Hi there,
Not sure if there's an issue with my PC my netbook or my Blackberry but my hotmail has been sending out spam e-mails non-stop to my contacts and I don't know what the source of it is!
OTL logfile created on: 18/07/2011 8:21:28 PM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\S. Pinto\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
6.00 Gb Total Physical Memory | 2.92 Gb Available Physical Memory | 48.76% Memory free
12.19 Gb Paging File | 9.01 Gb Available in Paging File | 73.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.04 Gb Total Space | 707.81 Gb Free Space | 77.10% Space Free | Partition Type: NTFS
Drive D: | 13.47 Gb Total Space | 1.85 Gb Free Space | 13.71% Space Free | Partition Type: NTFS
Drive E: | 7.47 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: SPINTO-PC | User Name: S. Pinto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/07/18 20:15:35 | 001,913,344 | ---- | M] (AVAST Software) -- C:\Users\S. Pinto\Downloads\aswMBR.exe
PRC - [2011/07/18 20:08:09 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\S. Pinto\Downloads\OTL.com
PRC - [2011/07/16 14:15:42 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/07/16 14:15:20 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/07/11 02:13:53 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/11/05 14:30:30 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\2128160811.exe
PRC - [2010/11/05 10:59:21 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\win.exe
PRC - [2010/11/05 10:59:20 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\spoolsv.exe
PRC - [2010/11/05 10:59:20 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\debug.exe
PRC - [2010/11/05 10:59:19 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\services.exe
PRC - [2010/11/05 10:59:19 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\login.exe
PRC - [2010/11/05 10:59:19 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\gdi32.exe
PRC - [2010/11/05 10:59:18 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\mdm.exe
PRC - [2010/11/05 10:59:18 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\iexplarer.exe
PRC - [2010/11/05 10:59:18 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\drweb.exe
PRC - [2010/11/05 10:59:18 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\avp.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\win32.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\user.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\taskmgr.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\svchost.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\svchost.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\svchost.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\csrss.exe
PRC - [2010/11/05 05:01:27 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\116109146.exe
PRC - [2010/11/05 02:39:58 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1056255066.exe
PRC - [2010/11/04 18:35:37 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\2583537520.exe
PRC - [2010/11/04 16:13:58 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3485303440.exe
PRC - [2010/10/28 14:15:52 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\660575417.exe
PRC - [2010/10/28 11:54:39 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1562617337.exe
PRC - [2010/10/26 11:33:00 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\300681681.exe
PRC - [2010/10/26 09:11:24 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1202743601.exe
PRC - [2010/10/20 16:41:50 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\940053841.exe
PRC - [2010/10/20 14:20:10 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1841809761.exe
PRC - [2010/10/14 16:42:31 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1272610213.exe
PRC - [2010/10/14 15:26:55 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3263286592.exe
PRC - [2010/10/14 13:05:40 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\4165434512.exe
PRC - [2010/10/14 10:04:34 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3123641613.exe
PRC - [2010/10/14 07:42:54 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\4025407533.exe
PRC - [2010/10/14 05:21:29 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\632592157.exe
PRC - [2010/10/14 01:51:01 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3347226181.exe
PRC - [2010/10/13 23:29:21 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\4248992101.exe
PRC - [2010/10/13 21:07:41 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\855790725.exe
PRC - [2010/10/13 18:46:05 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\winamp.exe
PRC - [2010/10/13 16:24:22 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\2659302565.exe
PRC - [2010/10/13 14:02:42 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3561058485.exe
PRC - [2010/10/13 11:41:02 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\167847109.exe
PRC - [2010/10/13 09:19:42 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1069941029.exe
PRC - [2010/10/12 15:29:10 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\winlogon.exe
PRC - [2010/10/12 13:07:39 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\win16.exe
PRC - [2010/10/12 13:07:28 | 000,021,644 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\nvsvc32.exe
PRC - [2010/10/08 11:58:18 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\2673917278.exe
PRC - [2010/10/08 09:36:38 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3575693198.exe
PRC - [2010/10/08 07:14:59 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\182471822.exe
PRC - [2010/10/08 04:53:23 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1084613742.exe
PRC - [2010/10/08 00:46:25 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3276618236.exe
PRC - [2010/10/07 22:25:01 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\sysedit.exe
PRC - [2010/10/07 22:24:51 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\wininst.exe
PRC - [2010/10/07 22:24:48 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\system.exe
PRC - [2010/10/07 17:41:18 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\cmd.exe
PRC - [2010/10/07 15:19:33 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\2454416760.exe
PRC - [2010/10/05 22:07:31 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\952894971.exe
PRC - [2010/10/05 20:13:08 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\smss.exe
PRC - [2010/10/05 15:08:58 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\avp32.exe
PRC - [2010/09/13 17:31:32 | 000,021,604 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\hexdump.exe
PRC - [2010/09/13 17:31:31 | 000,021,604 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\lsass.exe
PRC - [2010/06/19 15:42:15 | 000,030,001 | -H-- | M] () -- C:\Users\S. Pinto\AppData\Local\Temp\rt5e4kg.exe
PRC - [2010/06/04 15:04:33 | 000,030,001 | -H-- | M] () -- C:\Users\S. Pinto\AppData\Local\Temp\j0qj6x.exe
PRC - [2009/07/29 18:27:36 | 000,707,184 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\Floater.exe
PRC - [2009/07/29 18:27:32 | 000,846,448 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
PRC - [2009/06/23 15:44:44 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2008/10/17 20:57:18 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/10/17 20:56:54 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008/10/06 13:36:16 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/10/06 13:36:14 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/09/30 22:59:26 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe
PRC - [2008/09/26 06:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/06/24 15:13:30 | 000,334,336 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Portrait Displays\HP My Display\dthtml.exe
PRC - [2008/06/24 15:11:22 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2008/01/20 22:50:59 | 000,140,322 | R--- | M] () -- C:\Users\S. Pinto\AppData\Roaming\sdra64.exe
PRC - [2007/04/18 11:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
========== Modules (SafeList) ==========
MOD - [2011/07/18 20:08:09 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\S. Pinto\Downloads\OTL.com
MOD - [2010/08/31 11:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/07/16 14:15:42 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/06/03 15:46:36 | 000,163,840 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files (x86)\Rogers\Update Manager\RogersUpdateManager.exe -- (RogersUpdateManager)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/23 15:44:44 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2008/10/06 13:36:16 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/09/30 22:59:26 | 000,192,512 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe -- (HPBtnSrv)
SRV - [2008/07/27 14:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/24 15:11:22 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2009/08/06 00:24:16 | 000,061,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/06/23 15:44:30 | 000,020,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\PdiPorts.sys -- (PdiPorts)
DRV:64bit: - [2008/10/06 09:18:02 | 000,405,528 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/09/18 13:39:50 | 001,168,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2008/09/09 21:19:36 | 000,025,888 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC-Doctor for Windows\pcd5srvc_x64.pkms -- (PCD5SRVC{8AAF211B-043E02A9-05040000})
DRV:64bit: - [2008/08/06 12:26:08 | 000,174,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/04/17 13:12:54 | 000,019,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/04/16 14:49:34 | 000,028,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008/01/20 22:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 22:47:25 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2007/02/06 13:30:06 | 000,227,328 | ---- | M] () [23|25|26]xxx) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\hcwPP2.sys -- (hcwPP2)
DRV:64bit: - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2008/09/26 06:36:34 | 000,027,632 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.ca"
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 50370
FF - prefs.js..network.proxy.type: 4
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/11 02:13:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/31 22:42:46 | 000,000,000 | ---D | M]
[2009/06/26 23:58:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\S. Pinto\AppData\Roaming\mozilla\Extensions
[2011/03/21 16:48:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\S. Pinto\AppData\Roaming\mozilla\Firefox\Profiles\vf6qnyki.default\extensions
[2009/09/03 17:23:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\S. Pinto\AppData\Roaming\mozilla\Firefox\Profiles\vf6qnyki.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/08 19:46:33 | 000,001,819 | ---- | M] () -- C:\Users\S. Pinto\AppData\Roaming\Mozilla\Firefox\Profiles\vf6qnyki.default\searchplugins\bing.xml
[2011/03/28 20:25:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/16 23:15:33 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
File not found (No name found) --
[2011/07/11 02:13:53 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/10/06 20:18:35 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2010/10/06 20:18:37 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll ()
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll ()
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DT HPW] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.exe (Microsoft)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [ahai2kjndfdfkjhsioudghd] C:\Users\S. Pinto\AppData\Local\Temp\winamp.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core] File not found
O4 - HKCU..\Run: [hs788gihdhguehudhsgehygdg3eu] C:\Users\S. Pinto\AppData\Local\Temp\rt5e4kg.exe ()
O4 - HKCU..\Run: [hsehf98u34i9tjioaugy987iuegdsg] C:\Users\S. Pinto\AppData\Local\Temp\services.exe (Microsoft Corporation)
O4 - HKCU..\Run: [hsfe8owijfisjhgs7ye39gjsoighsd7y3eu] C:\Users\S. Pinto\AppData\Local\Temp\j0qj6x.exe ()
O4 - HKCU..\Run: [hsfg9w8gujsokgahi8gysgnsdgefshyjy] C:\Users\S. Pinto\AppData\Local\Temp\svchost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl/1+Pinto\AppData\Local\Temp\855790725.exe] C:\Users\S. Pinto\AppData\Local\Temp\855790725.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl/3+Pinto\AppData\Local\Temp\952894971.exe] C:\Users\S. Pinto\AppData\Local\Temp\952894971.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+0+Pinto\AppData\Local\Temp\940053841.exe] C:\Users\S. Pinto\AppData\Local\Temp\940053841.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+0xPinto\AppData\Local\Temp\2583537520.exe] C:\Users\S. Pinto\AppData\Local\Temp\2583537520.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+0yPinto\AppData\Local\Temp\1562617337.exe] C:\Users\S. Pinto\AppData\Local\Temp\1562617337.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+0zPinto\AppData\Local\Temp\1841809761.exe] C:\Users\S. Pinto\AppData\Local\Temp\1841809761.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+1/Pinto\AppData\Local\Temp\167847109.exe] C:\Users\S. Pinto\AppData\Local\Temp\167847109.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+1+Pinto\AppData\Local\Temp\660575417.exe] C:\Users\S. Pinto\AppData\Local\Temp\660575417.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+10Pinto\AppData\Local\Temp\3575693198.exe] C:\Users\S. Pinto\AppData\Local\Temp\3575693198.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+1yPinto\AppData\Local\Temp\3276618236.exe] C:\Users\S. Pinto\AppData\Local\Temp\3276618236.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+1zPinto\AppData\Local\Temp\2673917278.exe] C:\Users\S. Pinto\AppData\Local\Temp\2673917278.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+yxPinto\AppData\Local\Temp\3485303440.exe] C:\Users\S. Pinto\AppData\Local\Temp\3485303440.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+zzPinto\AppData\Local\Temp\2659302565.exe] C:\Users\S. Pinto\AppData\Local\Temp\2659302565.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+zzPinto\AppData\Local\Temp\3561058485.exe] C:\Users\S. Pinto\AppData\Local\Temp\3561058485.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl70xPinto\AppData\Local\Temp\1202743601.exe] C:\Users\S. Pinto\AppData\Local\Temp\1202743601.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl71/Pinto\AppData\Local\Temp\300681681.exe] C:\Users\S. Pinto\AppData\Local\Temp\300681681.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl80yPinto\AppData\Local\Temp\1056255066.exe] C:\Users\S. Pinto\AppData\Local\Temp\1056255066.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl80yPinto\AppData\Local\Temp\4025407533.exe] C:\Users\S. Pinto\AppData\Local\Temp\4025407533.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl81yPinto\AppData\Local\Temp\1069941029.exe] C:\Users\S. Pinto\AppData\Local\Temp\1069941029.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl8zyPinto\AppData\Local\Temp\2128160811.exe] C:\Users\S. Pinto\AppData\Local\Temp\2128160811.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl8zyPinto\AppData\Local\Temp\3123641613.exe] C:\Users\S. Pinto\AppData\Local\Temp\3123641613.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl90/Pinto\AppData\Local\Temp\632592157.exe] C:\Users\S. Pinto\AppData\Local\Temp\632592157.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl90xPinto\AppData\Local\Temp\4165434512.exe] C:\Users\S. Pinto\AppData\Local\Temp\4165434512.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl90yPinto\AppData\Local\Temp\3347226181.exe] C:\Users\S. Pinto\AppData\Local\Temp\3347226181.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl90zPinto\AppData\Local\Temp\3263286592.exe] C:\Users\S. Pinto\AppData\Local\Temp\3263286592.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl919Pinto\AppData\Local\Temp\182471822.exe] C:\Users\S. Pinto\AppData\Local\Temp\182471822.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl93wPinto\AppData\Local\Temp\4248992101.exe] C:\Users\S. Pinto\AppData\Local\Temp\4248992101.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl9y/Pinto\AppData\Local\Temp\116109146.exe] C:\Users\S. Pinto\AppData\Local\Temp\116109146.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl9yxPinto\AppData\Local\Temp\1272610213.exe] C:\Users\S. Pinto\AppData\Local\Temp\1272610213.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl9zyPinto\AppData\Local\Temp\1084613742.exe] C:\Users\S. Pinto\AppData\Local\Temp\1084613742.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl9zyPinto\AppData\Local\Temp\2454416760.exe] C:\Users\S. Pinto\AppData\Local\Temp\2454416760.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlhb] C:\Users\S. Pinto\AppData\Local\Temp\debug.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlk+] C:\Users\S. Pinto\AppData\Local\Temp\gdi32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlkc] C:\Users\S. Pinto\AppData\Local\Temp\cmd.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlmc] C:\Users\S. Pinto\AppData\Local\Temp\mdm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlna] C:\Users\S. Pinto\AppData\Local\Temp\login.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlne] C:\Users\S. Pinto\AppData\Local\Temp\lsass.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlo+] C:\Users\S. Pinto\AppData\Local\Temp\avp32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejloc] C:\Users\S. Pinto\AppData\Local\Temp\avp.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlora] C:\Users\S. Pinto\AppData\Local\Temp\iexplarer.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlotc] C:\Users\S. Pinto\AppData\Local\Temp\hexdump.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlpe] C:\Users\S. Pinto\AppData\Local\Temp\csrss.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlppf] C:\Users\S. Pinto\AppData\Local\Temp\services.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlpsc] C:\Users\S. Pinto\AppData\Local\Temp\taskmgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlq+] C:\Users\S. Pinto\AppData\Local\Temp\win16.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlqb] C:\Users\S. Pinto\AppData\Local\Temp\winamp.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlqc] C:\Users\S. Pinto\AppData\Local\Temp\win.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlqf] C:\Users\S. Pinto\AppData\Local\Temp\user.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlqse] C:\Users\S. Pinto\AppData\Local\Temp\winlogon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlqvc] C:\Users\S. Pinto\AppData\Local\Temp\svchost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlqW] C:\Users\S. Pinto\AppData\Local\Temp\drweb.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlrf] C:\Users\S. Pinto\AppData\Local\Temp\smss.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlrxc] C:\Users\S. Pinto\AppData\Local\Temp\spoolsv.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlsPc] C:\Users\S. Pinto\AppData\Local\Temp\nvsvc32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlud] C:\Users\S. Pinto\AppData\Local\Temp\system.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlupc] C:\Users\S. Pinto\AppData\Local\Temp\sysedit.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn00/F~1.PIN\AppData\Local\Temp\3276618236.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3276618236.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn009F~1.PIN\AppData\Local\Temp\4165434512.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\4165434512.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn00AF~1.PIN\AppData\Local\Temp\2673917278.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\2673917278.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn00QF~1.PIN\AppData\Local\Temp\632592157.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\632592157.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn00QF~1.PIN\AppData\Local\Temp\660575417.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\660575417.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn019F~1.PIN\AppData\Local\Temp\2583537520.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\2583537520.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn019F~1.PIN\AppData\Local\Temp\4248992101.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\4248992101.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn0y/F~1.PIN\AppData\Local\Temp\3347226181.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3347226181.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn0Z] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\system.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn0z/F~1.PIN\AppData\Local\Temp\1069941029.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1069941029.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn10BF~1.PIN\AppData\Local\Temp\3575693198.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3575693198.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn1y/F~1.PIN\AppData\Local\Temp\2659302565.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\2659302565.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn1y9F~1.PIN\AppData\Local\Temp\3485303440.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3485303440.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn1zRF~1.PIN\AppData\Local\Temp\167847109.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\167847109.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn20QF~1.PIN\AppData\Local\Temp\855790725.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\855790725.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn23PF~1.PIN\AppData\Local\Temp\952894971.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\952894971.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnb] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\mdm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnd] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\avp.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefneP] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\avp32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnf] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\win.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnfQ] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\win16.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefngP] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\win32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnoc] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\debug.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnqe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\login.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnqg] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\hexdump.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnrc] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\winamp.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnsb] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\drweb.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnsd] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\taskmgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnsf] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\lsass.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefntg] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\wininst.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnth] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\svchost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefntpf] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\iexplarer.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnuf] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\csrss.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnusc] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\winlogon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnvc] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\user.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnwg] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\spoolsv.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnwpc] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\services.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnx19F~1.PIN\AppData\Local\Temp\1202743601.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1202743601.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnxb] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\sysedit.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnxc] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\smss.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnY] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\cmd.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefny0+F~1.PIN\AppData\Local\Temp\4025407533.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\4025407533.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefny09F~1.PIN\AppData\Local\Temp\3123641613.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3123641613.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefny1PF~1.PIN\AppData\Local\Temp\300681681.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\300681681.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnyzQF~1.PIN\AppData\Local\Temp\116109146.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\116109146.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz0/F~1.PIN\AppData\Local\Temp\1562617337.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1562617337.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz0+F~1.PIN\AppData\Local\Temp\1084613742.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1084613742.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz0+F~1.PIN\AppData\Local\Temp\2454416760.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\2454416760.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz0AF~1.PIN\AppData\Local\Temp\3561058485.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3561058485.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz0PF~1.PIN\AppData\Local\Temp\182471822.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\182471822.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz1/F~1.PIN\AppData\Local\Temp\3263286592.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3263286592.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz1PF~1.PIN\AppData\Local\Temp\940053841.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\940053841.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz2+F~1.PIN\AppData\Local\Temp\1841809761.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1841809761.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz9] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\nvsvc32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnZP] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\gdi32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnzy9F~1.PIN\AppData\Local\Temp\1272610213.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1272610213.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnzz/F~1.PIN\AppData\Local\Temp\1056255066.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1056255066.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnzz9F~1.PIN\AppData\Local\Temp\2128160811.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\2128160811.exe (Microsoft Corporation)
O4 - HKCU..\Run: [mcexecwin] File not found
O4 - HKCU..\Run: [sdr8gdrgdrgke49orkgsjkjfjhsd] C:\Users\S. Pinto\AppData\Local\Temp\notepad.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [userinit] C:\Users\S. Pinto\AppData\Roaming\sdra64.exe ()
O4 - HKCU..\RunOnce: [Shockwave Updater] File not found
O4 - Startup: C:\Users\S. Pinto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk = File not found
Not sure if there's an issue with my PC my netbook or my Blackberry but my hotmail has been sending out spam e-mails non-stop to my contacts and I don't know what the source of it is!
OTL logfile created on: 18/07/2011 8:21:28 PM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\S. Pinto\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
6.00 Gb Total Physical Memory | 2.92 Gb Available Physical Memory | 48.76% Memory free
12.19 Gb Paging File | 9.01 Gb Available in Paging File | 73.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.04 Gb Total Space | 707.81 Gb Free Space | 77.10% Space Free | Partition Type: NTFS
Drive D: | 13.47 Gb Total Space | 1.85 Gb Free Space | 13.71% Space Free | Partition Type: NTFS
Drive E: | 7.47 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: SPINTO-PC | User Name: S. Pinto | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/07/18 20:15:35 | 001,913,344 | ---- | M] (AVAST Software) -- C:\Users\S. Pinto\Downloads\aswMBR.exe
PRC - [2011/07/18 20:08:09 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\S. Pinto\Downloads\OTL.com
PRC - [2011/07/16 14:15:42 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/07/16 14:15:20 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/07/11 02:13:53 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/11/05 14:30:30 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\2128160811.exe
PRC - [2010/11/05 10:59:21 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\win.exe
PRC - [2010/11/05 10:59:20 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\spoolsv.exe
PRC - [2010/11/05 10:59:20 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\debug.exe
PRC - [2010/11/05 10:59:19 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\services.exe
PRC - [2010/11/05 10:59:19 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\login.exe
PRC - [2010/11/05 10:59:19 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\gdi32.exe
PRC - [2010/11/05 10:59:18 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\mdm.exe
PRC - [2010/11/05 10:59:18 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\iexplarer.exe
PRC - [2010/11/05 10:59:18 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\drweb.exe
PRC - [2010/11/05 10:59:18 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\avp.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\win32.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\user.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\taskmgr.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\svchost.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\svchost.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\svchost.exe
PRC - [2010/11/05 10:59:17 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\csrss.exe
PRC - [2010/11/05 05:01:27 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\116109146.exe
PRC - [2010/11/05 02:39:58 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1056255066.exe
PRC - [2010/11/04 18:35:37 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\2583537520.exe
PRC - [2010/11/04 16:13:58 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3485303440.exe
PRC - [2010/10/28 14:15:52 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\660575417.exe
PRC - [2010/10/28 11:54:39 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1562617337.exe
PRC - [2010/10/26 11:33:00 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\300681681.exe
PRC - [2010/10/26 09:11:24 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1202743601.exe
PRC - [2010/10/20 16:41:50 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\940053841.exe
PRC - [2010/10/20 14:20:10 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1841809761.exe
PRC - [2010/10/14 16:42:31 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1272610213.exe
PRC - [2010/10/14 15:26:55 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3263286592.exe
PRC - [2010/10/14 13:05:40 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\4165434512.exe
PRC - [2010/10/14 10:04:34 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3123641613.exe
PRC - [2010/10/14 07:42:54 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\4025407533.exe
PRC - [2010/10/14 05:21:29 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\632592157.exe
PRC - [2010/10/14 01:51:01 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3347226181.exe
PRC - [2010/10/13 23:29:21 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\4248992101.exe
PRC - [2010/10/13 21:07:41 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\855790725.exe
PRC - [2010/10/13 18:46:05 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\winamp.exe
PRC - [2010/10/13 16:24:22 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\2659302565.exe
PRC - [2010/10/13 14:02:42 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3561058485.exe
PRC - [2010/10/13 11:41:02 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\167847109.exe
PRC - [2010/10/13 09:19:42 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1069941029.exe
PRC - [2010/10/12 15:29:10 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\winlogon.exe
PRC - [2010/10/12 13:07:39 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\win16.exe
PRC - [2010/10/12 13:07:28 | 000,021,644 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\nvsvc32.exe
PRC - [2010/10/08 11:58:18 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\2673917278.exe
PRC - [2010/10/08 09:36:38 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3575693198.exe
PRC - [2010/10/08 07:14:59 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\182471822.exe
PRC - [2010/10/08 04:53:23 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\1084613742.exe
PRC - [2010/10/08 00:46:25 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\3276618236.exe
PRC - [2010/10/07 22:25:01 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\sysedit.exe
PRC - [2010/10/07 22:24:51 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\wininst.exe
PRC - [2010/10/07 22:24:48 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\system.exe
PRC - [2010/10/07 17:41:18 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\cmd.exe
PRC - [2010/10/07 15:19:33 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\2454416760.exe
PRC - [2010/10/05 22:07:31 | 000,021,632 | ---- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\952894971.exe
PRC - [2010/10/05 20:13:08 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\smss.exe
PRC - [2010/10/05 15:08:58 | 000,021,636 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\avp32.exe
PRC - [2010/09/13 17:31:32 | 000,021,604 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\hexdump.exe
PRC - [2010/09/13 17:31:31 | 000,021,604 | -H-- | M] (Microsoft Corporation) -- C:\Users\S. Pinto\AppData\Local\Temp\lsass.exe
PRC - [2010/06/19 15:42:15 | 000,030,001 | -H-- | M] () -- C:\Users\S. Pinto\AppData\Local\Temp\rt5e4kg.exe
PRC - [2010/06/04 15:04:33 | 000,030,001 | -H-- | M] () -- C:\Users\S. Pinto\AppData\Local\Temp\j0qj6x.exe
PRC - [2009/07/29 18:27:36 | 000,707,184 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\Floater.exe
PRC - [2009/07/29 18:27:32 | 000,846,448 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
PRC - [2009/06/23 15:44:44 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2008/10/17 20:57:18 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/10/17 20:56:54 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008/10/06 13:36:16 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/10/06 13:36:14 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/09/30 22:59:26 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe
PRC - [2008/09/26 06:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/06/24 15:13:30 | 000,334,336 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Portrait Displays\HP My Display\dthtml.exe
PRC - [2008/06/24 15:11:22 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2008/01/20 22:50:59 | 000,140,322 | R--- | M] () -- C:\Users\S. Pinto\AppData\Roaming\sdra64.exe
PRC - [2007/04/18 11:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
========== Modules (SafeList) ==========
MOD - [2011/07/18 20:08:09 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\S. Pinto\Downloads\OTL.com
MOD - [2010/08/31 11:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/07/16 14:15:42 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/06/03 15:46:36 | 000,163,840 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files (x86)\Rogers\Update Manager\RogersUpdateManager.exe -- (RogersUpdateManager)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/23 15:44:44 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2008/10/06 13:36:16 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/09/30 22:59:26 | 000,192,512 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe -- (HPBtnSrv)
SRV - [2008/07/27 14:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/24 15:11:22 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2009/08/06 00:24:16 | 000,061,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/06/23 15:44:30 | 000,020,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\PdiPorts.sys -- (PdiPorts)
DRV:64bit: - [2008/10/06 09:18:02 | 000,405,528 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/09/18 13:39:50 | 001,168,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2008/09/09 21:19:36 | 000,025,888 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC-Doctor for Windows\pcd5srvc_x64.pkms -- (PCD5SRVC{8AAF211B-043E02A9-05040000})
DRV:64bit: - [2008/08/06 12:26:08 | 000,174,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/04/17 13:12:54 | 000,019,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/04/16 14:49:34 | 000,028,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008/01/20 22:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 22:47:25 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2007/02/06 13:30:06 | 000,227,328 | ---- | M] () [23|25|26]xxx) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\hcwPP2.sys -- (hcwPP2)
DRV:64bit: - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2008/09/26 06:36:34 | 000,027,632 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.ca"
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 50370
FF - prefs.js..network.proxy.type: 4
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/11 02:13:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/31 22:42:46 | 000,000,000 | ---D | M]
[2009/06/26 23:58:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\S. Pinto\AppData\Roaming\mozilla\Extensions
[2011/03/21 16:48:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\S. Pinto\AppData\Roaming\mozilla\Firefox\Profiles\vf6qnyki.default\extensions
[2009/09/03 17:23:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\S. Pinto\AppData\Roaming\mozilla\Firefox\Profiles\vf6qnyki.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/08 19:46:33 | 000,001,819 | ---- | M] () -- C:\Users\S. Pinto\AppData\Roaming\Mozilla\Firefox\Profiles\vf6qnyki.default\searchplugins\bing.xml
[2011/03/28 20:25:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/16 23:15:33 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
File not found (No name found) --
[2011/07/11 02:13:53 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/10/06 20:18:35 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2010/10/06 20:18:37 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll ()
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll ()
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DT HPW] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.exe (Microsoft)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [ahai2kjndfdfkjhsioudghd] C:\Users\S. Pinto\AppData\Local\Temp\winamp.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core] File not found
O4 - HKCU..\Run: [hs788gihdhguehudhsgehygdg3eu] C:\Users\S. Pinto\AppData\Local\Temp\rt5e4kg.exe ()
O4 - HKCU..\Run: [hsehf98u34i9tjioaugy987iuegdsg] C:\Users\S. Pinto\AppData\Local\Temp\services.exe (Microsoft Corporation)
O4 - HKCU..\Run: [hsfe8owijfisjhgs7ye39gjsoighsd7y3eu] C:\Users\S. Pinto\AppData\Local\Temp\j0qj6x.exe ()
O4 - HKCU..\Run: [hsfg9w8gujsokgahi8gysgnsdgefshyjy] C:\Users\S. Pinto\AppData\Local\Temp\svchost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl/1+Pinto\AppData\Local\Temp\855790725.exe] C:\Users\S. Pinto\AppData\Local\Temp\855790725.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl/3+Pinto\AppData\Local\Temp\952894971.exe] C:\Users\S. Pinto\AppData\Local\Temp\952894971.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+0+Pinto\AppData\Local\Temp\940053841.exe] C:\Users\S. Pinto\AppData\Local\Temp\940053841.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+0xPinto\AppData\Local\Temp\2583537520.exe] C:\Users\S. Pinto\AppData\Local\Temp\2583537520.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+0yPinto\AppData\Local\Temp\1562617337.exe] C:\Users\S. Pinto\AppData\Local\Temp\1562617337.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+0zPinto\AppData\Local\Temp\1841809761.exe] C:\Users\S. Pinto\AppData\Local\Temp\1841809761.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+1/Pinto\AppData\Local\Temp\167847109.exe] C:\Users\S. Pinto\AppData\Local\Temp\167847109.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+1+Pinto\AppData\Local\Temp\660575417.exe] C:\Users\S. Pinto\AppData\Local\Temp\660575417.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+10Pinto\AppData\Local\Temp\3575693198.exe] C:\Users\S. Pinto\AppData\Local\Temp\3575693198.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+1yPinto\AppData\Local\Temp\3276618236.exe] C:\Users\S. Pinto\AppData\Local\Temp\3276618236.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+1zPinto\AppData\Local\Temp\2673917278.exe] C:\Users\S. Pinto\AppData\Local\Temp\2673917278.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+yxPinto\AppData\Local\Temp\3485303440.exe] C:\Users\S. Pinto\AppData\Local\Temp\3485303440.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+zzPinto\AppData\Local\Temp\2659302565.exe] C:\Users\S. Pinto\AppData\Local\Temp\2659302565.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl+zzPinto\AppData\Local\Temp\3561058485.exe] C:\Users\S. Pinto\AppData\Local\Temp\3561058485.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl70xPinto\AppData\Local\Temp\1202743601.exe] C:\Users\S. Pinto\AppData\Local\Temp\1202743601.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl71/Pinto\AppData\Local\Temp\300681681.exe] C:\Users\S. Pinto\AppData\Local\Temp\300681681.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl80yPinto\AppData\Local\Temp\1056255066.exe] C:\Users\S. Pinto\AppData\Local\Temp\1056255066.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl80yPinto\AppData\Local\Temp\4025407533.exe] C:\Users\S. Pinto\AppData\Local\Temp\4025407533.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl81yPinto\AppData\Local\Temp\1069941029.exe] C:\Users\S. Pinto\AppData\Local\Temp\1069941029.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl8zyPinto\AppData\Local\Temp\2128160811.exe] C:\Users\S. Pinto\AppData\Local\Temp\2128160811.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl8zyPinto\AppData\Local\Temp\3123641613.exe] C:\Users\S. Pinto\AppData\Local\Temp\3123641613.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl90/Pinto\AppData\Local\Temp\632592157.exe] C:\Users\S. Pinto\AppData\Local\Temp\632592157.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl90xPinto\AppData\Local\Temp\4165434512.exe] C:\Users\S. Pinto\AppData\Local\Temp\4165434512.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl90yPinto\AppData\Local\Temp\3347226181.exe] C:\Users\S. Pinto\AppData\Local\Temp\3347226181.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl90zPinto\AppData\Local\Temp\3263286592.exe] C:\Users\S. Pinto\AppData\Local\Temp\3263286592.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl919Pinto\AppData\Local\Temp\182471822.exe] C:\Users\S. Pinto\AppData\Local\Temp\182471822.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl93wPinto\AppData\Local\Temp\4248992101.exe] C:\Users\S. Pinto\AppData\Local\Temp\4248992101.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl9y/Pinto\AppData\Local\Temp\116109146.exe] C:\Users\S. Pinto\AppData\Local\Temp\116109146.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl9yxPinto\AppData\Local\Temp\1272610213.exe] C:\Users\S. Pinto\AppData\Local\Temp\1272610213.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl9zyPinto\AppData\Local\Temp\1084613742.exe] C:\Users\S. Pinto\AppData\Local\Temp\1084613742.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejl9zyPinto\AppData\Local\Temp\2454416760.exe] C:\Users\S. Pinto\AppData\Local\Temp\2454416760.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlhb] C:\Users\S. Pinto\AppData\Local\Temp\debug.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlk+] C:\Users\S. Pinto\AppData\Local\Temp\gdi32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlkc] C:\Users\S. Pinto\AppData\Local\Temp\cmd.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlmc] C:\Users\S. Pinto\AppData\Local\Temp\mdm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlna] C:\Users\S. Pinto\AppData\Local\Temp\login.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlne] C:\Users\S. Pinto\AppData\Local\Temp\lsass.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlo+] C:\Users\S. Pinto\AppData\Local\Temp\avp32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejloc] C:\Users\S. Pinto\AppData\Local\Temp\avp.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlora] C:\Users\S. Pinto\AppData\Local\Temp\iexplarer.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlotc] C:\Users\S. Pinto\AppData\Local\Temp\hexdump.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlpe] C:\Users\S. Pinto\AppData\Local\Temp\csrss.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlppf] C:\Users\S. Pinto\AppData\Local\Temp\services.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlpsc] C:\Users\S. Pinto\AppData\Local\Temp\taskmgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlq+] C:\Users\S. Pinto\AppData\Local\Temp\win16.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlqb] C:\Users\S. Pinto\AppData\Local\Temp\winamp.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlqc] C:\Users\S. Pinto\AppData\Local\Temp\win.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlqf] C:\Users\S. Pinto\AppData\Local\Temp\user.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlqse] C:\Users\S. Pinto\AppData\Local\Temp\winlogon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlqvc] C:\Users\S. Pinto\AppData\Local\Temp\svchost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlqW] C:\Users\S. Pinto\AppData\Local\Temp\drweb.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlrf] C:\Users\S. Pinto\AppData\Local\Temp\smss.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlrxc] C:\Users\S. Pinto\AppData\Local\Temp\spoolsv.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlsPc] C:\Users\S. Pinto\AppData\Local\Temp\nvsvc32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlud] C:\Users\S. Pinto\AppData\Local\Temp\system.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Lv/mfiejlupc] C:\Users\S. Pinto\AppData\Local\Temp\sysedit.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn00/F~1.PIN\AppData\Local\Temp\3276618236.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3276618236.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn009F~1.PIN\AppData\Local\Temp\4165434512.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\4165434512.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn00AF~1.PIN\AppData\Local\Temp\2673917278.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\2673917278.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn00QF~1.PIN\AppData\Local\Temp\632592157.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\632592157.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn00QF~1.PIN\AppData\Local\Temp\660575417.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\660575417.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn019F~1.PIN\AppData\Local\Temp\2583537520.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\2583537520.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn019F~1.PIN\AppData\Local\Temp\4248992101.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\4248992101.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn0y/F~1.PIN\AppData\Local\Temp\3347226181.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3347226181.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn0Z] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\system.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn0z/F~1.PIN\AppData\Local\Temp\1069941029.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1069941029.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn10BF~1.PIN\AppData\Local\Temp\3575693198.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3575693198.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn1y/F~1.PIN\AppData\Local\Temp\2659302565.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\2659302565.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn1y9F~1.PIN\AppData\Local\Temp\3485303440.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3485303440.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn1zRF~1.PIN\AppData\Local\Temp\167847109.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\167847109.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn20QF~1.PIN\AppData\Local\Temp\855790725.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\855790725.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefn23PF~1.PIN\AppData\Local\Temp\952894971.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\952894971.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnb] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\mdm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnd] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\avp.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefneP] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\avp32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnf] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\win.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnfQ] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\win16.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefngP] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\win32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnoc] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\debug.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnqe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\login.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnqg] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\hexdump.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnrc] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\winamp.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnsb] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\drweb.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnsd] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\taskmgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnsf] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\lsass.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefntg] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\wininst.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnth] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\svchost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefntpf] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\iexplarer.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnuf] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\csrss.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnusc] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\winlogon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnvc] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\user.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnwg] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\spoolsv.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnwpc] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\services.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnx19F~1.PIN\AppData\Local\Temp\1202743601.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1202743601.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnxb] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\sysedit.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnxc] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\smss.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnY] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\cmd.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefny0+F~1.PIN\AppData\Local\Temp\4025407533.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\4025407533.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefny09F~1.PIN\AppData\Local\Temp\3123641613.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3123641613.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefny1PF~1.PIN\AppData\Local\Temp\300681681.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\300681681.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnyzQF~1.PIN\AppData\Local\Temp\116109146.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\116109146.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz0/F~1.PIN\AppData\Local\Temp\1562617337.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1562617337.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz0+F~1.PIN\AppData\Local\Temp\1084613742.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1084613742.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz0+F~1.PIN\AppData\Local\Temp\2454416760.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\2454416760.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz0AF~1.PIN\AppData\Local\Temp\3561058485.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3561058485.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz0PF~1.PIN\AppData\Local\Temp\182471822.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\182471822.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz1/F~1.PIN\AppData\Local\Temp\3263286592.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\3263286592.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz1PF~1.PIN\AppData\Local\Temp\940053841.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\940053841.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz2+F~1.PIN\AppData\Local\Temp\1841809761.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1841809761.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnz9] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\nvsvc32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnZP] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\gdi32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnzy9F~1.PIN\AppData\Local\Temp\1272610213.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1272610213.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnzz/F~1.PIN\AppData\Local\Temp\1056255066.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\1056255066.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LvLNFfeefnzz9F~1.PIN\AppData\Local\Temp\2128160811.exe] C:\Users\SF9BF~1.PIN\AppData\Local\Temp\2128160811.exe (Microsoft Corporation)
O4 - HKCU..\Run: [mcexecwin] File not found
O4 - HKCU..\Run: [sdr8gdrgdrgke49orkgsjkjfjhsd] C:\Users\S. Pinto\AppData\Local\Temp\notepad.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [userinit] C:\Users\S. Pinto\AppData\Roaming\sdra64.exe ()
O4 - HKCU..\RunOnce: [Shockwave Updater] File not found
O4 - Startup: C:\Users\S. Pinto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk = File not found