICE.EXE"="11/12/2008 14:50"

[HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\Detected\Services]
"C:\\Programas\\Lavasoft\\Ad-Aware\\aawservice.exe"="11/12/2008 14:50"

[HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\WinPatrol\Run]
"%WINDIR%\\system32\\drivers\\service.exe"="251"

; End Of The Log...
Teresinha is offline   Reply With Quote
Old 11th December 2008   #4
SuperGeek
 
Profile:
Join Date: Apr 2003
Location: New Bremen, Ohio U.S.A.
Posts: 12,523
Computer Experience:
~@<*+
noahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Level

My System

Highlight and copy the contents of the code box below.
Code:
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /t REG_SZ /d Explorer.exe /f
reg delete "HKU\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\WinPatrol\Run" /v "%WINDIR%\\system32\\drivers\\service.exe" /f
Click Start>Run and type cmd then hit enter to open a command window. Right click in the command window and select paste. The command window will close on it's own.

Please repeat the search for service.exe and post the new output.
noahdfear is offline   Reply With Quote
Old 11th December 2008   #5
Inactive
 
Profile:
Join Date: Dec 2008
Location: Lisbon, Portugal
Posts: 7
Computer Experience:
Beginner
Teresinha Reputation Level
New output:

Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.6.0

; Results at 11-12-2008 4:54:18 for strings:
; 'service.exe'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\User Data\S-1-5-18\Components\4AAC1A996D57E5F42ACF11EE9C3161A4]
"B0B35DEDC76B4424EAA66DDFC3821DFE"="C:\\Programas\\Lavasoft\\Ad-Aware\\aawservice.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\aawservice]
; Contents of value:
; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
"ImagePath"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d ,00,\
61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41, \
00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00, \
65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\aawservice]
; Contents of value:
; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
"ImagePath"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d ,00,\
61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41, \
00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00, \
65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aawservice]
; Contents of value:
; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
"ImagePath"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d ,00,\
61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41, \
00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00, \
65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

[HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\Detected\ActiveTasks]
"C:\\PROGRAMAS\\Lavasoft\\Ad-Aware\\AAWSERVICE.EXE"="11/12/2008 14:50"

[HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\Detected\Services]
"C:\\Programas\\Lavasoft\\Ad-Aware\\aawservice.exe"="11/12/2008 14:50"

[HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\WinPatrol\Run]
"%WINDIR%\\system32\\drivers\\service.exe"="251"

; End Of The Log...
Teresinha is offline   Reply With Quote
Old 11th December 2008   #6
SuperGeek
 
Profile:
Join Date: Apr 2003
Location: New Bremen, Ohio U.S.A.
Posts: 12,523
Computer Experience:
~@<*+
noahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Level

My System

Highlight and copy the contents of the code box below to a blank notepad. Save it to the desktop as;

Filename: fix.reg
Save as type: All Files (*.*)

Code:
REGEDIT4

[HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\WinPatrol\Run]
"%WINDIR%\\system32\\drivers\\service.exe"=-
Double click fix.reg and allow it to merge with the registry, then delete fix.reg.


Repeat the search once more please, then post the new output.
noahdfear is offline   Reply With Quote
Old 11th December 2008   #7
Inactive
 
Profile:
Join Date: Dec 2008
Location: Lisbon, Portugal
Posts: 7
Computer Experience:
Beginner
Teresinha Reputation Level
I think it's cured!
I shut down the computer and then restarted it, and that annoying message didn't appear!
Teresinha is offline   Reply With Quote
Old 11th December 2008   #8
Inactive
 
Profile:
Join Date: Dec 2008
Location: Lisbon, Portugal
Posts: 7
Computer Experience:
Beginner
Teresinha Reputation Level
Log:

Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.6.0

; Results at 11-12-2008 5:11:53 for strings:
; 'service.exe'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\User Data\S-1-5-18\Components\4AAC1A996D57E5F42ACF11EE9C3161A4]
"B0B35DEDC76B4424EAA66DDFC3821DFE"="C:\\Programas\\Lavasoft\\Ad-Aware\\aawservice.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\aawservice]
; Contents of value:
; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
"ImagePath"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d ,00,\
61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41, \
00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00, \
65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\aawservice]
; Contents of value:
; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
"ImagePath"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d ,00,\
61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41, \
00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00, \
65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aawservice]
; Contents of value:
; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
"ImagePath"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d ,00,\
61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41, \
00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00, \
65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

[HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\Detected\ActiveTasks]
"C:\\PROGRAMAS\\Lavasoft\\Ad-Aware\\AAWSERVICE.EXE"="11/12/2008 14:50"

[HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\Detected\Services]
"C:\\Programas\\Lavasoft\\Ad-Aware\\aawservice.exe"="11/12/2008 14:50"

; End Of The Log...
Teresinha is offline   Reply With Quote
Old 11th December 2008   #9
SuperGeek
 
Profile:
Join Date: Apr 2003
Location: New Bremen, Ohio U.S.A.
Posts: 12,523
Computer Experience:
~@<*+
noahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Level

My System

That's much better.

Everything else OK?
noahdfear is offline   Reply With Quote
Old 11th December 2008   #10
Inactive
 
Profile:
Join Date: Dec 2008
Location: Lisbon, Portugal
Posts: 7
Computer Experience:
Beginner
Teresinha Reputation Level
Quote:
Originally Posted by noahdfear View Post
That's much better.

Everything else OK?
All good now!

Thank you so much!! ***
Teresinha is offline   Reply With Quote
Old 11th December 2008   #11
SuperGeek
 
Profile:
Join Date: Apr 2003
Location: New Bremen, Ohio U.S.A.
Posts: 12,523
Computer Experience:
~@<*+
noahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Level

My System

You're very welcome.
noahdfear is offline   Reply With Quote



Reply

« [Resolved] INFECTED PC. Pop Ups, Invalid Files | [InActive] Slow loading websites or some not loading »
Thread Tools


Similar Threads
Thread Thread Starter Forum Replies Last Post
[Resolved] XP SP2 crazy pop-ups from SpySweeper AndyB Malware and Virus Removal 16 27th April 2008 04:24
[Resolved] Is my system realy unsecure? Naj Malware and Virus Removal 14 12th April 2008 00:25
[Resolved] privacy danger 79nicklas Malware and Virus Removal 7 11th April 2008 02:52
[Resolved] C:\windows\system32\drivers\spools.exe matthewgz1985 Malware and Virus Removal 32 10th April 2008 04:55
[Resolved] Google Redirect. scorpion657 Malware and Virus Removal 11 6th April 2008 22:14


All times are GMT +1. The time now is 09:32.




Advertise - Contact Us - Windows BBS - Archive - Privacy Statement - Top

Advertisements do not imply our endorsement of the product or service advertised.
Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.3.2
Copyright © 2002 - 2009 WindowsBBS.com. All rights reserved.
Terms of Use, Legal Information & Privacy Policy
[]

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32