OTL logfile created on: 12/26/2011 8:26:57 PM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\501260332\Desktop
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.16 Gb Total Physical Memory | 2.11 Gb Available Physical Memory | 66.60% Memory free
6.33 Gb Paging File | 5.29 Gb Available in Paging File | 83.56% Paging File free
Paging file location(s): C:\PageFile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 159.68 Gb Free Space | 68.57% Space Free | Partition Type: NTFS
Drive E: | 499.23 Mb Total Space | 498.67 Mb Free Space | 99.89% Space Free | Partition Type: FAT
 
Computer Name: T00726114 | User Name: 501260332 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/12/26 19:21:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\501260332\Desktop\OTL.exe
PRC - [2011/09/19 05:31:10 | 002,221,200 | ---- | M] (Giraffic) -- C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe
PRC - [2011/09/19 05:30:52 | 003,663,488 | ---- | M] (Giraffic) -- C:\Program Files\Giraffic\Veoh_Giraffic.exe
PRC - [2011/07/29 12:36:53 | 000,125,992 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Client Firewall\SCFManager.exe
PRC - [2011/07/29 12:36:53 | 000,030,248 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Client Firewall\SCFService.exe
PRC - [2011/07/29 12:36:49 | 000,093,736 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
PRC - [2011/07/29 12:36:44 | 000,104,488 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
PRC - [2011/07/29 12:36:40 | 000,802,816 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Remote Management System\RouterNT.exe
PRC - [2011/07/29 12:36:39 | 000,278,528 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
PRC - [2011/07/15 23:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/17 11:30:20 | 000,859,448 | ---- | M] (WebEx Communications Inc.) -- C:\Program Files\WebEx\Connect\apUpdate.exe
PRC - [2011/03/23 21:14:34 | 000,483,328 | ---- | M] (General Electric) -- C:\Program Files\Common Files\GE\ITAM\AgentChk.exe
PRC - [2011/02/21 19:14:48 | 000,072,296 | ---- | M] (O2Micro International) -- C:\Windows\System32\drivers\o2flash.exe
PRC - [2011/01/04 16:22:22 | 008,820,040 | ---- | M] () -- C:\Program Files\MANDIANT\MANDIANT Intelligent Response Agent\MAVservice.exe
PRC - [2010/11/05 22:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/10/23 02:11:56 | 000,193,904 | ---- | M] (Juniper Networks, Inc.) -- C:\Program Files\Juniper Networks\Odyssey Access Client\odClientService.exe
PRC - [2010/10/23 01:40:50 | 000,152,944 | ---- | M] (Juniper Networks) -- C:\Program Files\Common Files\Juniper Networks\TNC Client\jTnccService.exe
PRC - [2010/10/22 15:54:52 | 000,402,800 | ---- | M] (Juniper Networks) -- C:\Program Files\Common Files\Juniper Networks\Endpoint Defense\dsEES.exe
PRC - [2010/10/22 05:45:10 | 000,198,000 | ---- | M] (Juniper Networks) -- C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
PRC - [2010/09/30 21:03:42 | 000,628,080 | ---- | M] (Juniper Networks) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
PRC - [2010/04/07 14:46:06 | 000,094,208 | ---- | M] () -- C:\Program Files\GE\ApplicationDepot\AppDepotInstallerService.exe
PRC - [2010/02/03 03:09:46 | 000,175,144 | ---- | M] (Sophos Plc) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
PRC - [2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/10/03 00:16:34 | 000,234,760 | ---- | M] (CA International Inc.) -- C:\Program Files\CA\DSM\bin\amswmagt.exe
PRC - [2009/10/02 23:12:28 | 000,184,584 | ---- | M] (CA International Inc.) -- C:\Program Files\CA\DSM\bin\ccnfAgent.exe
PRC - [2009/10/02 23:12:14 | 000,036,616 | ---- | M] (CA International Inc.) -- C:\Program Files\CA\DSM\bin\ccsmagtd.exe
PRC - [2009/10/02 23:09:22 | 000,195,848 | ---- | M] (CA International Inc.) -- C:\Program Files\CA\DSM\bin\CAF.exe
PRC - [2009/10/02 23:09:22 | 000,148,232 | ---- | M] (CA International Inc.) -- C:\Program Files\CA\DSM\bin\cfnotsrvd.exe
PRC - [2009/10/02 23:09:22 | 000,032,520 | ---- | M] (CA International Inc.) -- C:\Program Files\CA\DSM\bin\cfFTPlugin.exe
PRC - [2009/10/02 23:09:22 | 000,017,672 | ---- | M] (CA International Inc.) -- C:\Program Files\CA\DSM\bin\cfsmsmd.exe
PRC - [2009/10/02 04:19:16 | 000,380,988 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Endpoint Encryption for PC\SbClientManager.exe
PRC - [2009/07/13 20:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/06/11 15:35:40 | 000,181,512 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\SC\CAM\bin\cam.exe
PRC - [2009/01/23 16:36:50 | 000,159,744 | ---- | M] () -- C:\Program Files\CA\SC\Csam\SockAdapter\bin\CSAMPmux.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2010/01/30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2011/09/19 05:31:10 | 002,221,200 | ---- | M] (Giraffic) [Auto | Running] -- C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe -- (Giraffic)
SRV - [2011/07/29 12:36:53 | 000,125,992 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Sophos Client Firewall\SCFManager.exe -- (Sophos Client Firewall Manager)
SRV - [2011/07/29 12:36:53 | 000,030,248 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Sophos Client Firewall\SCFService.exe -- (Sophos Client Firewall)
SRV - [2011/07/29 12:36:49 | 000,093,736 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe -- (SAVService)
SRV - [2011/07/29 12:36:44 | 000,104,488 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe -- (SAVAdminService)
SRV - [2011/07/29 12:36:40 | 000,802,816 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Remote Management System\RouterNT.exe -- (Sophos Message Router)
SRV - [2011/07/29 12:36:39 | 000,278,528 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe -- (Sophos Agent)
SRV - [2011/06/27 14:24:58 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/06/17 11:30:20 | 000,859,448 | ---- | M] (WebEx Communications Inc.) [Auto | Running] -- C:\Program Files\WebEx\Connect\apUpdate.exe -- (Cisco WebEx Connect Upgrade Service)
SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/02/21 19:14:48 | 000,072,296 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\System32\drivers\o2flash.exe -- (O2FLASH)
SRV - [2011/01/04 16:22:22 | 008,820,040 | ---- | M] () [Auto | Running] -- C:\Program Files\MANDIANT\MANDIANT Intelligent Response Agent\MAVservice.exe -- (IAScan)
SRV - [2010/11/05 22:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/10/23 02:11:56 | 000,193,904 | ---- | M] (Juniper Networks, Inc.) [Auto | Running] -- C:\Program Files\Juniper Networks\Odyssey Access Client\odClientService.exe -- (odClientService)
SRV - [2010/10/23 01:40:50 | 000,152,944 | ---- | M] (Juniper Networks) [On_Demand | Running] -- C:\Program Files\Common Files\Juniper Networks\TNC Client\jTnccService.exe -- (EacService)
SRV - [2010/10/22 05:45:10 | 000,198,000 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe -- (JuniperAccessService)
SRV - [2010/09/30 21:03:42 | 000,628,080 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010/04/07 14:46:06 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\GE\ApplicationDepot\AppDepotInstallerService.exe -- (AppDepotInstallerService)
SRV - [2010/02/03 03:09:46 | 000,175,144 | ---- | M] (Sophos Plc) [Auto | Running] -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe -- (Sophos AutoUpdate Service)
SRV - [2009/10/02 23:09:22 | 000,195,848 | ---- | M] (CA International Inc.) [Auto | Running] -- C:\Program Files\CA\DSM\bin\caf.exe -- (caf)
SRV - [2009/10/02 04:19:16 | 000,380,988 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Endpoint Encryption for PC\SbClientManager.exe -- (SafeBootClientManager)
SRV - [2009/07/13 20:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/11 15:35:40 | 000,181,512 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files\CA\SC\CAM\bin\cam.exe -- (CA-MessageQueuing)
SRV - [2009/01/23 16:36:50 | 000,159,744 | ---- | M] () [Auto | Running] -- C:\Program Files\CA\SC\Csam\SockAdapter\bin\csampmux.exe -- (CA-SAM-Pmux)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | Boot | Running] -- C:\Windows\System32\drivers\dgwfp.sys -- (dgwfp)
DRV - File not found [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\dgrule.sys -- (dgrule)
DRV - File not found [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\dgmaster.sys -- (DGMASTER)
DRV - File not found [File_System | Unknown | Stopped] -- C:\Windows\System32\Drivers\DgLfs.sys -- (DGLFS)
DRV - File not found [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\dgkpmail.sys -- (dgkpmail)
DRV - File not found [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\dgfsmon.sys -- (dgfsmon)
DRV - File not found [File_System | Unknown | Stopped] -- C:\Windows\System32\Drivers\DgFs.sys -- (DGFS)
DRV - File not found [File_System | Unknown | Stopped] -- C:\Windows\System32\Drivers\DgDt.sys -- (DGDT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\DgDmkDisk.sys -- (DgDmkDisk)
DRV - File not found [File_System | Unknown | Stopped] -- C:\Windows\System32\Drivers\DgDmk.sys -- (DGDmk)
DRV - File not found [Kernel | Disabled | Running] -- C:\Windows\System32\drivers\dgcotman.sys -- (dgcotman)
DRV - File not found [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\dgbusmon.sys -- (dgbusmon)
DRV - File not found [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\dgapimon.sys -- (dgapimon)
DRV - [2011/12/15 22:13:10 | 000,019,920 | ---- | M] () [Kernel | On_Demand | Running] -- C:\ProgramData\MANDIANT\MANDIANT Intelligent Response Agent\mktools.sys -- (Mandiant_Tools)
DRV - [2011/07/29 12:36:55 | 000,060,968 | ---- | M] (Sophos Plc) [Kernel | System | Running] -- C:\Windows\System32\drivers\scfdriver.sys -- (scfdriver)
DRV - [2011/07/29 12:36:55 | 000,028,200 | ---- | M] (Sophos Plc) [Kernel | System | Running] -- C:\Windows\System32\drivers\scflwf.sys -- (scflwf)
DRV - [2011/07/29 12:36:45 | 000,023,928 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sdcfilter.sys -- (sdcfilter)
DRV - [2011/07/29 12:36:43 | 000,121,848 | ---- | M] (Sophos Plc) [File_System | System | Running] -- C:\Windows\System32\drivers\savonaccess.sys -- (SAVOnAccess)
DRV - [2011/07/29 12:36:42 | 000,022,536 | ---- | M] (Sophos Plc) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\SophosBootDriver.sys -- (SophosBootDriver)
DRV - [2011/02/21 19:14:48 | 000,063,848 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sdjw7.sys -- (O2SDJRDR)
DRV - [2011/02/21 19:14:48 | 000,062,440 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\O2MDRw7.sys -- (O2MDRRDR)
DRV - [2011/02/21 19:14:48 | 000,060,904 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2mdfw7.sys -- (O2MDFRDR)
DRV - [2011/01/05 19:42:14 | 000,284,792 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/12/13 08:33:36 | 000,043,888 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelern.sys -- (Acceler)
DRV - [2010/10/28 06:41:02 | 000,238,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1c6232.sys -- (e1cexpress) Intel(R)
DRV - [2010/10/23 01:21:42 | 000,282,496 | ---- | M] (Juniper Networks, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\odFips2.sys -- (odFips2)
DRV - [2010/10/23 01:21:42 | 000,009,856 | ---- | M] (Juniper Networks, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\odFips.sys -- (odFips)
DRV - [2010/10/19 09:33:40 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI) Intel(R)
DRV - [2010/09/30 20:41:48 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2010/08/20 10:04:38 | 000,017,648 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\stdcfltn.sys -- (stdcfltn)
DRV - [2010/07/15 14:09:18 | 000,034,800 | ---- | M] (Juniper Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jnprvamgr.sys -- (JnprVaMgr)
DRV - [2010/07/15 14:09:14 | 000,017,776 | ---- | M] (Juniper Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jnprva.sys -- (jnprva)
DRV - [2010/07/15 14:09:12 | 000,420,464 | ---- | M] (Juniper Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jnprna.sys -- (jnprna)
DRV - [2009/11/03 16:40:42 | 000,033,832 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2009/10/02 04:18:30 | 000,012,416 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SbRegFlt.sys -- (SbRegFlt)
DRV - [2009/10/02 04:18:27 | 000,006,496 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2009/10/02 04:18:23 | 000,033,328 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\RsvLock.sys -- (RsvLock)
DRV - [2009/10/02 04:18:16 | 000,034,480 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SbFlop.sys -- (SbFlop)
DRV - [2009/10/02 04:17:57 | 000,103,760 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2008/08/13 12:51:42 | 000,044,976 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SbAlg.sys -- (SBAlg)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ge.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ge.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://ps.setpac.ge.com/pac.pac
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre1.6.0_22\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
O1 HOSTS File: ([2011/12/26 17:52:45 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.6.0_22\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FreeFallProtection] C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [OdTray.exe] C:\Program Files\Juniper Networks\Odyssey Access Client\OdTray.exe (Juniper Networks, Inc.)
O4 - HKLM..\Run: [SafeBootTokenWatcher] C:\Program Files\McAfee\Endpoint Encryption for PC\SbTokWatch.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SafeBootTrayManager] C:\Program Files\SafeBoot Tray Manager\SbTrayManager.exe ()
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - Startup: C:\Users\501260332\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPublishingWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWebServices = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyGames = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPublishingWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWebServices = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogonScripts = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: vetco.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: vetcogray.com ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: brassring.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: directory.concursolutions.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: ecomagination.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: ge.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: gebrandcentral.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: gecareers.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: gecompany.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: gedigitalmedia.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: gemediacentral.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: genewscenter.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: geolympiccentral.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: geready.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: ge-registrar.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: gereports.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: globalempservices.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: healthymagination.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: logmeinrescue-enterprise.com ([Secure] http in Trusted sites)
O15 - HKCU\..Trusted Domains: logmeinrescue-enterprise.com ([Secure] https in Trusted sites)
O15 - HKCU\..Trusted Domains: mylearning-ge.plateau.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: netserviceeurope.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: service-now.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: vetco.com ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: vetcogray.com ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: webex.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: webexconnect.com ([]* in Trusted sites)
O16 - DPF: {3605B612-C3CF-4AB4-A426-2D853391DB2E} http://internal.infra.ge.com/qcbin/capicom.dll (Certificates Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.5.0_14)
O16 - DPF: {BF17C411-9ADA-4C73-B12C-BD814BDE187F} https://slw.mahindrasatyam.com/SatyamLearningWorld/core/common/ScheduleServices/ScheduleServices.cab (ScheduleServices.CtlScheduleServices)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}  (Reg Error: Value error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://juniper.net/dana-cached/setup/JuniperSetupSP1.cab (JuniperSetupControlXP Class)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O16 - DPF: {FCADE536-93F5-4577-80A3-E7C32FAC4C7D} http://internal.infra.ge.com/qcbin/Spider10.cab (Loader Class v5)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = psamer.ps.ge.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5056D14E-A225-4544-8B11-679F629765E0}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5379117-1047-4BEE-8DF3-33DEF542B0BE}: DhcpNameServer = 3.96.198.165 3.56.240.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4613689-1E4C-49EA-A39F-D5A92408BE8A}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = VfJ] -- "C:\Users\501260332\AppData\Local\yoa.exe" -a "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/12/26 20:24:13 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\501260332\Desktop\OTL.exe
[2011/12/15 22:14:01 | 000,000,000 | ---D | C] -- C:\Program Files\MANDIANT Intelligent Response Agent
[2011/12/15 22:13:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\MANDIANT
[2011/12/15 22:13:08 | 000,000,000 | -H-D | C] -- C:\Program Files\MANDIANT
[2011/12/06 17:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2011/12/05 23:26:20 | 000,000,000 | ---D | C] -- C:\Users\501260332\AppData\Local\Sophos
[2011/07/29 11:03:44 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/12/26 20:27:52 | 000,615,360 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/26 20:27:52 | 000,103,702 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/12/26 20:27:35 | 000,000,362 | -H-- | M] () -- C:\Windows\tasks\ITAM Agent Check.job
[2011/12/26 20:05:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/26 20:04:18 | 000,012,064 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/26 20:04:18 | 000,012,064 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/26 19:57:30 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/26 19:57:04 | 000,000,142 | ---- | M] () -- C:\Windows\ODBC.INI
[2011/12/26 19:56:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/26 19:21:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\501260332\Desktop\OTL.exe
[2011/12/26 16:44:44 | 000,194,266 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/12/26 12:14:08 | 000,000,340 | -H-- | M] () -- C:\Windows\tasks\ITAM Agent Check Daily.job
[2011/12/26 09:31:50 | 000,025,286 | RHS- | M] () -- C:\Users\501260332\ntuser.pol
[2011/12/21 14:26:25 | 075,303,889 | ---- | M] () -- C:\Users\501260332\Documents\2011-08_August_Release.zip
[2011/12/20 13:56:22 | 000,001,266 | ---- | M] () -- C:\Users\501260332\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2011/12/20 05:42:08 | 000,967,882 | ---- | M] () -- C:\Users\501260332\Documents\GAMS_TG_REVIEW_DASHBOARD_2011_Dec20.zip
[2011/12/19 21:00:00 | 000,000,530 | ---- | M] () -- C:\Windows\tasks\Workstation.job
[2011/12/16 08:13:06 | 000,431,208 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/15 02:06:19 | 000,002,290 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/12/13 04:29:06 | 000,966,847 | ---- | M] () -- C:\Users\501260332\Documents\GAMS_TG_REVIEW_DASHBOARD_2011_Dec13.zip
[2011/12/09 23:56:27 | 001,203,104 | ---- | M] () -- C:\Users\501260332\Documents\GAMS EN Oracle Support VGM-Nov11.zip
[2011/12/08 16:09:04 | 000,047,616 | ---- | M] () -- C:\Users\501260332\Documents\RE Wind contracts to cash Dec release.msg(Exception approval).msg
[2011/12/07 10:57:49 | 000,967,499 | ---- | M] () -- C:\Users\501260332\Documents\GAMS_TG_REVIEW_DASHBOARD_2011_Nov29.zip
[2011/12/06 04:26:24 | 000,966,050 | ---- | M] () -- C:\Users\501260332\Documents\GAMS_TG_REVIEW_DASHBOARD_2011_Dec06.zip
[2011/11/30 15:25:54 | 000,326,144 | ---- | M] () -- C:\Users\501260332\Documents\RE GAMS TG4 review inputs_Zeal implementation.msg
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/12/21 14:26:25 | 075,303,889 | ---- | C] () -- C:\Users\501260332\Documents\2011-08_August_Release.zip
[2011/12/20 05:42:08 | 000,967,882 | ---- | C] () -- C:\Users\501260332\Documents\GAMS_TG_REVIEW_DASHBOARD_2011_Dec20.zip
[2011/12/13 04:29:05 | 000,966,847 | ---- | C] () -- C:\Users\501260332\Documents\GAMS_TG_REVIEW_DASHBOARD_2011_Dec13.zip
[2011/12/09 00:39:21 | 001,203,104 | ---- | C] () -- C:\Users\501260332\Documents\GAMS EN Oracle Support VGM-Nov11.zip
[2011/12/08 16:09:04 | 000,047,616 | ---- | C] () -- C:\Users\501260332\Documents\RE Wind contracts to cash Dec release.msg(Exception approval).msg
[2011/12/07 10:57:43 | 000,967,499 | ---- | C] () -- C:\Users\501260332\Documents\GAMS_TG_REVIEW_DASHBOARD_2011_Nov29.zip
[2011/12/06 04:26:23 | 000,966,050 | ---- | C] () -- C:\Users\501260332\Documents\GAMS_TG_REVIEW_DASHBOARD_2011_Dec06.zip
[2011/11/30 15:25:53 | 000,326,144 | ---- | C] () -- C:\Users\501260332\Documents\RE GAMS TG4 review inputs_Zeal implementation.msg
[2011/09/23 15:47:56 | 000,000,227 | ---- | C] () -- C:\Windows\mercury.ini
[2011/07/29 12:41:36 | 000,000,142 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/07/29 12:15:37 | 000,000,078 | ---- | C] () -- C:\Windows\init.ini
[2011/07/29 11:11:58 | 000,000,000 | ---- | C] () -- C:\Windows\SOCL7003-04-US.EXE
[2011/07/29 11:03:52 | 000,194,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/07/29 11:03:45 | 000,960,940 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2011/07/29 11:03:44 | 000,207,376 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2011/07/29 11:03:44 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2011/07/29 11:03:44 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2011/07/29 11:03:39 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2011/06/27 14:18:17 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2011/06/27 10:30:41 | 000,000,051 | ---- | C] () -- C:\Windows\smsts.ini
[2010/10/23 01:21:42 | 000,000,064 | ---- | C] () -- C:\Windows\System32\drivers\odFIPS2.sys.icv
[2009/10/02 04:17:57 | 000,103,760 | ---- | C] () -- C:\Windows\System32\drivers\SafeBoot.sys
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,431,208 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,615,360 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,103,702 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/01/23 16:36:10 | 000,007,680 | ---- | C] () -- C:\Windows\System32\csamenc.dll
[1998/09/21 15:16:00 | 000,000,167 | ---- | C] () -- C:\Windows\Mtb12.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/09/15 07:45:45 | 000,000,000 | ---D | M] -- C:\Users\501260332\AppData\Roaming\09D849B6-32D3-4a40-85EE-6B84BA29E35B
[2011/08/19 12:09:47 | 000,000,000 | ---D | M] -- C:\Users\501260332\AppData\Roaming\ATT Connect
[2011/08/04 09:31:58 | 000,000,000 | ---D | M] -- C:\Users\501260332\AppData\Roaming\Connect
[2011/08/03 15:05:42 | 000,000,000 | ---D | M] -- C:\Users\501260332\AppData\Roaming\Funk Software
[2011/08/04 22:41:18 | 000,000,000 | ---D | M] -- C:\Users\501260332\AppData\Roaming\Juniper Networks
[2011/12/22 09:30:21 | 000,000,000 | ---D | M] -- C:\Users\501260332\AppData\Roaming\webex
[2011/12/26 08:54:34 | 000,000,000 | ---D | M] -- C:\Users\501260332\AppData\Roaming\WebEx Connect
[2011/08/05 15:12:37 | 000,000,000 | ---D | M] -- C:\Users\501260332\AppData\Roaming\Xerox
[2011/12/26 12:14:08 | 000,000,340 | -H-- | M] () -- C:\Windows\Tasks\ITAM Agent Check Daily.job
[2011/12/26 20:27:35 | 000,000,362 | -H-- | M] () -- C:\Windows\Tasks\ITAM Agent Check.job
[2009/07/13 23:53:46 | 000,015,724 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/12/19 21:00:00 | 000,000,530 | ---- | M] () -- C:\Windows\Tasks\Workstation.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >