Here is the created text file/s.
OTL logfile created on: 22/03/2011 10:16:24 AM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Backup\My Documents
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 72.00% Memory free
6.00 Gb Paging File | 6.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.66 Gb Total Space | 375.03 Gb Free Space | 80.54% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/03/22 10:00:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Backup\My Documents\OTL.exe
PRC - [2010/12/16 16:19:34 | 002,402,512 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/11/22 15:21:19 | 000,028,766 | ---- | M] (IObit) -- C:\Program Files\IObitBar\toolbar\1.bin\i0barsvc.exe
PRC - [2010/11/01 23:02:26 | 000,098,304 | ---- | M] () -- C:\Program Files\SysAidServer\Wrapper.exe
PRC - [2010/10/31 12:37:34 | 001,053,184 | ---- | M] (SysAid Ltd) -- C:\Program Files\SysAid\IliAS.exe
PRC - [2010/10/18 14:05:32 | 000,536,576 | ---- | M] (Ascentive) -- C:\Program Files\Ascentive\Performance Center\ApcMain.exe
PRC - [2010/07/12 14:12:12 | 001,052,676 | ---- | M] (NCH Software) -- C:\Program Files\NCH Software\BroadCam\broadcam.exe
PRC - [2010/06/28 17:20:30 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010/06/09 01:09:33 | 000,681,312 | ---- | M] (MyNetUniverse Inc.) -- C:\Program Files\MyShoppingGenie\mnumsg.exe
PRC - [2010/03/11 13:56:00 | 000,139,264 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\SysAidServer\jre\bin\java.exe
PRC - [2009/10/31 15:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 11:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 11:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (B-Service)
SRV - [2010/11/22 15:21:19 | 000,028,766 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObitBar\toolbar\1.bin\i0barsvc.exe -- (IObitBarService)
SRV - [2010/11/01 23:02:26 | 000,098,304 | ---- | M] () [Auto | Running] -- C:\Program Files\SysAidServer\Wrapper.exe -- (SysAidServer)
SRV - [2010/10/31 12:37:34 | 001,053,184 | ---- | M] () [Auto | Running] -- C:\Program Files\SysAid\\IliAS.exe -- (SysAidAgent)
SRV - [2010/07/12 14:12:12 | 001,052,676 | ---- | M] (NCH Software) [Auto | Running] -- C:\Program Files\NCH Software\BroadCam\broadcam.exe -- (BroadCamService)
SRV - [2010/06/28 17:20:30 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/06/26 03:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/04/02 00:25:47 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/01/15 22:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/07/14 11:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 11:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://au.yahoo.comIE - HKLM\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {0ed0633c-a54d-47f1-94e7-5bded41ae674} - C:\Program Files\Free_Traffic_Bar\tbFre1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ninemsn.com.au/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://ninemsn.com.au/?ocid=iehpIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 6C BC 06 1B 35 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {7757CBCC-0975-4b79-A519-90B142CA3A23} - C:\Program Files\IObitBar\toolbar\1.bin\i0SrcAs.dll (IObit)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - HKLM\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2010/03/09 12:31:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\i0ffxtbr@IObitBar.com: C:\Program Files\IObitBar\toolbar\1.bin [2010/11/22 15:21:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\firefox\ [2011/01/02 11:55:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/05 23:11:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/05 23:11:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 2.0.4\extensions\\Components: C:\Program Files\SeaMonkey\components [2010/04/12 15:04:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 2.0.4\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins [2011/02/10 22:50:33 | 000,000,000 | ---D | M]
[2010/04/12 14:37:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Extensions
[2010/04/12 14:37:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2011/03/21 08:55:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l8zp0bah.default\extensions
[2011/02/07 12:13:03 | 000,000,000 | ---D | M] (AlphaMarket Community Toolbar) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l8zp0bah.default\extensions\{018da686-db92-473a-bacb-fe006e046644}
[2011/02/16 08:13:37 | 000,000,000 | ---D | M] (4shared.com Community Toolbar) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l8zp0bah.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}
[2010/09/01 07:53:09 | 000,000,000 | ---D | M] (Free Traffic Bar Toolbar) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l8zp0bah.default\extensions\{0ed0633c-a54d-47f1-94e7-5bded41ae674}
[2011/02/16 08:13:44 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l8zp0bah.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2010/09/08 23:25:59 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l8zp0bah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011/02/16 08:13:38 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l8zp0bah.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2011/02/03 20:25:00 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l8zp0bah.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}
[2011/02/16 08:13:42 | 000,000,000 | ---D | M] (SearchStatus) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l8zp0bah.default\extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}
[2011/02/16 08:13:36 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l8zp0bah.default\extensions\engine@conduit.com
[2010/10/28 11:22:23 | 000,000,000 | ---D | M] ("Alexa Toolbar") -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l8zp0bah.default\extensions\toolbar@alexa.com
[2010/11/01 17:02:49 | 000,000,000 | ---D | M] ("Instantbuzz Toolbar") -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\l8zp0bah.default\extensions\toolbar@instantbuzz.com
[2010/04/12 14:37:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\SeaMonkey\Profiles\95s70ney.default\extensions
[2011/03/21 08:55:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/07 11:42:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/02 15:45:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/21 22:35:53 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/10/21 22:35:53 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/09/21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010/10/21 22:35:53 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/10/21 22:35:53 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2009/06/11 07:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
O2 - BHO: (Free Traffic Bar Toolbar) - {0ed0633c-a54d-47f1-94e7-5bded41ae674} - C:\Program Files\Free_Traffic_Bar\tbFre1.dll (Conduit Ltd.)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O2 - BHO: (SBCONVERT Class) - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll (Speedbit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll (Conduit Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Toolbar BHO) - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll (IObit)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SpeedBit Video Downloader\Toolbar\Grabber.dll (Speedbit Ltd.)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Free Traffic Bar Toolbar) - {0ed0633c-a54d-47f1-94e7-5bded41ae674} - C:\Program Files\Free_Traffic_Bar\tbFre1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Alexa) - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files\Alexa Toolbar\AlxTB2.9.39.dll (Alexa Internet, Inc.)
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {EFA17369-CDC0-4927-9AFC-BAAD1F96B2AE} - C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll (IObit)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (4shared.com Toolbar) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - C:\Program Files\4shared.com\tb4sha.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Free Traffic Bar Toolbar) - {0ED0633C-A54D-47F1-94E7-5BDED41AE674} - C:\Program Files\Free_Traffic_Bar\tbFre1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\tbMyA1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe (Ascentive)
O4 - HKCU..\Run: [mnumsg.exe] C:\Program Files\MyShoppingGenie\mnumsg.exe (MyNetUniverse Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Add to TimeLeft Auction Watch - {21196042-830F-419f-A594-F9D456A6C29A} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Add to TimeLeft Auction Watch - {21196042-830F-419f-A594-F9D456A6C29A} - Reg Error: Key error. File not found
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 07:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/07/20 20:50:31 | 010,460,057 | ---- | M] () - C:\autosave interval.swf -- [ NTFS ]
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files - Modified Within 30 Days ========== [2011/03/22 10:14:23 | 000,001,061 | ---- | M] () -- C:\Users\User\Desktop\OTL - Shortcut.lnk
[2011/03/22 09:57:23 | 000,015,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/22 09:57:23 | 000,015,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/22 09:50:45 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\AWC AutoSweep.job
[2011/03/22 09:50:08 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/22 09:50:06 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2011/03/22 09:50:00 | 000,000,312 | -HS- | M] () -- C:\Windows\tasks\hviwyotl.job
[2011/03/22 09:49:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/22 09:49:52 | 2616,893,440 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/21 23:21:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/21 16:31:34 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\AWC Update.job
[2011/03/20 16:44:09 | 000,626,562 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/03/20 16:44:09 | 000,110,676 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/03/20 15:51:13 | 000,001,247 | ---- | M] () -- C:\Users\Public\Desktop\Video Download Studio.lnk
[2011/03/18 08:21:56 | 000,002,290 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/03/17 20:36:09 | 000,020,480 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/17 16:36:27 | 000,002,247 | ---- | M] () -- C:\Users\Public\Desktop\Play Shadow Wolf Mysteries - Curse of the Full Moon.lnk
[2011/03/17 16:36:27 | 000,001,298 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2011/03/16 15:00:05 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\Web Studio 5.0 Updates.job
[2011/03/13 18:24:14 | 000,000,031 | ---- | M] () -- C:\Windows\bluevoda.ini
[2011/03/10 15:17:12 | 000,001,124 | ---- | M] () -- C:\Users\User\Desktop\AusstralianHorseRacingWelcome - Shortcut (2).lnk
[2011/03/10 15:16:58 | 000,001,296 | ---- | M] () -- C:\Users\User\Desktop\FREQUENTLY_ASKED_QUESTIONS_prospects_home_page[1] - Shortcut.lnk
[2011/03/10 15:15:58 | 000,001,124 | ---- | M] () -- C:\Users\User\Desktop\AusstralianHorseRacingWelcome - Shortcut.lnk
[2011/03/09 08:07:48 | 000,002,145 | ---- | M] () -- C:\Users\Public\Desktop\Play Serpent of Isis - Your Journey Continues.lnk
[2011/03/09 08:04:08 | 000,001,670 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Manager.lnk
[2011/03/09 08:04:08 | 000,001,646 | ---- | M] () -- C:\Users\Public\Desktop\Game Manager.lnk
[2011/03/07 09:54:26 | 000,480,992 | ---- | M] () -- C:\Users\User\Documents\Document10001.tif
[2011/03/07 09:51:41 | 000,480,992 | ---- | M] () -- C:\Users\User\Documents\Document1.tif
[2011/02/25 15:16:02 | 158,067,944 | ---- | M] () -- C:\Users\User\Desktop\OOo_3.3.0_Win_x86_install-wJRE_en-US.exe
[2011/02/23 18:26:09 | 003,754,581 | ---- | M] () -- C:\Users\User\Documents\gARFIELD.rtf
[2011/02/23 17:56:27 | 000,000,098 | ---- | M] () -- C:\Users\User\Documents\11demo.html
[2011/02/23 16:55:10 | 000,000,119 | ---- | M] () -- C:\Users\User\Documents\11underline2.html
[2011/02/23 16:51:22 | 000,000,100 | ---- | M] () -- C:\Users\User\Documents\11underline.html
[2011/02/23 14:03:29 | 000,513,032 | ---- | M] () -- C:\Users\User\Desktop\sdasetup.exe
[2011/02/21 23:32:36 | 000,305,920 | ---- | M] () -- C:\Users\User\Documents\Wiresharksavedfile.pcap
[2011/02/21 23:27:54 | 000,001,710 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk
========== Alternate Data Streams ========== @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:A4E7D25F
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:9720EBEF
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:A88BE334
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:0BBF232A
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:BE6B5FC3
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:59465B40
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:B190BE3A
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:A5241382
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:9BAC4211
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:378824DE
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:B6E6C4EA
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:A6D89509
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:65B8AF94
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:8BE7A048
< End of report >