1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Error message "C:\WINDOWS\system32\drivers\service.exe"

Discussion in 'Malware and Virus Removal Archive' started by Teresinha, 2008/12/09.

  1. 2008/12/09
    Teresinha

    Teresinha Inactive Thread Starter

    Joined:
    2008/12/09
    Messages:
    7
    Likes Received:
    0
    [Resolved] Error message "C:\WINDOWS\system32\drivers\service.exe "

    Hi!

    I have this Toshiba laptop, running Windows XP Home Edition SP3, which lately, every time I login, prompts me with an error message saying Windows cannot find the path "C:\WINDOWS\system32\drivers\service.exe ".

    I've run various virus and spyware removal programs, but can't get rid of this annoying message. Nothing else seems affected!

    Don't know what else to do... :confused: Any suggestions?

    Thanks in advance :)

    -----

    As requested, here goes the RSIT logs:

    LOG

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Ondina Velez Lago at 2008-12-09 20:15:13
    Microsoft Windows XP Home Edition Service Pack 3
    System drive C: has 30 GB (80%) free of 38 GB
    Total RAM: 478 MB (24% free)

    HijackThis download failed

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\MP Scheduled Scan.job
    C:\WINDOWS\tasks\SuperCleaner.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Facilitador de Leitor de Link Adobe PDF - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Programas\AVG\AVG8\avgssie.dll [2008-11-06 455960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Programas\Java\jre6\bin\ssv.dll [2008-11-06 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programa Auxiliar de Início de Sessão do Windows Live - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
    AVG Security Toolbar - C:\Programas\AVG\AVG8\avgtoolbar.dll [2008-11-06 2055960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Programas\Java\jre6\bin\jp2ssv.dll [2008-11-06 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-06 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\Programas\AVG\AVG8\avgtoolbar.dll [2008-11-06 2055960]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray "=C:\WINDOWS\System32\i [2008-11-06 79]
    "HotKeysCmds "=C:\WINDOWS\System32\hkcmd.exe [2003-05-29 114688]
    "Apoint "=C:\Programas\Apoint2K\Apoint.exe [2003-06-18 151552]
    "CeEPOWER "=C:\Programas\TOSHIBA\Power Management\CePMTray.exe [2003-07-23 135168]
    "CPLDBL10 "=C:\Programas\EzButton\CPLDBL10.EXE [2003-07-03 204800]
    "CeEKEY "=C:\Programas\TOSHIBA\E-KEY\CeEKey.exe [2003-07-29 638976]
    "TPNF "=C:\Programas\TOSHIBA\TouchPad\TPTray.exe [2003-07-18 49152]
    "AVG8_TRAY "=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-05 1261336]
    "Adobe Reader Speed Launcher "=C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
    "SunJavaUpdateSched "=C:\Programas\Java\jre6\bin\jusched.exe [2008-11-06 136600]
    "Windows Defender "=C:\Programas\Windows Defender\MSASCui.exe [2006-11-03 866584]
    "CameraFixer "=C:\WINDOWS\CameraFixer.exe [2006-06-02 20480]
    "tsnpstd3 "=C:\WINDOWS\tsnpstd3.exe [2006-06-19 114688]
    "snpstd3 "=C:\WINDOWS\vsnpstd3.exe [2005-09-05 339968]
    "WinPatrol "=C:\Programas\BillP Studios\WinPatrol\winpatrol.exe [2008-09-18 333120]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer "=C:\Programas\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
    "ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "SuperCleaner "=C:\Programas\SuperCleaner\SuperCleaner.exe [2008-11-05 520192]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS "= "avgrsstx.dll "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxsrvc.dll [2003-05-29 319488]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-05-09 52224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} "=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername "=0
    "legalnoticecaption "=
    "legalnoticetext "=
    "shutdownwithoutlogon "=1
    "undockwithoutlogon "=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun "=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37cf66aa-c2cd-11dd-83b3-a7dd70e6ca64}]
    shell\AutoRun\command - E:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37cf66ab-c2cd-11dd-83b3-a7dd70e6ca64}]
    shell\AutoRun\command - E:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37cf66ac-c2cd-11dd-83b3-a7dd70e6ca64}]
    shell\AutoRun\command - E:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a134e916-acd5-11dd-83a8-99279b65b666}]
    shell\AutoRun\command - E:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a134e917-acd5-11dd-83a8-99279b65b666}]
    shell\AutoRun\command - E:\AutoRun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a2b26c98-c2d6-11dd-83b4-a9731c35f464}]
    shell\AutoRun\command - E:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e23830cc-acca-11dd-83a6-f66b7cee4b19}]
    shell\AutoRun\command - E:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fc3f257d-abb0-11dd-839d-e79b886b3e3d}]
    shell\AutoRun\command - E:\VMC_PBStarter.exe


    ======List of files/folders created in the last 3 months======

    2008-12-09 20:15:14 ----D---- C:\Programas\trend micro
    2008-12-09 20:15:13 ----D---- C:\rsit
    2008-12-06 18:53:22 ----D---- C:\WINDOWS\pss
    2008-12-06 15:45:47 ----A---- C:\WINDOWS\TPTray.INI
    2008-12-06 00:09:38 ----SHD---- C:\Config.Msi
    2008-12-05 14:57:08 ----D---- C:\WINDOWS\system32\SoftwareDistribution
    2008-12-05 13:32:49 ----A---- C:\WINDOWS\E220AutoRunLog.tmp
    2008-11-17 17:37:46 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-11-12 14:57:34 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2008-11-12 14:51:14 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\WinPatrol
    2008-11-12 12:51:05 ----D---- C:\WINDOWS\BDOSCAN8
    2008-11-12 12:25:51 ----D---- C:\Programas\BillP Studios
    2008-11-12 12:22:23 ----D---- C:\Programas\Lavasoft
    2008-11-12 12:22:05 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-11-12 12:20:53 ----D---- C:\Programas\Ficheiros comuns\Wise Installation Wizard
    2008-11-12 12:20:22 ----D---- C:\Programas\SpywareBlaster
    2008-11-11 19:55:31 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2008-11-11 19:53:51 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
    2008-11-11 19:51:45 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2008-11-07 14:33:25 ----D---- C:\Programas\MODEM MF622
    2008-11-07 14:15:19 ----D---- C:\WINDOWS\system32\SupportAppPT
    2008-11-07 12:57:57 ----D---- C:\WINDOWS\Minidump
    2008-11-07 10:16:48 ----A---- C:\WINDOWS\wininit.ini
    2008-11-07 00:17:49 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
    2008-11-07 00:15:02 ----D---- C:\Programas\VoIPvoice Cyber Series Camera AP
    2008-11-07 00:14:51 ----A---- C:\WINDOWS\tsnpstd3.exe
    2008-11-07 00:14:51 ----A---- C:\WINDOWS\CameraFixer.exe
    2008-11-07 00:14:48 ----A---- C:\WINDOWS\vsnpstd3.exe
    2008-11-07 00:14:47 ----A---- C:\WINDOWS\snpstd3.ini
    2008-11-07 00:14:41 ----A---- C:\WINDOWS\vsnpstd3.dll
    2008-11-07 00:14:41 ----A---- C:\WINDOWS\usnpstd3.exe
    2008-11-07 00:14:41 ----A---- C:\WINDOWS\system32\rsnpstd3.dll
    2008-11-07 00:14:41 ----A---- C:\WINDOWS\system32\csnpstd3.dll
    2008-11-07 00:14:39 ----D---- C:\Programas\Ficheiros comuns\snpstd3
    2008-11-06 19:44:09 ----A---- C:\WINDOWS\ODBC.INI
    2008-11-06 19:43:52 ----A---- C:\WINDOWS\system32\mdimon.dll
    2008-11-06 19:40:44 ----D---- C:\Programas\Microsoft.NET
    2008-11-06 19:39:29 ----D---- C:\Programas\Ficheiros comuns\DESIGNER
    2008-11-06 19:38:46 ----D---- C:\WINDOWS\SHELLNEW
    2008-11-06 19:36:35 ----D---- C:\Programas\Microsoft Office
    2008-11-06 19:34:28 ----RHD---- C:\MSOCache
    2008-11-06 19:16:28 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
    2008-11-06 19:16:28 ----A---- C:\WINDOWS\system32\mucltui.dll
    2008-11-06 19:04:56 ----D---- C:\Programas\Windows Defender
    2008-11-06 16:17:57 ----SHDC---- C:\Programas\Ficheiros comuns\WindowsLiveInstaller
    2008-11-06 16:17:23 ----D---- C:\Programas\Windows Live
    2008-11-06 15:46:52 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\Macromedia
    2008-11-06 15:35:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2008-11-06 15:29:50 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-11-06 15:29:50 ----A---- C:\WINDOWS\system32\deploytk.dll
    2008-11-06 15:29:49 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-11-06 15:29:49 ----A---- C:\WINDOWS\system32\java.exe
    2008-11-06 14:54:33 ----A---- C:\WINDOWS\system32\msvcp71.dll
    2008-11-06 14:44:47 ----D---- C:\WINDOWS\system32\Adobe
    2008-11-06 14:13:45 ----D---- C:\WINDOWS\Prefetch
    2008-11-06 13:41:38 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2008-11-06 13:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-11-06 13:41:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-11-06 13:41:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-11-06 13:41:05 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-11-06 13:40:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2008-11-06 13:40:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2008-11-06 13:40:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
    2008-11-06 13:40:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2008-11-06 13:40:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2008-11-06 13:40:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2008-11-06 13:40:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2008-11-06 13:40:09 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2008-11-06 13:40:02 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2008-11-06 13:34:19 ----D---- C:\WINDOWS\l2schemas
    2008-11-06 12:50:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
    2008-11-06 12:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
    2008-11-06 12:50:39 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
    2008-11-06 12:50:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
    2008-11-06 12:48:38 ----D---- C:\WINDOWS\ie7updates
    2008-11-06 12:47:11 ----D---- C:\WINDOWS\WBEM
    2008-11-06 12:47:10 ----D---- C:\WINDOWS\system32\pt-pt
    2008-11-06 12:45:28 ----HDC---- C:\WINDOWS\ie7
    2008-11-06 12:45:11 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2008-11-06 12:44:53 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2008-11-06 12:44:22 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
    2008-11-06 12:44:13 ----A---- C:\WINDOWS\system32\xmllite.dll
    2008-11-06 12:42:25 ----D---- C:\WINDOWS\network diagnostic
    2008-11-06 12:42:23 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
    2008-11-06 12:42:11 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
    2008-11-06 12:27:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-11-06 12:27:47 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
    2008-11-06 12:27:40 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
    2008-11-06 12:27:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
    2008-11-06 12:27:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
    2008-11-06 12:27:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
    2008-11-06 12:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
    2008-11-06 12:26:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
    2008-11-06 12:26:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
    2008-11-06 12:26:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
    2008-11-06 12:26:28 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
    2008-11-06 12:26:21 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
    2008-11-06 12:25:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
    2008-11-06 12:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
    2008-11-06 12:09:51 ----N---- C:\WINDOWS\system32\wlanapi.dll
    2008-11-06 12:09:37 ----N---- C:\WINDOWS\system32\tspkg.dll
    2008-11-06 12:09:37 ----N---- C:\WINDOWS\system32\tsgqec.dll
    2008-11-06 12:09:21 ----N---- C:\WINDOWS\system32\setupn.exe
    2008-11-06 12:09:15 ----N---- C:\WINDOWS\system32\rhttpaa.dll
    2008-11-06 12:09:14 ----N---- C:\WINDOWS\system32\rasqec.dll
    2008-11-06 12:09:12 ----N---- C:\WINDOWS\system32\qutil.dll
    2008-11-06 12:09:10 ----N---- C:\WINDOWS\system32\qcliprov.dll
    2008-11-06 12:09:10 ----N---- C:\WINDOWS\system32\qagentrt.dll
    2008-11-06 12:09:10 ----N---- C:\WINDOWS\system32\qagent.dll
    2008-11-06 12:09:03 ----N---- C:\WINDOWS\system32\onex.dll
    2008-11-06 12:08:48 ----N---- C:\WINDOWS\system32\napstat.exe
    2008-11-06 12:08:48 ----N---- C:\WINDOWS\system32\napmontr.dll
    2008-11-06 12:08:48 ----N---- C:\WINDOWS\system32\napipsec.dll
    2008-11-06 12:08:46 ----N---- C:\WINDOWS\system32\msxml6r.dll
    2008-11-06 12:08:46 ----N---- C:\WINDOWS\system32\msxml6.dll
    2008-11-06 12:08:42 ----N---- C:\WINDOWS\system32\msshavmsg.dll
    2008-11-06 12:08:42 ----N---- C:\WINDOWS\system32\mssha.dll
    2008-11-06 12:08:24 ----N---- C:\WINDOWS\system32\mmcperf.exe
    2008-11-06 12:08:24 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
    2008-11-06 12:08:23 ----N---- C:\WINDOWS\system32\mmcex.dll
    2008-11-06 12:08:23 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
    2008-11-06 12:08:10 ----N---- C:\WINDOWS\system32\l2gpstore.dll
    2008-11-06 12:08:02 ----N---- C:\WINDOWS\system32\kmsvc.dll
    2008-11-06 12:08:02 ----N---- C:\WINDOWS\system32\kbdpash.dll
    2008-11-06 12:08:02 ----N---- C:\WINDOWS\system32\kbdnepr.dll
    2008-11-06 12:08:01 ----N---- C:\WINDOWS\system32\kbdiultn.dll
    2008-11-06 12:08:01 ----N---- C:\WINDOWS\system32\kbdbhc.dll
    2008-11-06 12:07:33 ----N---- C:\WINDOWS\system32\eapsvc.dll
    2008-11-06 12:07:33 ----N---- C:\WINDOWS\system32\eapqec.dll
    2008-11-06 12:07:33 ----N---- C:\WINDOWS\system32\eappprxy.dll
    2008-11-06 12:07:33 ----N---- C:\WINDOWS\system32\eapphost.dll
    2008-11-06 12:07:33 ----N---- C:\WINDOWS\system32\eappgnui.dll
    2008-11-06 12:07:32 ----N---- C:\WINDOWS\system32\eappcfg.dll
    2008-11-06 12:07:32 ----N---- C:\WINDOWS\system32\eapp3hst.dll
    2008-11-06 12:07:32 ----N---- C:\WINDOWS\system32\eapolqec.dll
    2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3ui.dll
    2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3svc.dll
    2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3msm.dll
    2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
    2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3dlg.dll
    2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3cfg.dll
    2008-11-06 12:07:29 ----N---- C:\WINDOWS\system32\dot3api.dll
    2008-11-06 12:07:27 ----N---- C:\WINDOWS\system32\dimsroam.dll
    2008-11-06 12:07:27 ----N---- C:\WINDOWS\system32\dimsntfy.dll
    2008-11-06 12:07:26 ----N---- C:\WINDOWS\system32\dhcpqec.dll
    2008-11-06 12:07:22 ----N---- C:\WINDOWS\system32\credssp.dll
    2008-11-06 12:07:15 ----N---- C:\WINDOWS\system32\bitsprx4.dll
    2008-11-06 12:07:15 ----N---- C:\WINDOWS\system32\azroles.dll
    2008-11-06 12:07:04 ----N---- C:\WINDOWS\system32\aaclient.dll
    2008-11-06 11:57:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2008-11-06 11:57:36 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
    2008-11-06 11:56:24 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2008-11-06 11:07:31 ----D---- C:\Programas\Windows Live Safety Center
    2008-11-06 10:38:35 ----D---- C:\Programas\Microsoft
    2008-11-06 10:30:15 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
    2008-11-06 10:30:05 ----HDC---- C:\WINDOWS\$NtUninstallKB924191$
    2008-11-06 10:29:48 ----HDC---- C:\WINDOWS\$NtUninstallKB922819$
    2008-11-06 10:29:37 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
    2008-11-06 10:29:26 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
    2008-11-06 10:29:15 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
    2008-11-06 10:29:02 ----HDC---- C:\WINDOWS\$NtUninstallKB921883$
    2008-11-06 10:28:50 ----HDC---- C:\WINDOWS\$NtUninstallKB922616$
    2008-11-06 10:28:34 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
    2008-11-06 10:28:10 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
    2008-11-06 10:24:12 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
    2008-11-06 10:24:01 ----HDC---- C:\WINDOWS\$NtUninstallKB896424$
    2008-11-06 10:23:51 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
    2008-11-06 10:23:42 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
    2008-11-06 10:23:32 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
    2008-11-06 10:23:17 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
    2008-11-06 10:23:06 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
    2008-11-06 10:22:52 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
    2008-11-06 10:22:06 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$
    2008-11-06 10:21:49 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\InterVideo
    2008-11-06 10:21:11 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
    2008-11-06 10:20:54 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
    2008-11-06 10:20:38 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
    2008-11-06 10:20:28 ----D---- C:\Programas\Ficheiros comuns\Windows Live
    2008-11-06 10:20:04 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
    2008-11-06 10:19:55 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
    2008-11-06 10:19:43 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
    2008-11-06 10:19:34 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$
    2008-11-06 10:19:25 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
    2008-11-06 10:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
    2008-11-06 10:19:03 ----HDC---- C:\WINDOWS\$NtUninstallKB873333$
    2008-11-06 10:18:49 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
    2008-11-06 10:18:38 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
    2008-11-06 10:18:27 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
    2008-11-06 10:18:15 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
    2008-11-06 10:18:04 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$
    2008-11-06 10:17:52 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
    2008-11-06 10:17:38 ----HDC---- C:\WINDOWS\$NtUninstallKB912919$
    2008-11-06 10:17:28 ----HDC---- C:\WINDOWS\$NtUninstallKB904706$
    2008-11-06 10:17:14 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
    2008-11-06 10:16:59 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
    2008-11-06 10:16:15 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
    2008-11-06 10:15:52 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
    2008-11-06 10:15:28 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
    2008-11-06 10:14:52 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
    2008-11-06 10:14:35 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
    2008-11-06 10:13:21 ----N---- C:\WINDOWS\system32\spmsg.dll
    2008-11-06 10:13:19 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
    2008-11-06 10:02:24 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
    2008-11-06 09:55:12 ----HD---- C:\$AVG8.VAULT$
    2008-11-06 02:45:41 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
    2008-11-06 02:44:28 ----D---- C:\WINDOWS\system32\LogFiles
    2008-11-06 02:44:21 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
    2008-11-06 02:42:52 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
    2008-11-06 02:41:57 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-11-06 02:05:50 ----HDC---- C:\WINDOWS\$NtUninstallKB884020$
    2008-11-06 02:00:49 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-11-06 01:52:00 ----A---- C:\WINDOWS\system32\avgrsstx.dll
    2008-11-06 01:51:49 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\AVGTOOLBAR
    2008-11-06 01:51:29 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
    2008-11-06 01:43:34 ----A---- C:\WINDOWS\CeEKey.INI
    2008-11-06 01:42:18 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
    2008-11-06 01:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
    2008-11-06 01:35:00 ----N---- C:\WINDOWS\system32\proxycfg.exe
    2008-11-06 01:35:00 ----N---- C:\WINDOWS\system32\logman.exe
    2008-11-06 01:34:45 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
    2008-11-06 01:34:45 ----N---- C:\WINDOWS\system32\ati2dvag.dll
    2008-11-06 01:34:45 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
    2008-11-06 01:34:45 ----N---- C:\WINDOWS\system32\ati2cqag.dll
    2008-11-06 01:34:44 ----N---- C:\WINDOWS\system32\bthci.dll
    2008-11-06 01:34:44 ----N---- C:\WINDOWS\system32\blastcln.exe
    2008-11-06 01:34:44 ----N---- C:\WINDOWS\system32\auditusr.exe
    2008-11-06 01:34:44 ----N---- C:\WINDOWS\system32\ativvaxx.dll
    2008-11-06 01:34:44 ----N---- C:\WINDOWS\system32\ativtmxx.dll
    2008-11-06 01:34:44 ----N---- C:\WINDOWS\system32\ati3duag.dll
    2008-11-06 01:34:43 ----N---- C:\WINDOWS\system32\cmsetacl.dll
    2008-11-06 01:34:43 ----N---- C:\WINDOWS\system32\btpanui.dll
    2008-11-06 01:34:43 ----N---- C:\WINDOWS\system32\bthserv.dll
    2008-11-06 01:34:42 ----N---- C:\WINDOWS\system32\fsquirt.exe
    2008-11-06 01:34:42 ----N---- C:\WINDOWS\system32\fltmc.exe
    2008-11-06 01:34:42 ----N---- C:\WINDOWS\system32\fltlib.dll
    2008-11-06 01:34:42 ----N---- C:\WINDOWS\system32\extmgr.dll
    2008-11-06 01:34:41 ----N---- C:\WINDOWS\system32\httpapi.dll
    2008-11-06 01:34:41 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
    2008-11-06 01:34:41 ----N---- C:\WINDOWS\system32\fwcfg.dll
    2008-11-06 01:34:41 ----A---- C:\WINDOWS\system32\ieencode.dll
    2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
    2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdukx.dll
    2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
    2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
    2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdno1.dll
    2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
    2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
    2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdmaori.dll
    2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdinmal.dll
    2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdinben.dll
    2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
    2008-11-06 01:34:39 ----N---- C:\WINDOWS\system32\kbdfi1.dll
    2008-11-06 01:34:38 ----N---- C:\WINDOWS\system32\msdadiag.dll
    2008-11-06 01:34:37 ----N---- C:\WINDOWS\system32\nv4_disp.dll
    2008-11-06 01:34:37 ----N---- C:\WINDOWS\system32\mtxparhd.dll
    2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\s3gnb.dll
    2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\powercfg.exe
    2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
    2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\p2psvc.dll
    2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
    2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\p2pgraph.dll
    2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
    2008-11-06 01:34:36 ----N---- C:\WINDOWS\system32\p2p.dll
    2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\smbinst.exe
    2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\slserv.exe
    2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\slrundll.exe
    2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\slgen.dll
    2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\slextspk.dll
    2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\slcoinst.dll
    2008-11-06 01:34:35 ----N---- C:\WINDOWS\system32\sdhcinst.dll
    2008-11-06 01:34:35 ----A---- C:\WINDOWS\system32\xpsp2res.dll
    2008-11-06 01:34:34 ----N---- C:\WINDOWS\system32\winshfhc.dll
    2008-11-06 01:34:34 ----N---- C:\WINDOWS\system32\w3ssl.dll
    2008-11-06 01:34:34 ----N---- C:\WINDOWS\system32\twext.dll
    2008-11-06 01:34:34 ----N---- C:\WINDOWS\system32\strmfilt.dll
    2008-11-06 01:34:31 ----N---- C:\WINDOWS\system32\xmlprovi.dll
    2008-11-06 01:34:31 ----N---- C:\WINDOWS\system32\xmlprov.dll
    2008-11-06 01:34:31 ----N---- C:\WINDOWS\system32\wuaueng1.dll
    2008-11-06 01:34:31 ----N---- C:\WINDOWS\system32\wuauclt1.exe
    2008-11-06 01:34:31 ----N---- C:\WINDOWS\system32\wshbth.dll
    2008-11-06 01:34:31 ----N---- C:\WINDOWS\system32\wscntfy.exe
    2008-11-06 01:34:31 ----N---- C:\WINDOWS\slrundll.exe
    2008-11-06 01:34:31 ----A---- C:\WINDOWS\system32\wscsvc.dll
    2008-11-06 01:34:28 ----D---- C:\WINDOWS\peernet
    2008-11-06 01:34:26 ----D---- C:\WINDOWS\provisioning
    2008-11-06 01:31:13 ----D---- C:\WINDOWS\ServicePackFiles
    2008-11-06 01:21:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2008-11-06 01:21:09 ----D---- C:\WINDOWS\EHome
    2008-11-06 00:02:29 ----D---- C:\Programas\TeaTimer (Spybot - Search & Destroy)
    2008-11-06 00:02:29 ----D---- C:\Programas\SDHelper (Spybot - Search & Destroy)
    2008-11-06 00:02:29 ----D---- C:\Programas\Misc. Support Library (Spybot - Search & Destroy)
    2008-11-06 00:02:28 ----D---- C:\Programas\File Scanner Library (Spybot - Search & Destroy)
    2008-11-05 23:54:42 ----D---- C:\WINDOWS\system32\PreInstall
    2008-11-05 23:54:39 ----A---- C:\WINDOWS\system32\spupdsvc.exe
    2008-11-05 23:54:37 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
    2008-11-05 23:51:09 ----HDC---- C:\WINDOWS\$NtUninstallKB911927_0$
    2008-11-05 23:50:50 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
    2008-11-05 23:50:02 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-11-05 23:49:49 ----HDC---- C:\WINDOWS\$NtUninstallKB888302_0$
    2008-11-05 23:19:25 ----A---- C:\WINDOWS\system32\webclnt.dll
    2008-11-05 23:11:40 ----HD---- C:\WINDOWS\$hf_mig$
    2008-11-05 22:38:03 ----D---- C:\Programas\AVG
    2008-11-05 22:32:15 ----D---- C:\WINDOWS\system32\bits
    2008-11-05 22:32:03 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
    2008-11-05 22:21:06 ----N---- C:\WINDOWS\system32\bitsprx3.dll
    2008-11-05 22:21:06 ----N---- C:\WINDOWS\system32\bitsprx2.dll
    2008-11-05 22:21:06 ----A---- C:\WINDOWS\system32\winhttp.dll
    2008-11-05 22:21:06 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
    2008-11-05 22:09:28 ----A---- C:\WINDOWS\system32\wups2.dll
    2008-11-05 22:09:28 ----A---- C:\WINDOWS\system32\wups.dll
    2008-11-05 22:09:28 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
    2008-11-05 22:09:28 ----A---- C:\WINDOWS\system32\wucltui.dll
    2008-11-05 22:09:28 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
    2008-11-05 22:09:26 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
    2008-11-05 22:09:26 ----A---- C:\WINDOWS\system32\wuapi.dll
    2008-11-05 22:04:05 ----D---- C:\WINDOWS\SoftwareDistribution
    2008-11-05 21:48:45 ----A---- C:\WINDOWS\ModemLog_ZTE Proprietary USB Modem.txt
    2008-11-05 21:41:35 ----D---- C:\Programas\WinRAR
    2008-11-05 21:41:26 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2008-11-05 21:40:45 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-11-05 21:40:43 ----D---- C:\Programas\Spybot - Search & Destroy
    2008-11-05 21:40:05 ----A---- C:\WINDOWS\system32\rmoc3260.dll
    2008-11-05 21:40:05 ----A---- C:\WINDOWS\system32\pndx5032.dll
    2008-11-05 21:40:05 ----A---- C:\WINDOWS\system32\pndx5016.dll
    2008-11-05 21:40:05 ----A---- C:\WINDOWS\system32\pncrt.dll
    2008-11-05 21:40:04 ----A---- C:\WINDOWS\system32\unrar.dll
    2008-11-05 21:40:01 ----A---- C:\WINDOWS\system32\yv12vfw.dll
    2008-11-05 21:40:01 ----A---- C:\WINDOWS\system32\xvidvfw.dll
    2008-11-05 21:40:01 ----A---- C:\WINDOWS\system32\xvidcore.dll
    2008-11-05 21:40:00 ----A---- C:\WINDOWS\system32\qt-dx331.dll
    2008-11-05 21:40:00 ----A---- C:\WINDOWS\system32\dpl100.dll
    2008-11-05 21:40:00 ----A---- C:\WINDOWS\system32\divx.dll
    2008-11-05 21:39:59 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
    2008-11-05 21:39:59 ----A---- C:\WINDOWS\system32\ff_vfw.dll
    2008-11-05 21:39:58 ----D---- C:\Programas\K-Lite Codec Pack
    2008-11-05 21:39:58 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\Real
    2008-11-05 21:39:58 ----D---- C:\Documents and Settings\All Users\Application Data\Real
    2008-11-05 21:39:58 ----A---- C:\WINDOWS\system32\msvcr71.dll
    2008-11-05 21:36:33 ----D---- C:\Programas\SuperCleaner
    2008-11-05 21:12:43 ----HD---- C:\Programas\Uninstall Information
    2008-11-05 21:12:35 ----ASH---- C:\Documents and Settings\Ondina Velez Lago\Application Data\desktop.ini
    2008-11-05 21:12:34 ----SD---- C:\Documents and Settings\Ondina Velez Lago\Application Data\Microsoft
    2008-11-05 21:12:34 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\Sun
    2008-11-05 21:12:34 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\Identities
    2008-11-05 21:12:34 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\AdobeUM
    2008-11-05 21:12:34 ----D---- C:\Documents and Settings\Ondina Velez Lago\Application Data\Adobe

    ======List of files/folders modified in the last 3 months======

    2008-12-09 20:15:14 ----RD---- C:\Programas
    2008-12-09 20:15:09 ----D---- C:\WINDOWS\Temp
    2008-12-09 19:34:56 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-12-09 19:34:50 ----SD---- C:\WINDOWS\Tasks
    2008-12-06 18:53:22 ----D---- C:\WINDOWS
    2008-12-06 15:48:07 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-12-06 15:44:09 ----D---- C:\WINDOWS\system32
    2008-12-06 00:10:15 ----SHD---- C:\WINDOWS\Installer
    2008-12-05 15:10:03 ----HD---- C:\WINDOWS\inf
    2008-12-05 14:57:24 ----D---- C:\WINDOWS\Help
    2008-11-12 22:08:06 ----SHD---- C:\System Volume Information
    2008-11-12 22:08:06 ----D---- C:\WINDOWS\system32\Restore
    2008-11-12 17:09:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-11-12 17:08:53 ----D---- C:\WINDOWS\Registration
    2008-11-12 15:17:23 ----D---- C:\WINDOWS\repair
    2008-11-12 12:51:17 ----SD---- C:\WINDOWS\Downloaded Program Files
    2008-11-12 12:22:23 ----D---- C:\WINDOWS\system32\drivers
    2008-11-12 12:20:53 ----D---- C:\Programas\Ficheiros comuns
    2008-11-11 21:21:22 ----RSD---- C:\WINDOWS\assembly
    2008-11-11 21:21:22 ----D---- C:\WINDOWS\Microsoft.NET
    2008-11-11 21:06:04 ----D---- C:\WINDOWS\WinSxS
    2008-11-11 21:02:28 ----D---- C:\WINDOWS\system32\mui
    2008-11-11 21:00:48 ----D---- C:\WINDOWS\system32\URTTemp
    2008-11-07 15:21:44 ----A---- C:\WINDOWS\win.ini
    2008-11-07 14:33:22 ----HD---- C:\Programas\InstallShield Installation Information
    2008-11-07 00:14:48 ----D---- C:\WINDOWS\twain_32
    2008-11-07 00:13:45 ----D---- C:\Programas\Ficheiros comuns\InstallShield
    2008-11-07 00:05:28 ----RSD---- C:\WINDOWS\Fonts
    2008-11-07 00:04:35 ----D---- C:\Programas\Ficheiros comuns\Microsoft Shared
    2008-11-06 21:17:55 ----D---- C:\WINDOWS\system32\wbem
    2008-11-06 19:38:50 ----D---- C:\Programas\Ficheiros comuns\System
    2008-11-06 19:36:36 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2008-11-06 19:34:39 ----D---- C:\WINDOWS\system
    2008-11-06 18:13:49 ----D---- C:\WINDOWS\PCHealth
    2008-11-06 15:38:14 ----D---- C:\WINDOWS\system32\Macromed
    2008-11-06 15:29:33 ----D---- C:\Programas\Java
    2008-11-06 14:13:07 ----D---- C:\WINDOWS\system32\Setup
    2008-11-06 14:13:06 ----D---- C:\WINDOWS\AppPatch
    2008-11-06 13:45:41 ----D---- C:\WINDOWS\security
    2008-11-06 13:42:04 ----D---- C:\WINDOWS\system32\CatRoot
    2008-11-06 13:40:11 ----D---- C:\Programas\Messenger
    2008-11-06 13:34:52 ----D---- C:\WINDOWS\ime
    2008-11-06 13:34:21 ----D---- C:\WINDOWS\system32\usmt
    2008-11-06 13:34:17 ----D---- C:\Programas\Movie Maker
    2008-11-06 13:27:47 ----D---- C:\WINDOWS\system32\npp
    2008-11-06 13:27:44 ----D---- C:\WINDOWS\msagent
    2008-11-06 13:27:41 ----D---- C:\WINDOWS\srchasst
    2008-11-06 13:27:40 ----D---- C:\Programas\NetMeeting
    2008-11-06 13:27:37 ----D---- C:\WINDOWS\system32\Com
    2008-11-06 13:27:32 ----D---- C:\Programas\Windows Media Player
    2008-11-06 13:27:31 ----D---- C:\Programas\Windows NT
    2008-11-06 13:27:31 ----D---- C:\Programas\Outlook Express
    2008-11-06 13:27:00 ----D---- C:\WINDOWS\system32\oobe
    2008-11-06 13:21:00 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2008-11-06 12:57:48 ----D---- C:\Programas\Internet Explorer
    2008-11-06 12:47:16 ----D---- C:\WINDOWS\system32\config
    2008-11-06 12:47:01 ----D---- C:\WINDOWS\Media
    2008-11-06 11:57:38 ----D---- C:\WINDOWS\system32\DirectX
    2008-11-06 02:34:06 ----D---- C:\WINDOWS\Debug
    2008-11-06 02:01:20 ----D---- C:\Programas\Ficheiros comuns\Adobe
    2008-11-06 02:00:05 ----D---- C:\Programas\Adobe
    2008-11-06 01:36:14 ----RASH---- C:\boot.ini
    2008-11-06 01:27:32 ----RD---- C:\WINDOWS\Web
    2008-11-06 01:27:06 ----RASH---- C:\NTDETECT.COM
    2008-11-05 22:37:02 ----SD---- C:\WINDOWS\system32\Microsoft
    2008-11-05 22:09:30 ----HD---- C:\Programas\WindowsUpdate
    2008-11-05 21:34:27 ----D---- C:\Programas\Serviços online
    2008-11-05 21:32:45 ----SHD---- C:\RECYCLER
    2008-11-05 21:12:33 ----D---- C:\Documents and Settings
    2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
    2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
    2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\muweb.dll
    2008-10-15 16:36:07 ----A---- C:\WINDOWS\system32\netapi32.dll
    2008-10-03 17:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-11-06 97928]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-11-06 26824]
    R1 intelppm;Controlador de processador Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40320]
    R1 SrvcEKIOMngr;SrvcEKIOMngr; C:\WINDOWS\System32\Drivers\EKIoMngr.sys [2002-12-18 5888]
    R1 SrvcEPIOMngr;SrvcEPIOMngr; C:\WINDOWS\System32\Drivers\EPIoMngr.sys [2002-12-18 5888]
    R1 SrvcSSIOMngr;SrvcSSIOMngr; C:\WINDOWS\System32\Drivers\SSIoMngr.sys [2002-12-18 5888]
    R1 SrvcTPIOMngr;SrvcTPIOMngr; C:\WINDOWS\System32\Drivers\TPIoMngr.sys [2002-07-17 4183]
    R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-11-06 76040]
    R2 DPortIO;Dritek Port I/O Driver; C:\WINDOWS\System32\Drivers\DPortIO.sys [2001-04-12 3674]
    R2 irda;Protocolo IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
    R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-06-13 114880]
    R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-06-13 80512]
    R3 {E2B953A6-195A-44F9-9BA3-3D5F4E32BB55};AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011; C:\WINDOWS\system32\drivers\wA301a.sys [2003-06-13 33847]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-05-14 740044]
    R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\System32\DRIVERS\Apfiltr.sys [2003-06-20 93912]
    R3 Arp1394;Protocolo de cliente ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 CmBatt;Controlador Microsoft ACPI Control Method Battery; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2003-01-16 16256]
    R3 EPOWER;Compal E-POWER Driver; C:\WINDOWS\System32\Drivers\hkdrv.sys [2003-09-10 6896]
    R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-06-13 89787]
    R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 Rasirda;Miniport WAN (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 TOSHIBASoftModem;TOSHIBA Software Modem; C:\WINDOWS\System32\DRIVERS\LTSM.sys [2002-09-17 809872]
    R3 usbehci;Microsoft USB 2.0 - controlador Miniport de anfitrião melhorado; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrador activado por USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 USBSTOR;Controlador de armazenamento de massa USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Controlador miniport do controlador Microsoft USB universal; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S3 AR5211;Atheros AR5001 Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\ar5211.sys [2003-07-29 322720]
    S3 CCDECODE;Descodificador de captura fechada; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-04-16 100736]
    S3 MSTEE;Conversor da Microsoft para fluxos Tee/Sink-to-Sink; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Ligação de TV/Vídeo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2002-06-13 45568]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\System32\DRIVERS\smcirda.sys [2002-04-23 35913]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 VoIPvoiceCyberSeriesCamera;VoIPvoice Cyber Series Camera (C7); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2006-02-06 8410880]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-04-11 82944]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-04-11 87808]
    S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\System32\DRIVERS\ZTEusbmdm6k.sys [2007-06-18 101120]
    S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\System32\DRIVERS\ZTEusbnmea.sys [2007-06-18 101120]
    S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\System32\DRIVERS\ZTEusbser6k.sys [2007-06-18 101120]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Lavasoft Ad-Aware Service; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
    R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-11-06 875288]
    R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-11-06 231704]
    R2 CeEPwrSvc;CeEPwrSvc; C:\Programas\TOSHIBA\Power Management\CeEPwrSvc.exe [2003-07-11 73728]
    R2 Irmon;Monitor de infravermelhos; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Programas\Java\jre6\bin\jqs.exe [2008-11-06 152984]
    R2 WinDefend;Windows Defender; C:\Programas\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R2 ZTE CDROM Monitor;ZTE CDROM Monitor; C:\WINDOWS\system32\SupportAppPT\ztemon.exe [2007-08-31 81920]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 ose;Office Source Engine; C:\Programas\Ficheiros comuns\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 usnjsvc;Serviço de Compartilhamento de Pastas Messenger do USN Journal Reader; C:\Programas\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Programas\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Serviço de Partilha de Rede do Windows Media Player; C:\Programas\Windows Media Player\WMPNetwk.exe [2006-05-17 825344]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

    -----------------EOF-----------------



    INFO

    info.txt logfile of random's system information tool 1.04 2008-12-09 20:15:20

    ======Uninstall list======

    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Actualização de segurança para Windows Internet Explorer 7 (KB938127-v2)--> "C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe "
    Actualização de segurança para Windows Internet Explorer 7 (KB953838)--> "C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe "
    Actualização de segurança para Windows Internet Explorer 7 (KB956390)--> "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Actualização de segurança para Windows XP (KB938464)--> "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB951698)--> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB954211)--> "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB954459)--> "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB955069)--> "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB956390)--> "C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB956391)--> "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB957095)--> "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB957097)--> "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe "
    Actualização de segurança para Windows XP (KB958644)--> "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
    Actualização para Windows XP (KB951072-v2)--> "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe "
    Actualização para Windows XP (KB951978)--> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
    Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 8.1.0 - Português-->MsiExec.exe /I{AC76BA86-7AD7-1046-7B44-A81000000003}
    Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
    Assistente de Início de Sessão do Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}
    AVG Free 8.0-->C:\Programas\AVG\AVG8\setup.exe /UNINSTALL
    Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}
    Compressor WinRAR-->C:\Programas\WinRAR\uninstall.exe
    Consola TOSHIBA-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{3CF0858D-1AC5-4308-9DE7-AD15288A8BDC}\SETUP.EXE" -l0x816
    Easy Button-->C:\WINDOWS\UnInst32.exe CPLDBL10.UNI
    Hotfix para Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
    Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582
    InterVideo WinDVD 4--> "C:\Programas\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
    Java 2 Runtime Environment, SE v1.4.2-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
    Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
    K-Lite Mega Codec Pack 3.5.3--> "C:\Programas\K-Lite Codec Pack\unins000.exe "
    Manuais da TOSHIBA-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{188BA1CC-F3A1-49B0-A34D-8C861C64E1AE}\SETUP.EXE" -l0x816
    Microsoft .NET Framework (Portuguese) v1.0.3705-->C:\WINDOWS\Microsoft.NET\Framework\Install.exe /u /p Microsoft .NET Framework Full v1.0.3705 (2070)
    Microsoft .NET Framework 1.0 Hotfix (KB928367)--> "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\M9283672070\M9283672070Uninstall.msp "
    Microsoft .NET Framework 1.1 Hotfix (KB928366)--> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp "
    Microsoft .NET Framework 1.1 Portuguese Language Pack-->MsiExec.exe /X{0D70FCFE-2102-4951-A56E-22DD07DFA5B6}
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Language Pack - PTG-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - PTG\install.exe
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
    Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110816-6000-11D3-8CFE-0150048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)--> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe "
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    MODEM MF622 HSDPA EDGE USB -->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{57739DDB-AAEC-43FE-881F-9F58C077C699}\setup.exe" -l0x816 -removeonly
    Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
    Realtek Fast Ethernet Adapter Driver-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}\SETUP.EXE" -l0x9 REMOVE
    SMSC IrCC Driver V5.1.2462.0 (WinXP)-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{EC86822D-3A20-11D5-801B-00E029348F40}\SETUP.EXE"
    Spybot - Search & Destroy 1.4--> "C:\Programas\Spybot - Search & Destroy\unins000.exe "
    Spybot - Search & Destroy--> "C:\Programas\Spybot - Search & Destroy\unins001.exe "
    SpywareBlaster 4.1--> "C:\Programas\SpywareBlaster\unins000.exe "
    SuperCleaner--> "C:\Programas\SuperCleaner\Uninst.exe" C:\Programas\SuperCleaner\Uninst.ini
    TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe"
    Toshiba screensaver-->C:\WINDOWS\uninst.exe -f "C:\Programas\Toshiba\Toshiba screensaver\DeIsL1.isu" -c "C:\Programas\Toshiba\Toshiba screensaver\_ISREG32.DLL "
    Utilit?io TOSHIBA Hotkey-->C:\PROGRA~1\FICHEI~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{41DBA4F1-E295-41B3-9922-7B346C5B8EBF} /l2070
    Utilit?io TOSHIBA Power Management-->C:\PROGRA~1\FICHEI~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{B83DA26B-5237-41E8-8612-8F3F63F69811} /l2070
    Utilit?io TouchPad On/Off-->C:\PROGRA~1\FICHEI~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{107C7E59-F4CF-444F-BCCC-8223137D1AD1} /l2070
    VoIPvoice Cyber Series Camera (C7)-->RunDll32 C:\PROGRA~1\FICHEI~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programas\InstallShield Installation Information\{ECD03DA7-5952-406A-8156-5F0C93618D1F}\Setup.exe" -l0x816
    Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
    Windows Imaging Component--> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe "
    Windows Live installer-->MsiExec.exe /X{3A417047-2E30-4D05-8977-F706D40BFF39}
    Windows Live Messenger-->MsiExec.exe /X{8EADB73B-026D-4978-A8F0-1EEF5E1ECEC7}
    Windows Live OneCare safety scanner-->RunDll32.exe "C:\Programas\Windows Live Safety Center\wlscCore.dll ",UninstallFunction WLSC_SCANNER_PRODUCT
    Windows Media Format 11 runtime--> "C:\Programas\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime--> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
    Windows Media Player 11--> "C:\Programas\Windows Media Player\Setup_wm.exe" /Uninstall
    Windows Media Player 11--> "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe "
    Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
    WinPatrol 2008-->C:\PROGRA~1\BILLPS~1\WINPAT~1\Setup.exe /remove /q0

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: AVG Anti-Virus Free

    ======Environment variables======

    "ComSpec "=%SystemRoot%\system32\cmd.exe
    "Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
    "windir "=%SystemRoot%
    "OS "=Windows_NT
    "PROCESSOR_ARCHITECTURE "=x86
    "PROCESSOR_LEVEL "=15
    "PROCESSOR_IDENTIFIER "=x86 Family 15 Model 2 Stepping 9, GenuineIntel
    "PROCESSOR_REVISION "=0209
    "NUMBER_OF_PROCESSORS "=1
    "PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP "=%SystemRoot%\TEMP
    "TMP "=%SystemRoot%\TEMP
    "FP_NO_HOST_CHECK "=NO

    -----------------EOF-----------------
     
    Teresinha,
    #1
  2. 2008/12/10
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Hi Teresinha, and welcome to WindowsBBS :)

    Download RegSearch.zip and extract the contents of the zip file to it's own folder.
    Open the folder and double-click the icon for RegSearch.exe to launch the program.
    Enter service.exe on the top line and click OK. After completion, notepad will be opened with all the found instances, if any. Please post that log here.
     
    noahdfear,
    #2


  3. to hide this advert.

  4. 2008/12/10
    Teresinha

    Teresinha Inactive Thread Starter

    Joined:
    2008/12/09
    Messages:
    7
    Likes Received:
    0
    Hi! :)
    I've done what you said, here goes the log:

    Windows Registry Editor Version 5.00

    ; Registry Search 2.0 by Bobbi Flekman © 2005
    ; Version: 2.0.6.0

    ; Results at 11-12-2008 4:35:20 for strings:
    ; 'service.exe'
    ; Strings excluded from search:
    ; (None)
    ; Search in:
    ; Registry Keys Registry Values Registry Data
    ; HKEY_LOCAL_MACHINE HKEY_USERS


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4AAC1A996D57E5F42ACF11EE9C3161A4]
    "B0B35DEDC76B4424EAA66DDFC3821DFE "= "C:\\Programas\\Lavasoft\\Ad-Aware\\aawservice.exe "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Shell "= "Explorer.exe %WINDIR%\\system32\\drivers\\service.exe "

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\aawservice]
    ; Contents of value:
    ; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
    "ImagePath "=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,\
    61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41,\
    00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00,\
    65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\aawservice]
    ; Contents of value:
    ; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
    "ImagePath "=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,\
    61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41,\
    00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00,\
    65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aawservice]
    ; Contents of value:
    ; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
    "ImagePath "=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,\
    61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41,\
    00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00,\
    65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

    [HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\Detected\ActiveTasks]
    "C:\\PROGRAMAS\\Lavasoft\\Ad-Aware\\AAWSERVICE.EXE "= "11/12/2008 14:50 "

    [HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\Detected\Services]
    "C:\\Programas\\Lavasoft\\Ad-Aware\\aawservice.exe "= "11/12/2008 14:50 "

    [HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\WinPatrol\Run]
    "%WINDIR%\\system32\\drivers\\service.exe "= "251 "

    ; End Of The Log...
     
    Teresinha,
    #3
  5. 2008/12/10
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Highlight and copy the contents of the code box below.
    Code:
    reg add  "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /t REG_SZ /d Explorer.exe /f
reg delete  "HKU\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\WinPatrol\Run" /v  "%WINDIR%\\system32\\drivers\\service.exe" /f
    Click Start>Run and type cmd then hit enter to open a command window. Right click in the command window and select paste. The command window will close on it's own.

    Please repeat the search for service.exe and post the new output.
     
    noahdfear,
    #4
  6. 2008/12/10
    Teresinha

    Teresinha Inactive Thread Starter

    Joined:
    2008/12/09
    Messages:
    7
    Likes Received:
    0
    New output:

    Windows Registry Editor Version 5.00

    ; Registry Search 2.0 by Bobbi Flekman © 2005
    ; Version: 2.0.6.0

    ; Results at 11-12-2008 4:54:18 for strings:
    ; 'service.exe'
    ; Strings excluded from search:
    ; (None)
    ; Search in:
    ; Registry Keys Registry Values Registry Data
    ; HKEY_LOCAL_MACHINE HKEY_USERS


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4AAC1A996D57E5F42ACF11EE9C3161A4]
    "B0B35DEDC76B4424EAA66DDFC3821DFE "= "C:\\Programas\\Lavasoft\\Ad-Aware\\aawservice.exe "

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\aawservice]
    ; Contents of value:
    ; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
    "ImagePath "=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,\
    61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41,\
    00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00,\
    65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\aawservice]
    ; Contents of value:
    ; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
    "ImagePath "=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,\
    61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41,\
    00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00,\
    65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aawservice]
    ; Contents of value:
    ; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
    "ImagePath "=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,\
    61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41,\
    00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00,\
    65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

    [HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\Detected\ActiveTasks]
    "C:\\PROGRAMAS\\Lavasoft\\Ad-Aware\\AAWSERVICE.EXE "= "11/12/2008 14:50 "

    [HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\Detected\Services]
    "C:\\Programas\\Lavasoft\\Ad-Aware\\aawservice.exe "= "11/12/2008 14:50 "

    [HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\WinPatrol\Run]
    "%WINDIR%\\system32\\drivers\\service.exe "= "251 "

    ; End Of The Log...
     
    Teresinha,
    #5
  7. 2008/12/10
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Highlight and copy the contents of the code box below to a blank notepad. Save it to the desktop as;

    Filename: fix.reg
    Save as type: All Files (*.*)

    Code:
    REGEDIT4

[HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\WinPatrol\Run]
 "%WINDIR%\\system32\\drivers\\service.exe "=-
    Double click fix.reg and allow it to merge with the registry, then delete fix.reg.


    Repeat the search once more please, then post the new output.
     
    noahdfear,
    #6
  8. 2008/12/10
    Teresinha

    Teresinha Inactive Thread Starter

    Joined:
    2008/12/09
    Messages:
    7
    Likes Received:
    0
    I think it's cured! :)
    I shut down the computer and then restarted it, and that annoying message didn't appear!
     
    Teresinha,
    #7
  9. 2008/12/10
    Teresinha

    Teresinha Inactive Thread Starter

    Joined:
    2008/12/09
    Messages:
    7
    Likes Received:
    0
    Log:

    Windows Registry Editor Version 5.00

    ; Registry Search 2.0 by Bobbi Flekman © 2005
    ; Version: 2.0.6.0

    ; Results at 11-12-2008 5:11:53 for strings:
    ; 'service.exe'
    ; Strings excluded from search:
    ; (None)
    ; Search in:
    ; Registry Keys Registry Values Registry Data
    ; HKEY_LOCAL_MACHINE HKEY_USERS


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4AAC1A996D57E5F42ACF11EE9C3161A4]
    "B0B35DEDC76B4424EAA66DDFC3821DFE "= "C:\\Programas\\Lavasoft\\Ad-Aware\\aawservice.exe "

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\aawservice]
    ; Contents of value:
    ; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
    "ImagePath "=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,\
    61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41,\
    00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00,\
    65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\aawservice]
    ; Contents of value:
    ; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
    "ImagePath "=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,\
    61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41,\
    00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00,\
    65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aawservice]
    ; Contents of value:
    ; C:\Programas\Lavasoft\Ad-Aware\aawservice.exe
    "ImagePath "=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,\
    61,00,73,00,5c,00,4c,00,61,00,76,00,61,00,73,00,6f,00,66,00,74,00,5c,00,41,\
    00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,5c,00,61,00,61,00,77,00,73,00,\
    65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,00

    [HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\Detected\ActiveTasks]
    "C:\\PROGRAMAS\\Lavasoft\\Ad-Aware\\AAWSERVICE.EXE "= "11/12/2008 14:50 "

    [HKEY_USERS\S-1-5-21-2631213539-2114178565-1523608300-1005\Software\BillP Studios\Detected\Services]
    "C:\\Programas\\Lavasoft\\Ad-Aware\\aawservice.exe "= "11/12/2008 14:50 "

    ; End Of The Log...
     
    Teresinha,
    #8
  10. 2008/12/10
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    That's much better. :)

    Everything else OK?
     
    noahdfear,
    #9
  11. 2008/12/10
    Teresinha

    Teresinha Inactive Thread Starter

    Joined:
    2008/12/09
    Messages:
    7
    Likes Received:
    0
    All good now! :D

    Thank you so much!! :)***
     
    Teresinha,
    #10
  12. 2008/12/10
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    You're very welcome. :)
     
    noahdfear,
    #11

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...