This topic is locked
I was on paltalk in a trading room when it struck. The following are copies as per the guide. I was unable to run GMER. Tried several times but kept locking up.
MBAM
Malwarebytes' Anti-Malware 1.44
Database version: 3796
Windows 5.1.2600 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18702
2/26/2010 3:57:50 PM
mbam-log-2010-02-26 (15-57-50).txt
Scan type: Quick Scan
Objects scanned: 182800
Time elapsed: 21 minute(s), 50 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a072ec12-a40b-41dd-9a1a-cdb848b70f3c} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{964bf54a-a147-4b3f-9540-6c40cc6b9d8c} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bd4f7a6d-0107-4bdf-b72b-021b717b06ce} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c002dc40 (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00fce15a50.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f215ea27d.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files\noadware.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\HelpAssistant.FOUNDATION1-LT\Local Settings\Temp\wxlony.dll (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Scott.Edgelow.CORP\Local Settings\Temp\wxlony.dll (Trojan.Dropper) -> Quarantined and deleted successfully.
OTL
Extras
OTL Extras logfile created on: 2/27/2010 10:25:00 AM - Run 1
OTL by OldTimer - Version 3.1.30.3 Folder = C:\Documents and Settings\Scott.Edgelow.CORP\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 668.00 Mb Available Physical Memory | 66.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 28.00% Paging File free
Paging file location(s): c:\pagefile.sys 1524 1524 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.54 Gb Total Space | 72.84 Gb Free Space | 65.31% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: FOUNDATION1-LT
Current User Name: Scott.Edgelow
NOT logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"3246:TCP" = 3246:TCP:*:Enabled:Services
"2479:TCP" = 2479:TCP:*:Enabled:Services
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"2479:TCP" = 2479:TCP:*:Enabled:Services
"3246:TCP" = 3246:TCP:*:Enabled:Services
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon -- File not found
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe" = C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed -- File not found
"C:\Program Files\Common Files\AOL\1165448889\EE\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1165448889\EE\AOLServiceHost.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe" = C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Paltalk Messenger\paltalk.exe" = C:\Program Files\Paltalk Messenger\paltalk.exe:*:Enabled:Paltalk 9.0 -- (AVM Software Inc.)
"C:\Program Files\Refined Elliott Trader\rtdm\RETDM.exe" = C:\Program Files\Refined Elliott Trader\rtdm\RETDM.exe:*:Enabled:Refined Elliott Trader Data Manager -- (Elliottician PL)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
"C:\Program Files\Outlook Express\Paltalk Messenger\paltalk.exe" = C:\Program Files\Outlook Express\Paltalk Messenger\paltalk.exe:*:Enabled:Paltalk 9.1 -- (AVM Software Inc.)
"C:\Program Files\InterVideo\DVD8\WinDVD.exe" = C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Enabled:WinDVD -- File not found
"C:\Program Files\TOSHIBA\SoftIPT\SoftIPT.exe" = C:\Program Files\TOSHIBA\SoftIPT\SoftIPT.exe:*:Enabled:TOSHIBA SoftIPT -- ()
"C:\Program Files\eSignal\winros.exe" = C:\Program Files\eSignal\winros.exe:*:Enabled:eSignal Data Manager -- (eSignal)
"C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{105D3B41-2F2F-335A-C309-C859A0F4CBE8}" = FX AccuCharts
"{117CD9C0-0F15-4633-93D7-F957B50535A5}" = Popup Blocker (Windows Live Toolbar)
"{11E7A78C-2D3F-466F-9B19-DBCADA00CCE0}" = SoftIPT
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1707BF02-0F5C-4A6C-8F17-053BB73E443F}" = Tabbed Browsing (Windows Live Toolbar)
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3727B920-F5A3-46A4-AC02-94F421A039C7}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{3D2008B2-9C81-4122-BE3F-688B55FA55C5}" = Microsoft Report Viewer Redistributable 2005
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}" = Interbank FX Trader 4 4.00
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format
"{49672EC2-171B-47B4-8CE7-50D7806360D7}" = Windows Live Sign-in Assistant
"{53B2CFE9-A508-4457-B2CA-5D253536BFB7}" = OneCare Advisor (Windows Live Toolbar)
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility
"{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility
"{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7B7DB8BB-636E-409E-904F-D605E4F3E5BB}" = SplitView 2007
"{8398B542-3CC4-44D9-83DF-696CCE70124B}" = Windows Support Tools
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{903B0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{91A10409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{95FC661A-A0C5-4B18-92CE-90347DA79CC9}" = Smart Menus (Windows Live Toolbar)
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A40D6757-B145-4FE7-B694-89180A9F3F64}" = Windows Live Outlook Toolbar (Windows Live Toolbar)
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A98AFBC7-D5A7-46A1-8795-EABE2F55A7D6}" = Microsoft Office Live Meeting 2007
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B01C5346-AD58-4077-85FB-B3C8D89DC8EA}" = RET Mastery Theory Exam
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1B88D34-BC32-4F88-96F4-39CA6B579AC0}" = Global Trading System Pro
"{B39C475A-77A7-446D-B423-8051E976D910}" = USB to Serial Bridge Controller
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA4DF4C3-196E-4128-969A-00996B5A46F8}" = Canon MP500
"{BCB4C18A-ACA6-4383-8688-E19933A705DD}" = Microsoft SOAP Toolkit 3.0
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{DA0FFF7B-DA9D-46A2-A329-87804ECA58EA}" = Windows Live Toolbar
"{DC4F4E70-DEFD-4717-BEC7-BDB648718D46}" = eSignal
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E31C348B-63A9-4CBF-8D7F-D932ABB63244}" = Ad-Aware 2007
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{ECDA9BD9-A54E-462A-8191-A2B569D9AB34}" = Map Button (Windows Live Toolbar)
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"AC3Filter" = AC3Filter (remove only)
"ActiveTouchMeetingClient" = WebEx
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Canon iP90 Setup Utility" = Canon iP90 Setup Utility
"CANONBJ_Deinstall_CNMCP71.DLL" = Canon iP90
"CutePDF Writer Installation" = CutePDF Writer 2.7
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"EB88B6218325D2AB47CFFBF7170236B60A6198FF" = Windows Driver Package - Microsoft Corporation (usbvideo) Image (05/25/2007 1.0.3656.0)
"ERUNT_is1" = ERUNT 1.1j
"eSignal" = eSignal 10.5
"F-Secure Product 444" = Shaw Secure
"Global Trading System" = Global Trading System
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HijackThis" = HijackThis 2.0.0
"ICM Live WinTrader" = ICM Live WinTrader (remove only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Report Viewer Redistributable 2005" = Microsoft Report Viewer Redistributable 2005
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MSTargetContextSubmenu" = Target Context Menu (Remove Only)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PalTalk8.2" = PaltalkScene
"PC Diagnostic Tool" = TOSHIBA PC Diagnostic Tool
"Power Saver" = TOSHIBA Power Saver
"ProInst" = Intel® PROSet/Wireless Software
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer Basic
"Refined Elliott Trader" = Refined Elliott Trader 1.10.9
"RET Pro" = RET Pro 1.3.5
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Toshiba Tbiosdrv Driver" = Toshiba Tbiosdrv Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD_is1" = XviD MPEG-4 Video Codec
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 4.0.0.320
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/2/2009 12:39:43 PM | Computer Name = FOUNDATION1-LT | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 12/2/2009 12:40:17 PM | Computer Name = FOUNDATION1-LT | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 12/2/2009 12:40:35 PM | Computer Name = FOUNDATION1-LT | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 12/2/2009 8:40:36 PM | Computer Name = FOUNDATION1-LT | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 12/3/2009 12:17:47 AM | Computer Name = FOUNDATION1-LT | Source = Application Error | ID = 1000
Description = Faulting application paltalk.exe, version 9.96.3439.0, faulting module
mshtml.dll, version 8.0.6001.18852, fault address 0x0003d4d7.
Error - 12/3/2009 9:30:27 AM | Computer Name = FOUNDATION1-LT | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (A socket operation was attempted to an unreachable host. ). Group Policy
processing aborted.
Error - 12/3/2009 9:30:28 AM | Computer Name = FOUNDATION1-LT | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (A socket operation was attempted to an unreachable host. ). Group Policy
processing aborted.
Error - 12/3/2009 9:30:51 AM | Computer Name = FOUNDATION1-LT | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 12/3/2009 5:30:40 PM | Computer Name = FOUNDATION1-LT | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 12/3/2009 5:44:37 PM | Computer Name = FOUNDATION1-LT | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
[ System Events ]
Error - 8/28/2008 11:52:51 PM | Computer Name = FOUNDATION1-LT | Source = VETMONNT | ID = 105
Description =
Error - 8/28/2008 11:52:51 PM | Computer Name = FOUNDATION1-LT | Source = VETMONNT | ID = 105
Description =
Error - 8/28/2008 11:52:51 PM | Computer Name = FOUNDATION1-LT | Source = VETMONNT | ID = 105
Description =
Error - 8/28/2008 11:52:51 PM | Computer Name = FOUNDATION1-LT | Source = VETMONNT | ID = 105
Description =
Error - 8/28/2008 11:52:51 PM | Computer Name = FOUNDATION1-LT | Source = VETMONNT | ID = 105
Description =
Error - 8/28/2008 11:52:51 PM | Computer Name = FOUNDATION1-LT | Source = VETMONNT | ID = 105
Description =
Error - 8/28/2008 11:52:51 PM | Computer Name = FOUNDATION1-LT | Source = VETMONNT | ID = 105
Description =
Error - 8/28/2008 11:52:51 PM | Computer Name = FOUNDATION1-LT | Source = VETMONNT | ID = 105
Description =
Error - 8/28/2008 11:52:51 PM | Computer Name = FOUNDATION1-LT | Source = VETMONNT | ID = 105
Description =
Error - 8/28/2008 11:52:51 PM | Computer Name = FOUNDATION1-LT | Source = VETMONNT | ID = 105
Description =
< End of report >
OTL
OTL logfile created on: 2/27/2010 10:25:00 AM - Run 1
OTL by OldTimer - Version 3.1.30.3 Folder = C:\Documents and Settings\Scott.Edgelow.CORP\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 668.00 Mb Available Physical Memory | 66.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 28.00% Paging File free
Paging file location(s): c:\pagefile.sys 1524 1524 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.54 Gb Total Space | 72.84 Gb Free Space | 65.31% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: FOUNDATION1-LT
Current User Name: Scott.Edgelow
NOT logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/02/26 12:23:55 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\OTL.exe
PRC - [2010/01/15 20:09:37 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2007/07/06 13:02:26 | 000,561,152 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2004/08/03 23:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010/02/26 12:23:55 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\OTL.exe
MOD - [2006/08/25 08:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/01/25 14:20:18 | 000,056,000 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- C:\Program Files\Shaw Secure\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2009/11/23 17:59:35 | 000,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1ca6ca16ecfc4c8) Google Update Service (gupdate1ca6ca16ecfc4c8)
SRV - [2009/10/29 14:25:20 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- C:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009/08/05 08:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Stopped] -- C:\Program Files\Shaw Secure\Common\FSMA32.EXE -- (FSMA)
SRV - [2009/08/05 08:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Stopped] -- C:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2008/09/06 11:12:11 | 000,029,744 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-061008-081103)
SRV - [2007/07/06 13:02:26 | 000,561,152 | ---- | M] (Lavasoft AB) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)
SRV - [2007/02/07 14:25:53 | 000,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2007/01/19 11:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/02/21 03:32:22 | 000,295,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\termsrv32.dll -- (TermService)
SRV - [2005/12/20 12:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2005/11/28 11:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2005/11/28 11:29:00 | 000,114,753 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2005/11/28 11:28:14 | 000,217,164 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2005/01/17 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/08/27 09:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Stopped] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [2003/07/28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: [email protected]:1.10
FF - prefs.js..extensions.enabledItems: [email protected]:1.00
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Shaw Secure\NRS\[email protected] [2010/01/13 09:16:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/26 15:30:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/26 15:30:46 | 000,000,000 | ---D | M]
[2010/02/26 15:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\Mozilla\Extensions
[2010/02/26 16:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\Mozilla\Firefox\Profiles\t2csswre.default\extensions
[2010/02/26 16:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\Mozilla\Firefox\Profiles\t2csswre.default\extensions\[email protected]
[2010/02/26 15:30:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Shaw Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll File not found
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Shaw Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\agrsmmsg.exe (Agere Systems)
O4 - HKLM..\Run: [CFSServ.exe] File not found
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Shaw Secure\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Shaw Secure\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [HornetMonitor] C:\Program Files\Common Files\Hornet\MntrHrnt.exe File not found
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SplitView] C:\Program Files\SplitView 2007\SplitScr.exe ()
O4 - HKLM..\Run: [Synchronization Manager] C:\WINDOWS\System32\mobsync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [cdloader] C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKCU..\Run: [SplitScreen] C:\Program Files\SplitView 2007\SplitScr.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\Scott.Edgelow.CORP\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Open in new background tab - C:\Program Files\Windows Live Toolbar\Components\en-ca\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: Open in new foreground tab - C:\Program Files\Windows Live Toolbar\Components\en-ca\msntabres.dll.mui (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Shaw Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Shaw Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Shaw Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Shaw Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} http://apps.corel.co...IEGetPlugin.ocx (get_atlcom Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1193950252692 (WUWebControl Class)
O16 - DPF: {6EBC6744-5383-4213-AD5E-66434ECA1812} http://download.sp.f.../fslauncher.cab (F-Secure Online Scanner Launcher)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://elliottician...bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = corp.omeganet.ca
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\a8049154382: DllName - C:\WINDOWS\system32\__c004B279.dat - C:\WINDOWS\System32\__c004B279.dat File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d5bac32c-4c99-11de-9576-00a0d141fca7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d5bac32c-4c99-11de-9576-00a0d141fca7}\Shell\AutoRun\command - "" = E:\autorun.exe -- File not found
O33 - MountPoints2\{d5bac32c-4c99-11de-9576-00a0d141fca7}\Shell\phone\command - "" = E:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/11/01 12:04:02 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.
========== Files/Folders - Created Within 14 Days ==========
[2099/01/01 12:00:00 | 000,000,000 | --SD | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\My Webs
[2099/01/01 12:00:00 | 000,000,000 | --SD | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\My Web Sites
[2099/01/01 12:00:00 | 000,000,000 | --SD | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\My Shapes
[2099/01/01 12:00:00 | 000,000,000 | R--D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\My Videos
[2099/01/01 12:00:00 | 000,000,000 | R--D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\My Pictures
[2099/01/01 12:00:00 | 000,000,000 | R--D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\My Music
[2099/01/01 12:00:00 | 000,000,000 | R--D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Copy of My Videos
[2099/01/01 12:00:00 | 000,000,000 | -HSD | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\RECYCLER
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\worx
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\WoodStalk Biocomposites Inc
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\WebEx
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\VIDEO_TS
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Updater5
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\trade
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\stu
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\SP
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Shaun's Folder
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\scott
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\ROC
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Rapport
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\qx
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Prosper
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\PPT Viewer
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\PowerPoint
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Peru
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\panama
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\My Skype Received Files
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\My Skype Pictures
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\My Skype Content
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\My Received Files
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\My Notebook
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\My Meetings
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\My eBooks
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\mutual
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Mikogo
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Leprechaun
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Kaz
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\JBC
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\InterVideo
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\India
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\IJM
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\ICM
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\ICCC Canada
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\IBFX
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\heli
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\french patent
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Foundation
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\FONDESIF
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Esther
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\elliott
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Downloads
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\CRA
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Copy of My Skype Received Files
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Copy of My Skype Pictures
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Copy of My Notebook
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\chad
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\bolivia
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\BOD
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\blackberry
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\biosynergy
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\biofuel
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\Bendking
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\bell capital
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\srv-ads-01\Scott.Edgelow$\My Documents\avanti
[2010/02/26 18:31:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/02/26 16:17:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/02/26 16:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/02/26 15:30:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott.Edgelow.CORP\Local Settings\Application Data\Mozilla
[2010/02/26 15:30:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\Mozilla
[2010/02/26 15:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/02/26 12:33:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\Malwarebytes
[2010/02/26 12:33:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/02/26 12:33:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/02/26 12:33:37 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/02/26 12:33:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/02/26 12:30:14 | 000,196,806 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\mbam-setup.exe
[2010/02/26 12:23:53 | 000,549,888 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\OTL.exe
[2010/02/26 12:21:42 | 000,243,390 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\erunt_setup.exe
[2010/02/26 12:16:48 | 000,439,808 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\TFC.exe
[2009/11/27 06:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/11/23 18:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/10/12 19:38:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\F-Secure
[2009/05/13 08:15:09 | 005,670,736 | ---- | C] (MetaQuotes Software Corp.) -- C:\Program Files\mt4.exe
[2009/04/30 19:29:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/08/23 17:07:23 | 016,168,440 | ---- | C] (AVG Technologies) -- C:\Program Files\avg_free_stf_en_8_138a1332.exe
[2008/08/23 16:29:51 | 015,083,520 | ---- | C] (Safer Networking Limited ) -- C:\Program Files\spybotsd160.exe
[2008/08/23 16:21:05 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HJTInstall.exe
[2007/11/26 19:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2007/11/06 09:40:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2007/11/05 21:55:00 | 123,228,376 | ---- | C] (InterVideo) -- C:\Program Files\WinDVD8Platinum.exe
[2007/09/25 15:50:16 | 001,308,216 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis_v2.exe
[2007/09/25 15:47:38 | 007,467,056 | ---- | C] (Safer Networking Ltd. ) -- C:\Program Files\spybotsd15.exe
[2007/01/27 18:25:54 | 014,994,392 | ---- | C] (Macrovision Corporation) -- C:\Program Files\GoogleEarthWin.exe
[2006/11/04 09:17:12 | 012,841,064 | ---- | C] (Skype Technologies S.A. ) -- C:\Program Files\SkypeSetup.exe
[2006/10/31 21:29:45 | 001,951,432 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ppviewer.exe
[2006/03/02 23:07:17 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
[2006/02/21 03:37:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2006/02/21 03:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[53 \\srv-ads-01\Scott.Edgelow$\My Documents\*.tmp files -> \\srv-ads-01\Scott.Edgelow$\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\*.tmp files -> C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\*.tmp -> ]
========== Files - Modified Within 14 Days ==========
[2010/02/27 10:22:09 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/27 08:43:15 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/02/27 08:22:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/27 06:42:51 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/27 06:42:36 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Scott.Edgelow.CORP\ntuser.ini
[2010/02/27 06:42:35 | 008,912,896 | ---- | M] () -- C:\Documents and Settings\Scott.Edgelow.CORP\ntuser.dat
[2010/02/27 06:41:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/26 16:17:28 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/02/26 16:17:15 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\NTREGOPT.lnk
[2010/02/26 16:17:15 | 000,000,599 | ---- | M] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\ERUNT.lnk
[2010/02/26 15:33:09 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/26 15:30:50 | 000,001,609 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/02/26 12:30:17 | 000,196,806 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\mbam-setup.exe
[2010/02/26 12:23:55 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\OTL.exe
[2010/02/26 12:22:47 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\gmer.zip
[2010/02/26 12:21:46 | 000,243,390 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\erunt_setup.exe
[2010/02/26 12:16:56 | 000,439,808 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\TFC.exe
[2010/02/26 11:34:11 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/02/26 11:20:14 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/26 10:45:57 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2010/02/26 10:45:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2010/02/26 02:06:30 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2010/02/26 02:06:29 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2010/02/26 01:03:16 | 000,000,035 | ---- | M] () -- C:\WINDOWS\RET.INI
[2010/02/26 00:46:42 | 000,002,927 | ---- | M] () -- C:\WINDOWS\WinRos.ini
[2010/02/26 00:42:27 | 000,022,090 | ---- | M] () -- C:\WINDOWS\WinSig.ini
[2010/02/26 00:18:01 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2010/02/26 00:18:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2010/02/25 23:51:36 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2010/02/25 23:51:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2010/02/25 23:30:01 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2010/02/25 23:30:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2010/02/24 01:21:42 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2010/02/24 01:21:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2010/02/22 07:02:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2010/02/22 07:02:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2010/02/19 09:34:42 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2010/02/19 09:34:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2010/02/18 06:42:16 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2010/02/18 06:42:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2010/02/16 06:42:08 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2010/02/16 06:42:08 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010/02/14 22:28:39 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2010/02/14 22:28:38 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[53 \\srv-ads-01\Scott.Edgelow$\My Documents\*.tmp files -> \\srv-ads-01\Scott.Edgelow$\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\*.tmp files -> C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\*.tmp -> ]
========== Files Created - No Company Name ==========
[2099/01/01 12:00:00 | 191,260,552 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\MPEG 3D versus Mother Nature 18_16.mpg
[2099/01/01 12:00:00 | 104,531,196 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\MPEG Computeranimation 09_59.mpg
[2099/01/01 12:00:00 | 062,210,048 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Presentation Introduction into EVG-3D.pps
[2099/01/01 12:00:00 | 026,173,440 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Presentation Erection procedure.pps
[2099/01/01 12:00:00 | 017,476,139 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Photo Folder Hungaria-Residential Building.pdf
[2099/01/01 12:00:00 | 010,253,998 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Photo Folder Egypt-EL Nsayim.pdf
[2099/01/01 12:00:00 | 009,984,995 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\WORX-VPN-Access.rtf
[2099/01/01 12:00:00 | 009,324,032 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Presentation Worldwide 3D-Projects.pps
[2099/01/01 12:00:00 | 007,922,817 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Photo Folder Slovenia-Residential Building.pdf
[2099/01/01 12:00:00 | 007,058,345 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Photo Folder United Arab Emirates-200 Villas.pdf
[2099/01/01 12:00:00 | 006,470,286 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Photo Folder United Arab Emirates-Officers Villas.pdf
[2099/01/01 12:00:00 | 006,255,311 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Photo Folder Cambodia-2 Schools.pdf
[2099/01/01 12:00:00 | 006,008,857 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Photo Folder Malaysia-Showroom and Clubhouse.pdf
[2099/01/01 12:00:00 | 005,992,087 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Photo Folder Vietnam-Flood Proof Home.pdf
[2099/01/01 12:00:00 | 005,957,120 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Presentation Structural strength.pps
[2099/01/01 12:00:00 | 005,773,190 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Photo Folder Vietnam-School in Hue.pdf
[2099/01/01 12:00:00 | 005,608,311 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Description Strength and Earthquakes.pdf
[2099/01/01 12:00:00 | 003,611,731 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Photo Folder Austria-Prefabricated 3D Walls.pdf
[2099/01/01 12:00:00 | 002,780,529 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Photo Folder Venezuela-4-storey Buildings.pdf
[2099/01/01 12:00:00 | 002,398,173 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\LoaderBackup-(2006-06-20).ipd
[2099/01/01 12:00:00 | 002,095,542 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Description 3D Introduction.pdf
[2099/01/01 12:00:00 | 001,995,264 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\The Neufeld Community Development Plan Revised.ppt
[2099/01/01 12:00:00 | 001,949,184 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\The Jack Neufeld Family Charitable Foundation.ppt
[2099/01/01 12:00:00 | 001,215,977 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540023.JPG
[2099/01/01 12:00:00 | 001,129,850 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540019.JPG
[2099/01/01 12:00:00 | 001,099,567 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\air canada cargo.jpg
[2099/01/01 12:00:00 | 001,098,171 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510019.JPG
[2099/01/01 12:00:00 | 001,054,894 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540024.JPG
[2099/01/01 12:00:00 | 001,047,569 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500003.JPG
[2099/01/01 12:00:00 | 001,045,003 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530014.JPG
[2099/01/01 12:00:00 | 001,041,096 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500022.JPG
[2099/01/01 12:00:00 | 001,039,954 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520021.JPG
[2099/01/01 12:00:00 | 001,023,539 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530008.JPG
[2099/01/01 12:00:00 | 001,023,005 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530013.JPG
[2099/01/01 12:00:00 | 001,022,128 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510018.JPG
[2099/01/01 12:00:00 | 001,019,134 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530016.JPG
[2099/01/01 12:00:00 | 001,012,910 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550006.JPG
[2099/01/01 12:00:00 | 001,009,110 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510022.JPG
[2099/01/01 12:00:00 | 001,005,251 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520012.JPG
[2099/01/01 12:00:00 | 001,001,070 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500021.JPG
[2099/01/01 12:00:00 | 001,000,084 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530015.JPG
[2099/01/01 12:00:00 | 000,998,633 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510020.JPG
[2099/01/01 12:00:00 | 000,988,143 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500001.JPG
[2099/01/01 12:00:00 | 000,987,043 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540022.JPG
[2099/01/01 12:00:00 | 000,985,137 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540007.JPG
[2099/01/01 12:00:00 | 000,983,157 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540017.JPG
[2099/01/01 12:00:00 | 000,978,972 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500004.JPG
[2099/01/01 12:00:00 | 000,964,219 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510012.JPG
[2099/01/01 12:00:00 | 000,946,126 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530021.JPG
[2099/01/01 12:00:00 | 000,939,978 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510011.JPG
[2099/01/01 12:00:00 | 000,930,967 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Peru July 2007 075.jpg
[2099/01/01 12:00:00 | 000,930,346 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530024.JPG
[2099/01/01 12:00:00 | 000,928,100 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540004.JPG
[2099/01/01 12:00:00 | 000,913,810 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530012.JPG
[2099/01/01 12:00:00 | 000,913,631 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520001.JPG
[2099/01/01 12:00:00 | 000,911,377 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550001.JPG
[2099/01/01 12:00:00 | 000,908,998 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520019.JPG
[2099/01/01 12:00:00 | 000,901,318 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520020.JPG
[2099/01/01 12:00:00 | 000,894,695 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540025.JPG
[2099/01/01 12:00:00 | 000,887,308 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530025.JPG
[2099/01/01 12:00:00 | 000,884,433 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540037.JPG
[2099/01/01 12:00:00 | 000,880,793 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540033.JPG
[2099/01/01 12:00:00 | 000,873,890 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540005.JPG
[2099/01/01 12:00:00 | 000,872,891 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520002.JPG
[2099/01/01 12:00:00 | 000,872,864 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540013.JPG
[2099/01/01 12:00:00 | 000,872,158 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510009.JPG
[2099/01/01 12:00:00 | 000,871,790 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520017.JPG
[2099/01/01 12:00:00 | 000,862,208 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\090707 Expression of Interest from Worx Environmental.doc
[2099/01/01 12:00:00 | 000,858,919 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540009.JPG
[2099/01/01 12:00:00 | 000,858,605 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510004.JPG
[2099/01/01 12:00:00 | 000,855,235 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510014.JPG
[2099/01/01 12:00:00 | 000,854,680 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530018.JPG
[2099/01/01 12:00:00 | 000,853,288 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540012.JPG
[2099/01/01 12:00:00 | 000,851,375 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540030.JPG
[2099/01/01 12:00:00 | 000,851,021 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500005.JPG
[2099/01/01 12:00:00 | 000,844,387 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540027.JPG
[2099/01/01 12:00:00 | 000,842,418 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550012.JPG
[2099/01/01 12:00:00 | 000,841,764 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510003.JPG
[2099/01/01 12:00:00 | 000,835,743 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540008.JPG
[2099/01/01 12:00:00 | 000,835,654 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510005.JPG
[2099/01/01 12:00:00 | 000,834,408 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520009.JPG
[2099/01/01 12:00:00 | 000,833,982 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550017.JPG
[2099/01/01 12:00:00 | 000,825,571 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530011.JPG
[2099/01/01 12:00:00 | 000,825,464 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500011.JPG
[2099/01/01 12:00:00 | 000,822,777 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550016.JPG
[2099/01/01 12:00:00 | 000,822,506 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510023.JPG
[2099/01/01 12:00:00 | 000,820,360 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520018.JPG
[2099/01/01 12:00:00 | 000,819,619 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510007.JPG
[2099/01/01 12:00:00 | 000,814,913 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530003.JPG
[2099/01/01 12:00:00 | 000,809,710 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540014.JPG
[2099/01/01 12:00:00 | 000,807,749 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540006.JPG
[2099/01/01 12:00:00 | 000,805,037 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510001.JPG
[2099/01/01 12:00:00 | 000,804,604 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510013.JPG
[2099/01/01 12:00:00 | 000,802,172 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530034.JPG
[2099/01/01 12:00:00 | 000,801,404 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540032.JPG
[2099/01/01 12:00:00 | 000,800,721 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550010.JPG
[2099/01/01 12:00:00 | 000,798,538 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520008.JPG
[2099/01/01 12:00:00 | 000,796,541 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550021.JPG
[2099/01/01 12:00:00 | 000,794,977 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500014.JPG
[2099/01/01 12:00:00 | 000,793,111 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510010.JPG
[2099/01/01 12:00:00 | 000,788,547 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550019.JPG
[2099/01/01 12:00:00 | 000,787,945 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510008.JPG
[2099/01/01 12:00:00 | 000,783,879 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500010.JPG
[2099/01/01 12:00:00 | 000,783,432 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520016.JPG
[2099/01/01 12:00:00 | 000,783,294 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510021.JPG
[2099/01/01 12:00:00 | 000,782,993 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500020.JPG
[2099/01/01 12:00:00 | 000,782,311 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530007.JPG
[2099/01/01 12:00:00 | 000,782,153 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500015.JPG
[2099/01/01 12:00:00 | 000,781,938 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\3-Bears.pdf
[2099/01/01 12:00:00 | 000,778,842 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530035.JPG
[2099/01/01 12:00:00 | 000,778,766 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550003.JPG
[2099/01/01 12:00:00 | 000,778,398 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520015.JPG
[2099/01/01 12:00:00 | 000,777,733 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500023.JPG
[2099/01/01 12:00:00 | 000,777,478 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520007.JPG
[2099/01/01 12:00:00 | 000,772,771 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540010.JPG
[2099/01/01 12:00:00 | 000,771,129 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550014.JPG
[2099/01/01 12:00:00 | 000,770,563 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550011.JPG
[2099/01/01 12:00:00 | 000,769,893 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510002.JPG
[2099/01/01 12:00:00 | 000,768,176 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550015.JPG
[2099/01/01 12:00:00 | 000,766,216 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510015.JPG
[2099/01/01 12:00:00 | 000,765,775 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540015.JPG
[2099/01/01 12:00:00 | 000,764,477 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500018.JPG
[2099/01/01 12:00:00 | 000,763,371 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500013.JPG
[2099/01/01 12:00:00 | 000,762,660 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530020.JPG
[2099/01/01 12:00:00 | 000,762,362 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530023.JPG
[2099/01/01 12:00:00 | 000,762,353 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500017.JPG
[2099/01/01 12:00:00 | 000,761,950 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550004.JPG
[2099/01/01 12:00:00 | 000,759,437 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500007.JPG
[2099/01/01 12:00:00 | 000,758,825 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550005.JPG
[2099/01/01 12:00:00 | 000,754,709 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500012.JPG
[2099/01/01 12:00:00 | 000,753,981 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500016.JPG
[2099/01/01 12:00:00 | 000,751,020 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540021.JPG
[2099/01/01 12:00:00 | 000,748,069 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540029.JPG
[2099/01/01 12:00:00 | 000,747,143 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530022.JPG
[2099/01/01 12:00:00 | 000,735,391 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540026.JPG
[2099/01/01 12:00:00 | 000,734,218 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520006.JPG
[2099/01/01 12:00:00 | 000,731,907 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550009.JPG
[2099/01/01 12:00:00 | 000,731,568 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520005.JPG
[2099/01/01 12:00:00 | 000,730,350 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520024.JPG
[2099/01/01 12:00:00 | 000,729,836 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540031.JPG
[2099/01/01 12:00:00 | 000,729,188 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550007.JPG
[2099/01/01 12:00:00 | 000,728,529 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520003.JPG
[2099/01/01 12:00:00 | 000,725,306 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520014.JPG
[2099/01/01 12:00:00 | 000,724,293 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540016.JPG
[2099/01/01 12:00:00 | 000,723,837 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550018.JPG
[2099/01/01 12:00:00 | 000,722,883 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520022.JPG
[2099/01/01 12:00:00 | 000,721,149 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540034.JPG
[2099/01/01 12:00:00 | 000,720,174 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500019.JPG
[2099/01/01 12:00:00 | 000,719,548 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510006.JPG
[2099/01/01 12:00:00 | 000,718,595 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530026.JPG
[2099/01/01 12:00:00 | 000,715,067 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530037.JPG
[2099/01/01 12:00:00 | 000,713,923 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540035.JPG
[2099/01/01 12:00:00 | 000,708,084 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530010.JPG
[2099/01/01 12:00:00 | 000,707,207 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530036.JPG
[2099/01/01 12:00:00 | 000,706,793 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500006.JPG
[2099/01/01 12:00:00 | 000,705,872 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500009.JPG
[2099/01/01 12:00:00 | 000,699,589 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540018.JPG
[2099/01/01 12:00:00 | 000,698,855 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540001.JPG
[2099/01/01 12:00:00 | 000,697,189 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540003.JPG
[2099/01/01 12:00:00 | 000,695,302 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500008.JPG
[2099/01/01 12:00:00 | 000,694,655 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530027.JPG
[2099/01/01 12:00:00 | 000,692,189 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520023.JPG
[2099/01/01 12:00:00 | 000,692,144 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520013.JPG
[2099/01/01 12:00:00 | 000,688,797 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550022.JPG
[2099/01/01 12:00:00 | 000,683,673 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530009.JPG
[2099/01/01 12:00:00 | 000,683,268 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530028.JPG
[2099/01/01 12:00:00 | 000,681,533 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530032.JPG
[2099/01/01 12:00:00 | 000,678,946 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530006.JPG
[2099/01/01 12:00:00 | 000,678,090 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520010.JPG
[2099/01/01 12:00:00 | 000,677,749 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530031.JPG
[2099/01/01 12:00:00 | 000,677,644 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500024.JPG
[2099/01/01 12:00:00 | 000,674,672 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510017.JPG
[2099/01/01 12:00:00 | 000,662,030 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540036.JPG
[2099/01/01 12:00:00 | 000,656,480 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530017.JPG
[2099/01/01 12:00:00 | 000,654,462 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550008.JPG
[2099/01/01 12:00:00 | 000,653,963 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95510016.JPG
[2099/01/01 12:00:00 | 000,652,472 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540028.JPG
[2099/01/01 12:00:00 | 000,647,899 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95500002.JPG
[2099/01/01 12:00:00 | 000,647,175 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550013.JPG
[2099/01/01 12:00:00 | 000,644,950 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530030.JPG
[2099/01/01 12:00:00 | 000,638,725 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550020.JPG
[2099/01/01 12:00:00 | 000,635,201 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95550002.JPG
[2099/01/01 12:00:00 | 000,631,262 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540011.JPG
[2099/01/01 12:00:00 | 000,619,135 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530019.JPG
[2099/01/01 12:00:00 | 000,618,196 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530038.JPG
[2099/01/01 12:00:00 | 000,603,657 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540020.JPG
[2099/01/01 12:00:00 | 000,594,842 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\4DCONFIDENTIALITY NON DISCLOSURE.tif
[2099/01/01 12:00:00 | 000,594,583 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520011.JPG
[2099/01/01 12:00:00 | 000,586,742 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95520004.JPG
[2099/01/01 12:00:00 | 000,570,808 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95540002.JPG
[2099/01/01 12:00:00 | 000,548,188 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530002.JPG
[2099/01/01 12:00:00 | 000,547,687 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530029.JPG
[2099/01/01 12:00:00 | 000,544,434 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530001.JPG
[2099/01/01 12:00:00 | 000,520,192 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\3D Sustainable Community Presentation.doc
[2099/01/01 12:00:00 | 000,512,684 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530004.JPG
[2099/01/01 12:00:00 | 000,499,586 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530033.JPG
[2099/01/01 12:00:00 | 000,494,383 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\95530005.JPG
[2099/01/01 12:00:00 | 000,382,688 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\About.pdf
[2099/01/01 12:00:00 | 000,301,331 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\AB public works.jpg
[2099/01/01 12:00:00 | 000,244,224 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\110607.doc
[2099/01/01 12:00:00 | 000,243,200 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\1129 Invitation List 07 Alpha.doc
[2099/01/01 12:00:00 | 000,223,744 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\5049700 MB LTD.doc
[2099/01/01 12:00:00 | 000,219,648 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\ifortune.ppt
[2099/01/01 12:00:00 | 000,201,728 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\eur 300309.ppt
[2099/01/01 12:00:00 | 000,195,107 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\56018_spec_july2506_%20R1.pdf
[2099/01/01 12:00:00 | 000,169,472 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\cad111809.ppt
[2099/01/01 12:00:00 | 000,160,256 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\3rd Draft of Shareholders Agreement August 24 06.doc
[2099/01/01 12:00:00 | 000,150,016 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\ALEXANDER-a.doc
[2099/01/01 12:00:00 | 000,137,728 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\2nd Draft of Shareholders Agreement August 2 06.doc
[2099/01/01 12:00:00 | 000,136,857 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\AAconsultant-fees.pdf
[2099/01/01 12:00:00 | 000,099,328 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\012606FromGueryAnswersEnglish.doc
[2099/01/01 12:00:00 | 000,097,792 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\080906 Ratification Contract with BGchanges.doc
[2099/01/01 12:00:00 | 000,090,624 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\070507Contrato MUTUAL GUAPAY MURILLO.doc
[2099/01/01 12:00:00 | 000,086,016 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Rescued document.doc
[2099/01/01 12:00:00 | 000,083,968 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\080906 Ratification Contract with BGV1.doc
[2099/01/01 12:00:00 | 000,081,408 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Publication3.pub
[2099/01/01 12:00:00 | 000,078,848 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\2. Flujo El Bajio Inv. 20051101Eng.xls
[2099/01/01 12:00:00 | 000,075,776 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Publication2.pub
[2099/01/01 12:00:00 | 000,073,728 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\2. Flujo El Bajio Inv. 20051003.xls
[2099/01/01 12:00:00 | 000,072,192 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Venture Capital Resource Ltd.doc
[2099/01/01 12:00:00 | 000,070,144 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Analytical Book Review.doc
[2099/01/01 12:00:00 | 000,067,584 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\AC DE INTENCIONES GUAPAY NEUFELD FSF.doc
[2099/01/01 12:00:00 | 000,067,584 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\170807.doc
[2099/01/01 12:00:00 | 000,061,440 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Hermeneutics Paper.doc
[2099/01/01 12:00:00 | 000,060,881 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Acuson_128-10__2_.JPG
[2099/01/01 12:00:00 | 000,055,808 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Annotated Bibliography.doc
[2099/01/01 12:00:00 | 000,053,248 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Advisors.ppt
[2099/01/01 12:00:00 | 000,052,736 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\051707Finance_Minister_Spanish.doc
[2099/01/01 12:00:00 | 000,051,712 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\100506Scott to Murillio Spanish.doc
[2099/01/01 12:00:00 | 000,051,712 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\052907 Finance Minister Spanish.doc
[2099/01/01 12:00:00 | 000,049,152 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\102606 Murillo to Scott.doc
[2099/01/01 12:00:00 | 000,048,640 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\0525QuestionsToWaldoSalinasSpanish.doc
[2099/01/01 12:00:00 | 000,048,128 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\012607 JM to Scott.doc
[2099/01/01 12:00:00 | 000,047,616 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\090305ToDanielEnglishSpanish.doc
[2099/01/01 12:00:00 | 000,046,080 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Neufeld Foundation Queries 3.xls
[2099/01/01 12:00:00 | 000,045,568 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\advisory committee 01 24 05.doc
[2099/01/01 12:00:00 | 000,045,056 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\061207 Finance Minister Spanish.doc
[2099/01/01 12:00:00 | 000,041,984 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Memorandum of Understanding.doc
[2099/01/01 12:00:00 | 000,041,472 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\The Neufeld Community Development Plan.doc
[2099/01/01 12:00:00 | 000,041,472 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Alexander Appeal UoC.doc
[2099/01/01 12:00:00 | 000,041,472 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\2. Plan de Negocios El Bajio RE Inv. 20051101Eng.doc
[2099/01/01 12:00:00 | 000,039,936 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\The NeufeldHolistic Humanitarian Hope.doc
[2099/01/01 12:00:00 | 000,039,936 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\advisory committee052107.doc
[2099/01/01 12:00:00 | 000,039,424 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\AB DOJ.doc
[2099/01/01 12:00:00 | 000,038,912 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\alberto Fax Cover Sheet.doc
[2099/01/01 12:00:00 | 000,038,912 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\alberto 10 18 06-SPANISH.doc
[2099/01/01 12:00:00 | 000,038,912 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\advisory committee092706.doc
[2099/01/01 12:00:00 | 000,038,400 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\December 26[1].doc
[2099/01/01 12:00:00 | 000,038,400 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\advisory committee 032806.doc
[2099/01/01 12:00:00 | 000,037,376 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\alberto 10 17 06.doc
[2099/01/01 12:00:00 | 000,037,376 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\alberto 10 17 06 2.doc
[2099/01/01 12:00:00 | 000,037,376 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\alberto 02 02 06.doc
[2099/01/01 12:00:00 | 000,037,376 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\advisory committee 03 07 06.doc
[2099/01/01 12:00:00 | 000,037,376 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\ACTA DE FUNDACIÓN DE GUAPAY FONDO FINANCIERO PRIVADO S.doc
[2099/01/01 12:00:00 | 000,037,376 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\122105FFP Consultation to Scott English1.doc
[2099/01/01 12:00:00 | 000,037,376 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\03 23 05.doc
[2099/01/01 12:00:00 | 000,036,864 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\abg mar 4 05.doc
[2099/01/01 12:00:00 | 000,036,352 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\affidavit Aug 2007.doc
[2099/01/01 12:00:00 | 000,036,352 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\advisory committee minutes 101606.doc
[2099/01/01 12:00:00 | 000,036,352 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\102005GueryToJack_Scott[1].doc
[2099/01/01 12:00:00 | 000,036,352 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\071206.doc
[2099/01/01 12:00:00 | 000,035,840 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Advisory Board 2006.doc
[2099/01/01 12:00:00 | 000,035,840 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\07 - Income Statement (August 2005)1.xls
[2099/01/01 12:00:00 | 000,035,328 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\2006 02 17.xls
[2099/01/01 12:00:00 | 000,035,328 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\100MileAvantiHempMOU.doc
[2099/01/01 12:00:00 | 000,034,304 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\December 13, 2006 Meeting.doc
[2099/01/01 12:00:00 | 000,033,280 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\020306FUNDACIÓN NEULFELDfromMurilloEnglish.doc
[2099/01/01 12:00:00 | 000,032,768 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\affidavit Aug 2007 contempt.doc
[2099/01/01 12:00:00 | 000,032,256 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Jan 10 2007 letter RMC1.doc
[2099/01/01 12:00:00 | 000,032,256 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\102405_To_Guery[1].doc
[2099/01/01 12:00:00 | 000,031,744 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Balance Sheet August 31-06.xls
[2099/01/01 12:00:00 | 000,031,232 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\ACTA DE FUNDACIÓN DE GUAPAY corregida 24.11 English.doc
[2099/01/01 12:00:00 | 000,031,232 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\072207MemorandumOfUnderstanding Spanish.doc
[2099/01/01 12:00:00 | 000,031,135 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\1DigestRecond.jpg
[2099/01/01 12:00:00 | 000,030,720 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\IncomeStatement Sept 05 - Aug 31-06.xls
[2099/01/01 12:00:00 | 000,030,208 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\080906 AA Suggestions.doc
[2099/01/01 12:00:00 | 000,029,838 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\1Former.jpg
[2099/01/01 12:00:00 | 000,029,696 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\102705 Owners Wait 8 Months to Get Their Homes.doc
[2099/01/01 12:00:00 | 000,029,637 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\1RawMaterBins.jpg
[2099/01/01 12:00:00 | 000,029,519 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\1_SproutWaldMotor.jpg
[2099/01/01 12:00:00 | 000,029,184 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Alexis Edgelow.doc
[2099/01/01 12:00:00 | 000,029,184 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\052907RESOLUTION FINAL.doc
[2099/01/01 12:00:00 | 000,029,184 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\020107 AA to Scott.doc
[2099/01/01 12:00:00 | 000,028,160 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Transcript May 30, 2008 Tom.doc
[2099/01/01 12:00:00 | 000,027,648 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Nov. 22.doc
[2099/01/01 12:00:00 | 000,027,648 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Dec. 8-12 Lima Piura.doc
[2099/01/01 12:00:00 | 000,027,648 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\112505 fromGueryEnglish1.doc
[2099/01/01 12:00:00 | 000,027,648 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\092706Murrillo to Jack.doc
[2099/01/01 12:00:00 | 000,027,136 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\alison-econpaper.doc
[2099/01/01 12:00:00 | 000,027,136 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Alexis Aug 3, 2007.doc
[2099/01/01 12:00:00 | 000,027,136 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\ACTA DE APROBACION DE ESTATUTOS.doc
[2099/01/01 12:00:00 | 000,027,136 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\110805 El Deber English.doc
[2099/01/01 12:00:00 | 000,026,624 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\April 9-15 Plan.doc
[2099/01/01 12:00:00 | 000,026,112 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Falsely Labeling People Because of Race.doc
[2099/01/01 12:00:00 | 000,025,600 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\112105ProjectionsFor422Houses.xls
[2099/01/01 12:00:00 | 000,025,088 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Project Summaries August 31-06.xls
[2099/01/01 12:00:00 | 000,025,088 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Agenda Worx BSR Jan 13.doc
[2099/01/01 12:00:00 | 000,025,088 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\2006 Summary of Fitch Rating on Mutual Guapay.doc
[2099/01/01 12:00:00 | 000,025,088 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\07 - Balance Sheet (August 2005).xls
[2099/01/01 12:00:00 | 000,024,866 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\1SproutMotor.jpg
[2099/01/01 12:00:00 | 000,024,742 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\2DigestorRecond.jpg
[2099/01/01 12:00:00 | 000,024,576 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Agenda Urban Design March 28.doc
[2099/01/01 12:00:00 | 000,024,576 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\4.doc
[2099/01/01 12:00:00 | 000,024,291 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\ABS Feb 06.pdf
[2099/01/01 12:00:00 | 000,024,112 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Test Page.mdi
[2099/01/01 12:00:00 | 000,024,064 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Alexis Aug. 7, 2007.doc
[2099/01/01 12:00:00 | 000,024,064 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Akualand.doc
[2099/01/01 12:00:00 | 000,023,727 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\1RotaryScreens.jpg
[2099/01/01 12:00:00 | 000,023,368 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\13385_Euston_-_AMENDED_NOH_-_2005-11-28_-__1963937.pdf
[2099/01/01 12:00:00 | 000,022,756 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\1DigestorTank.jpg
[2099/01/01 12:00:00 | 000,022,528 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Libertador letter Dec. 23.doc
[2099/01/01 12:00:00 | 000,019,456 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\2006 01 12.xls
[2099/01/01 12:00:00 | 000,016,896 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Budget.xls
[2099/01/01 12:00:00 | 000,016,896 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\2008.xls
[2099/01/01 12:00:00 | 000,016,188 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\07.tif
[2099/01/01 12:00:00 | 000,007,463 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\ae.ini
[2099/01/01 12:00:00 | 000,006,797 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\image-5241330-0002.htm
[2099/01/01 12:00:00 | 000,006,795 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\04nov17.willson.wpd
[2099/01/01 12:00:00 | 000,006,148 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\.DS_Store
[2099/01/01 12:00:00 | 000,005,227 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\0509_aston_volante_1.jpg
[2099/01/01 12:00:00 | 000,001,162 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Default.rdp
[2099/01/01 12:00:00 | 000,000,583 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Copy of My Sharing Folders.lnk
[2099/01/01 12:00:00 | 000,000,550 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\PricePage1.tbl
[2099/01/01 12:00:00 | 000,000,520 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\spider.sav
[2099/01/01 12:00:00 | 000,000,407 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\My Sharing Folders.lnk
[2099/01/01 12:00:00 | 000,000,232 | ---- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\Quick Introduction.wwl
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$vitation List 07.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$vitation List 07 Alpha.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$visory committee minutes 101606.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$visory committee 032806.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$visory Board 2006.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$vestors Insight Oct 06.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$vd pic.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$UWorxandBioSol.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$U 060306.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$U 060306 2.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$SOLUCION DE DIRECTORIO DE LA.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$set Purchase Agr 03.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$rter060607.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$rillo 072306.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$rillo 060306.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$r 29 06.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$ort Term Budget Nov.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$nutes July 26th.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$ntury Fax Cover Sheet.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$ntury Dep Fax Cover Sheet.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$ntrato MUTUAL GUAPAY MURILLO1 (2).doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$NDSIF 150807.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$NDSIF 140807.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$NDESIF capitalization 070107E.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$NDESIF capitalization 070107.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$Names1.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$nada-Peru Consolidated Draft Text - 19 July 2006.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$n 18 07.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$mpare1isobord.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$LIVIA_MUTUAL_GUAPAY_EXEC._SUM._42505.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$istory.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$is document is to verify GeoffreyScottEdgelow Spanish.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$inion012207.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$infJul2406English.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$gust 1806.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$E OF PROCEEDS.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$E JACK NEUFELD FAMILY FOUNDATION.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$delow 3 28 06.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$d Draft of Shareholders Agreement August 2 06.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$cember 26.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$berto 10 17 06.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$berto 02 02 06.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$b BeasleyBiography.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$areLOI.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$ard of Directors 2006.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$ard Invitation List 07.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$anti0207.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$anti Polymers Ltd - Draft exec (3).doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$2705 Owners Wait 8 Months to Get Their Homes.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$2606 Murillo to Scott.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$2005GueryToJack_Scott[1].doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$110607.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$012407.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$. Robert J. Munro.doc
[2099/01/01 12:00:00 | 000,000,162 | -H-- | C] () -- \\srv-ads-01\Scott.Edgelow$\My Documents\~$ 23 05.doc
[2010/02/26 16:17:28 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/02/26 16:17:15 | 000,000,618 | ---- | C] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\NTREGOPT.lnk
[2010/02/26 16:17:15 | 000,000,599 | ---- | C] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\ERUNT.lnk
[2010/02/26 15:30:50 | 000,001,609 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/02/26 12:33:46 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/26 12:22:39 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Desktop\gmer.zip
[2010/02/26 02:59:00 | 000,010,449 | ---- | C] () -- C:\Program Files\hijackthis.log3
[2010/02/26 01:42:42 | 000,014,201 | ---- | C] () -- C:\Program Files\hijackthis.log2
[2009/10/12 19:38:35 | 000,033,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2009/05/14 14:29:30 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2009/03/17 09:04:59 | 000,000,141 | ---- | C] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Local Settings\Application Data\fusioncache.dat
[2009/02/09 19:53:30 | 000,000,036 | ---- | C] () -- C:\WINDOWS\EWA3.INI
[2009/02/09 19:53:14 | 000,053,248 | ---- | C] () -- C:\WINDOWS\ZLIB.DLL
[2008/11/24 16:02:48 | 000,022,090 | ---- | C] () -- C:\WINDOWS\WinSig.ini
[2008/11/24 16:02:48 | 000,002,927 | ---- | C] () -- C:\WINDOWS\WinRos.ini
[2008/08/23 02:59:33 | 000,000,359 | -HS- | C] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\02000000bb2bfec2P.manifest
[2008/08/23 02:59:33 | 000,000,013 | -HS- | C] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\02000000bb2bfec2C.manifest
[2008/08/23 02:59:33 | 000,000,011 | -HS- | C] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\02000000bb2bfec2S.manifest
[2008/08/23 02:59:33 | 000,000,011 | -HS- | C] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\02000000bb2bfec2O.manifest
[2008/08/23 02:59:33 | 000,000,007 | -HS- | C] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\02000000bb2bfec2R.manifest
[2007/11/14 10:06:25 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/12 21:02:05 | 000,040,430 | ---- | C] () -- C:\Documents and Settings\Scott.Edgelow.CORP\Local Settings\Application Data\FASTWiz.log
[2007/11/06 11:23:27 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/11/06 11:23:27 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/11/06 11:23:27 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/11/06 11:23:27 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/11/06 11:23:27 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/11/06 11:23:26 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/11/05 21:16:25 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/11/01 13:33:53 | 000,087,800 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2007/11/01 12:17:47 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007/11/01 11:44:37 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2007/10/19 17:56:16 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/10/19 17:54:28 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/10/19 17:54:28 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/10/18 02:02:34 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/09/27 08:35:51 | 012,413,440 | ---- | C] () -- C:\Program Files\avgas-setup-7.5.1.43.exe
[2007/09/25 15:50:40 | 000,006,862 | ---- | C] () -- C:\Program Files\hijackthis.log
[2007/08/07 19:42:44 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7L.DLL
[2007/03/26 21:13:43 | 000,000,035 | ---- | C] () -- C:\WINDOWS\RET.INI
[2007/01/26 07:43:17 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/01/10 03:23:06 | 000,274,507 | ---- | C] () -- C:\WINDOWS\System32\FXMathLib.dll
[2007/01/10 03:22:57 | 008,063,943 | ---- | C] () -- C:\Program Files\fxgtsts.exe
[2006/11/07 17:37:19 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\HKLock.dll
[2006/11/07 17:37:19 | 000,057,344 | ---- | C] () -- C:\WINDOWS\HKLock.dll
[2006/11/07 17:37:19 | 000,005,253 | ---- | C] () -- C:\WINDOWS\System32\Wtvk.dll
[2006/11/06 21:46:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/11/06 21:42:22 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS71.DLL
[2006/10/31 11:51:21 | 000,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tbiosdrv.sys
[2006/03/02 23:59:05 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/03/02 23:07:17 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2006/02/21 08:41:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006/02/21 08:32:23 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys
[2006/02/21 08:32:23 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2006/02/21 08:31:45 | 000,000,428 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/21 07:18:38 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006/02/21 07:18:37 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006/02/21 07:18:37 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006/02/21 07:18:37 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006/02/21 06:49:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/21 03:38:36 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/02/21 01:37:59 | 000,002,328 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/11/28 05:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/09/02 15:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/22 22:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/12/20 11:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/20 11:03:26 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/07/20 18:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 15:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2004/01/13 03:46:00 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2008/10/14 15:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2009/04/21 13:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluebeam Software
[2007/08/07 19:42:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/11/12 22:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSignal
[2009/10/12 19:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\f-secure
[2009/10/12 19:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\fssg
[2007/09/27 08:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2010/02/26 00:37:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\performance
[2007/09/25 15:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2006/12/06 16:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/02/20 11:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\Canon
[2009/09/17 10:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\counters
[2009/09/17 10:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\eSignal
[2009/10/12 19:50:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\f-secure
[2010/02/07 21:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\ICM Live WinTrader
[2009/03/23 11:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\Infinity.DEMO
[2007/11/06 11:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\InterVideo
[2009/09/05 14:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\mjusbsp
[2007/06/14 17:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\Paltalk
[2009/09/16 22:18:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\Professional
[2007/07/19 16:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\toshiba
[2009/04/29 04:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott.Edgelow.CORP\Application Data\webex
[2010/02/26 11:34:11 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
[2010/02/27 08:43:15 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2008/09/19 16:37:58 | 019,577,683 | ---- | M] () -- C:\RETv11009Upgrade.exe
[2008/03/24 13:24:39 | 006,951,187 | ---- | M] () -- C:\RETv1912Upgrade.exe
[2008/11/19 17:50:06 | 000,734,520 | ---- | M] (Microsoft Corporation) -- C:\WindowsXP-KB921337-x86-ENU.exe
< MD5 for: AGP440.SYS >
[2004/08/04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\Utility\WinXP\CD-WinXPpro-wSP2\I386\sp2.cab:AGP440.sys
[2004/08/04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[2004/08/04 00:05:44 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004/08/04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\Utility\WinXP\CD-WinXPpro-wSP2\I386\sp2.cab:atapi.sys
[2004/08/04 00:05:44 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/04 00:05:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2004/08/03 23:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/03 23:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2009/02/06 11:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 11:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/03 23:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/03 23:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004/08/03 23:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/03 23:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2007/11/01 05:51:56 | 000,524,288 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007/11/01 11:47:15 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2007/11/01 05:51:56 | 024,117,248 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007/11/01 05:51:58 | 004,980,736 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
========== Alternate Data Streams ==========
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\SP2.CAT:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdvntc.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdurdu.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdth3.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdth2.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdth1.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdth0.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdsyr2.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdsyr1.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdintel.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdintam.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdinpun.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdinmar.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdinkan.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdinhin.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdinguj.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdindev.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdheb.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdgeo.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdfa.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbddiv2.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbddiv1.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdarmw.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbdarme.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbda3.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbda2.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\kbda1.dll:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\dllcache\IMS.CAT:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System32\blat.exe:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System\mpgaudio.ax:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\WINDOWS\System\iviaudio.ax:CA_INOCULATEIT
@Alternate Data Stream - 512 bytes -> C:\cmldr:CA_INOCULATEIT
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:27AAAD97
< End of report >
Sign In
Create Account
