Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Google redirect, random audio ads playing, Microsoft Security Essentials disabled

Started by ckbruin , Jul 16 2012 03:23 AM

This topic is locked

12 replies to this topic

#1 ckbruin

Member

Members
17 posts

Gender:Male

Posted 16 July 2012 - 03:23 AM

Here's the link to the topic in the "Am I infected?" forum that I posted up: http://www.bleepingcomputer.com/forums/topic460619.html

As stated in the topic above, Google redirects to other sites when I use their search engine. I also hear random audio advertisements with no visible browser and Microsoft Security Essentials is disabled for some reason. I ran a Malwarebytes scan, removed a few malware, then restarted my computer. Promptly after booting up again, my computer again played audio ads after about an hour or so. In addition, all of the other problems continued to happen.

Currently, all my programs still work correctly, including all browsers and games. My computer runs Windows 7 32-bit Professional.

Any and all help is appreciated!

DDS Log:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7601.17514
Run by Telesis at 0:25:27 on 2012-07-16
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3068.1761 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cobian Backup 11\cbVSCService11.exe
C:\Program Files\Cobian Backup 11\cbService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
F:\Program Files\Hi-Rez Studios\HiPatchService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
F:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
F:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Cobian Backup 11\cbInterface.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
F:\Program Files\Steam\Steam.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Telesis\AppData\Roaming\Dropbox\bin\Dropbox.exe
F:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://youtube.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
BHO: CorePluginIEBHO Class: {13fa2453-9287-4f18-8554-976d7c02f4ee} - f:\perfect world entertainment\core client\plugins\CorePluginIE.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - c:\program files\microsoft\bingbar\7.1.361.0\BingExt.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~1\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~1\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - "c:\program files\microsoft\bingbar\7.1.361.0\BingExt.dll"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Steam] "f:\program files\steam\steam.exe" -silent
uRun: [Apple Computer] rundll32.exe "c:\users\telesis\appdata\local\arktos\apple computer\btyvpvae.dll",CreateInstance
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Microsoft] rundll32.exe "c:\users\telesis\appdata\local\pando_temp\microsoft\dmucjvldv.dll",CreateInstance
uRun: [mtolis] "c:\windows\system32\rundll32.exe" "c:\users\telesis\appdata\roaming\mtolis.dll",FrameNumNamedMatrices
uRun: [Google Update] "c:\users\telesis\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [InstallIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "f:\program files\quicktime\QTTask.exe" -atboottime
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\program files\amd avt\bin\kdbsync.exe" aml
mRun: [SBRegRebootCleaner] "c:\program files\ad-aware antivirus\SBRC.exe"
mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start
mRun: [Malwarebytes' Anti-Malware] "f:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Cobian Backup 11 interface] "c:\program files\cobian backup 11\cbInterface.exe" -service
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
StartupFolder: c:\users\telesis\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\telesis\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\telesis\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - f:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\gamers~1.lnk - c:\program files\gamersfirst\live!\Live.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\micros~1\office14\ONBttnIE.dll/105
IE: {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - c:\program files\amazon\add to wish list ie extension\run.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.137.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{353DFAAC-1F5A-4015-AE8E-FB16982DC885} : DhcpNameServer = 10.0.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~1\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\telesis\appdata\roaming\mozilla\firefox\profiles\y0j2hf25.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\micros~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\iahgames\playfast\npiahpd.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\users\telesis\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\users\telesis\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dll
FF - plugin: f:\perfect world entertainment\core client\plugins\npCorePluginFF.dll
FF - plugin: f:\program files\itunes\mozilla plugins\npitunes.dll
FF - plugin: f:\program files\quicktime\plugins\npqtplugin.dll
FF - plugin: f:\program files\quicktime\plugins\npqtplugin2.dll
FF - plugin: f:\program files\quicktime\plugins\npqtplugin3.dll
FF - plugin: f:\program files\quicktime\plugins\npqtplugin4.dll
FF - plugin: f:\program files\quicktime\plugins\npqtplugin5.dll
FF - plugin: f:\program files\quicktime\plugins\npqtplugin6.dll
FF - plugin: f:\program files\quicktime\plugins\npqtplugin7.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;f:\program files\hi-rez studios\HiPatchService.exe [2012-6-28 8704]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 171064]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-9-8 65584]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-6-11 217600]
R2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
R2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files\cobian backup 11\cbVSCService11.exe [2012-7-3 67584]
R2 CobianBackup11;Cobian Backup 11 Gravity;c:\program files\cobian backup 11\cbService.exe [2012-7-3 1131008]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2012-6-27 1385896]
R2 MBAMService;MBAMService;f:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-7-14 655944]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2010-5-4 503080]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2012-6-11 8733696]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2012-6-11 295936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-2-23 86544]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-6-13 22344]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-21 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-8-22 2255464]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-3 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-12 250056]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-5-21 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-21 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-28 113120]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 74112]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-6 52224]
S3 vproiah;vproiah;c:\windows\system32\drivers\vproiah.sys [2011-8-20 16128]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-5-20 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-07-13 12:30:00 -------- d-----w- c:\users\telesis\appdata\roaming\Unity
2012-07-12 20:34:55 -------- d-----w- c:\program files\AMD APP
2012-07-03 10:29:14 -------- d-----w- c:\program files\Cobian Backup 11
2012-06-29 21:46:42 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
2012-06-29 21:46:42 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
2012-06-28 04:21:08 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-06-26 23:13:10 -------- d-----w- c:\users\telesis\appdata\roaming\.techniclauncher
2012-06-25 08:29:42 -------- d-----w- c:\users\telesis\appdata\local\Macromedia
2012-06-25 08:22:58 -------- d-----r- c:\users\telesis\appdata\local\{3F3EAC3C-BD5E-11E1-8270-B8AC6F996F26}
2012-06-23 18:10:15 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-06-23 18:07:17 -------- d-----w- c:\users\telesis\appdata\local\{3F3E745F-BD5E-11E1-8270-B8AC6F996F26}
2012-06-23 18:07:13 353792 ----a-w- c:\users\telesis\appdata\roaming\mtolis.dll
2012-06-23 18:06:14 -------- d-----w- c:\programdata\B7E85889000D8E97006BA627B4EB238B
2012-06-23 18:06:05 -------- d-----w- c:\users\telesis\appdata\roaming\Ipheu
2012-06-23 18:06:05 -------- d-----w- c:\users\telesis\appdata\roaming\Byohsi
2012-06-23 18:06:05 -------- d-----w- c:\users\telesis\appdata\roaming\Alebel
2012-06-23 09:56:05 -------- d-----w- c:\users\telesis\appdata\roaming\.spoutcraft
2012-06-22 23:34:13 6762896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{366c1fb4-94ef-4ddc-b37a-1b3730e80adc}\mpengine.dll
2012-06-21 04:06:57 6762896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-06-19 09:07:58 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-19 09:07:43 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-19 09:07:20 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-19 09:07:20 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-18 01:35:19 -------- d-----w- c:\users\telesis\appdata\local\{C26DF1CE-7CA9-4B58-B9E7-74B4BAB3C904}
2012-06-18 01:35:18 -------- d-----w- c:\users\telesis\appdata\local\{861E1CA1-4A84-4735-99F9-D13E2FB5B501}
.
==================== Find3M ====================
.
2012-07-12 21:35:20 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-12 21:35:20 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-05 22:09:36 140480 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-07-05 22:09:25 298016 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-07-05 22:09:25 298016 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-07-05 07:52:03 298016 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-07-04 06:02:58 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-07-04 05:03:58 138056 ----a-w- c:\users\telesis\appdata\roaming\PnkBstrK.sys
2012-07-04 02:08:38 3130440 ----a-w- c:\windows\system32\pbsvc_blr.exe
2012-07-03 20:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-11 20:50:42 159232 ----a-w- c:\windows\system32\clinfo.exe
2012-06-11 20:50:24 65024 ----a-w- c:\windows\system32\OpenVideo.dll
2012-06-11 20:50:14 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-06-11 20:49:22 13008896 ----a-w- c:\windows\system32\amdocl.dll
2012-06-11 18:58:44 8733696 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-06-11 18:35:40 58880 ----a-w- c:\windows\system32\coinst_8.98.dll
2012-06-11 18:00:32 20467712 ----a-w- c:\windows\system32\atioglxx.dll
2012-06-11 17:25:06 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-06-11 17:24:58 924160 ----a-w- c:\windows\system32\aticfx32.dll
2012-06-11 17:20:02 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-06-11 17:19:36 468992 ----a-w- c:\windows\system32\atieclxx.exe
2012-06-11 17:19:02 217600 ----a-w- c:\windows\system32\atiesrxx.exe
2012-06-11 17:17:50 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-06-11 17:17:40 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-06-11 17:17:32 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-06-11 17:16:48 6301696 ----a-w- c:\windows\system32\atidxx32.dll
2012-06-11 16:45:46 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-06-11 16:45:44 5480448 ----a-w- c:\windows\system32\atiumdag.dll
2012-06-11 16:45:38 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-06-11 16:43:18 4729344 ----a-w- c:\windows\system32\atiumdva.dll
2012-06-11 16:40:58 13277696 ----a-w- c:\windows\system32\aticaldd.dll
2012-06-11 16:26:52 368640 ----a-w- c:\windows\system32\atiadlxx.dll
2012-06-11 16:26:36 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-06-11 16:26:22 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-06-11 16:25:48 295936 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-06-11 16:25:12 42496 ----a-w- c:\windows\system32\atiuxpag.dll
2012-06-11 16:24:58 32768 ----a-w- c:\windows\system32\atiu9pag.dll
2012-06-11 16:24:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-06-11 16:23:10 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-06-11 16:23:10 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-05-30 04:47:44 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2012-05-30 04:47:44 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2012-05-26 09:22:23 674600 ----a-w- c:\windows\system32\pbsvc.exe
2012-05-15 03:03:54 981504 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 01:05:38 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-05-01 04:44:12 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:17:07 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 04:45:55 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 04:45:54 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:41:16 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 04:36:42 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-20 03:16:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 0:27:09.62 ===============

Attached Files

Attach.txt 12.45K 0 downloads
ark.txt 11.76K 1 downloads

Edited by ckbruin, 16 July 2012 - 03:25 AM.

BC Ads
BleepingComputer.com

#2 CatByte

bleepin' tiger

Malware Response Team
13,569 posts

Gender:Not Telling
Location:Canada

Posted 16 July 2012 - 10:25 AM

Hi,

Please run the following

Refer to the ComboFix User's Guide

Download ComboFix from the following location:

Link

* IMPORTANT !!! Place ComboFix.exe on your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
You can get help on disabling your protection programs here
Double click on ComboFix.exe & follow the prompts.
Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

---------------------------------------------------------------------------------------------
Ensure your AntiVirus and AntiSpyware applications are re-enabled.

---------------------------------------------------------------------------------------------

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

The help you receive here is free. If you wish to show your appreciation, then you may
Microsoft MVP - 2010, 2011, 2012

#3 ckbruin

Member

Members
17 posts

Gender:Male

Posted 16 July 2012 - 03:11 PM

Combofix Log:

ComboFix 12-07-16.01 - Telesis 07/16/2012 12:53:51.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3068.2073 [GMT -7:00]
Running from: c:\users\Telesis\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\users\Telesis\AppData\Local\Pando_Temp\Microsoft\dmucjvldv.dll
c:\users\Telesis\AppData\Roaming\mtolis.dll
c:\windows\Installer\{ce6eb33f-3405-9ad3-1bed-a8fc21d6ad11}\@
c:\windows\Installer\{ce6eb33f-3405-9ad3-1bed-a8fc21d6ad11}\U\00000001.@
c:\windows\Installer\{ce6eb33f-3405-9ad3-1bed-a8fc21d6ad11}\U\80000000.@
c:\windows\Installer\{ce6eb33f-3405-9ad3-1bed-a8fc21d6ad11}\U\800000cb.@
c:\windows\security\Database\tmp.edb
c:\windows\system32\tmpFB7.tmp
c:\windows\system32\tmpFC8.tmp
F:\install.exe
.
Infected copy of c:\windows\system32\Services.exe was found and disinfected
Restored copy from - c:\combofix\HarddiskVolumeShadowCopy3_!Windows!winsxs!x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b!services.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-06-16 to 2012-07-16 )))))))))))))))))))))))))))))))
.
.
2012-07-13 12:30 . 2012-07-13 12:30 -------- d-----w- c:\users\Telesis\AppData\Roaming\Unity
2012-07-12 20:35 . 2012-07-12 20:35 -------- d-----w- c:\programdata\ATI
2012-07-12 20:34 . 2012-07-12 20:34 -------- d-----w- c:\program files\AMD APP
2012-07-06 05:21 . 2012-07-06 06:59 -------- d-----w- c:\users\Telesis\AppData\Roaming\FileZilla
2012-07-03 10:29 . 2012-07-03 10:29 -------- d-----w- c:\program files\Cobian Backup 11
2012-06-29 21:46 . 2012-06-29 21:46 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-29 21:46 . 2012-06-29 21:46 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-28 04:21 . 2012-06-28 04:21 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-06-26 23:13 . 2012-07-16 11:56 -------- d-----w- c:\users\Telesis\AppData\Roaming\.techniclauncher
2012-06-25 08:29 . 2012-06-25 08:29 -------- d-----w- c:\users\Telesis\AppData\Local\Macromedia
2012-06-25 08:22 . 2012-06-26 21:45 -------- d-----r- c:\users\Telesis\AppData\Local\{3F3EAC3C-BD5E-11E1-8270-B8AC6F996F26}
2012-06-23 18:10 . 2012-06-23 18:10 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-06-23 18:07 . 2012-06-23 18:07 -------- d-----w- c:\users\Telesis\AppData\Local\{3F3E745F-BD5E-11E1-8270-B8AC6F996F26}
2012-06-23 18:06 . 2012-06-23 18:11 -------- d-----w- c:\programdata\B7E85889000D8E97006BA627B4EB238B
2012-06-23 18:06 . 2012-07-03 06:02 -------- d-----w- c:\users\Telesis\AppData\Roaming\Alebel
2012-06-23 18:06 . 2012-06-30 01:59 -------- d-----w- c:\users\Telesis\AppData\Roaming\Ipheu
2012-06-23 18:06 . 2012-06-23 18:06 -------- d-----w- c:\users\Telesis\AppData\Roaming\Byohsi
2012-06-23 09:56 . 2012-06-26 01:25 -------- d-----w- c:\users\Telesis\AppData\Roaming\.spoutcraft
2012-06-22 23:34 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{366C1FB4-94EF-4DDC-B37A-1B3730E80ADC}\mpengine.dll
2012-06-21 04:06 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-19 09:07 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-19 09:07 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-19 09:07 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-19 09:07 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-19 09:07 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-19 09:07 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-19 09:07 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-19 09:07 . 2012-06-02 22:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-19 09:07 . 2012-06-02 22:12 33792 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 21:35 . 2012-04-13 03:17 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-12 21:35 . 2011-05-21 18:41 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-05 22:09 . 2011-07-11 22:04 140480 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-07-05 22:09 . 2011-07-11 22:04 298016 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-07-05 22:09 . 2011-07-11 22:03 298016 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-07-05 07:52 . 2011-07-11 22:03 298016 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-07-04 06:02 . 2011-07-11 22:03 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-07-04 05:03 . 2011-07-11 22:04 138056 ----a-w- c:\users\Telesis\AppData\Roaming\PnkBstrK.sys
2012-07-04 02:08 . 2012-02-03 05:00 3130440 ----a-w- c:\windows\system32\pbsvc_blr.exe
2012-07-03 20:46 . 2011-06-13 10:55 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-11 20:50 . 2012-06-11 20:50 159232 ----a-w- c:\windows\system32\clinfo.exe
2012-06-11 20:50 . 2012-06-11 20:50 65024 ----a-w- c:\windows\system32\OpenVideo.dll
2012-06-11 20:50 . 2012-06-11 20:50 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-06-11 20:49 . 2012-06-11 20:49 13008896 ----a-w- c:\windows\system32\amdocl.dll
2012-06-11 18:58 . 2012-06-11 18:58 8733696 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-06-11 18:35 . 2012-06-11 18:35 58880 ----a-w- c:\windows\system32\coinst_8.98.dll
2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\system32\atioglxx.dll
2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-06-11 17:24 . 2011-04-20 09:09 924160 ----a-w- c:\windows\system32\aticfx32.dll
2012-06-11 17:20 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-06-11 17:19 . 2012-06-11 17:19 468992 ----a-w- c:\windows\system32\atieclxx.exe
2012-06-11 17:19 . 2012-06-11 17:19 217600 ----a-w- c:\windows\system32\atiesrxx.exe
2012-06-11 17:17 . 2012-06-11 17:17 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-06-11 17:17 . 2012-06-11 17:17 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-06-11 17:16 . 2011-04-20 08:59 6301696 ----a-w- c:\windows\system32\atidxx32.dll
2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-06-11 16:45 . 2011-11-10 02:33 5480448 ----a-w- c:\windows\system32\atiumdag.dll
2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-06-11 16:43 . 2011-11-10 02:29 4729344 ----a-w- c:\windows\system32\atiumdva.dll
2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\system32\aticaldd.dll
2012-06-11 16:26 . 2012-06-11 16:26 368640 ----a-w- c:\windows\system32\atiadlxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-06-11 16:25 . 2012-06-11 16:25 295936 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-06-11 16:25 . 2011-04-20 08:21 42496 ----a-w- c:\windows\system32\atiuxpag.dll
2012-06-11 16:24 . 2011-04-20 08:21 32768 ----a-w- c:\windows\system32\atiu9pag.dll
2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-05-30 04:47 . 2011-09-02 01:39 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2012-05-30 04:47 . 2011-09-02 01:39 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2012-05-26 09:22 . 2012-05-08 05:26 674600 ----a-w- c:\windows\system32\pbsvc.exe
2012-05-15 03:03 . 2012-06-13 19:43 981504 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 01:05 . 2012-06-13 19:43 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-05-01 04:44 . 2012-06-13 19:43 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:17 . 2012-06-13 19:43 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 04:45 . 2012-06-13 19:43 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 04:45 . 2012-06-13 19:43 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:41 . 2012-06-13 19:43 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 04:36 . 2012-06-13 19:43 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 19:43 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 19:43 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-20 03:16 . 2012-06-13 19:43 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-29 21:46 . 2012-05-28 18:51 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{13FA2453-9287-4F18-8554-976D7C02F4EE}]
2012-01-11 05:43 63368 ----a-w- f:\perfect world entertainment\CORE Client\plugins\CorePluginIE.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2012-02-10 18:28 1307928 ----a-w- c:\program files\Microsoft\BingBar\7.1.361.0\BingExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Telesis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Telesis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Telesis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-21 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-03 17417392]
"InstallIQUpdater"="c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe" [2011-08-10 1176064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"QuickTime Task"="f:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2009-09-13 103768]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1313640]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 931200]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"Malwarebytes' Anti-Malware"="f:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"Cobian Backup 11 interface"="c:\program files\Cobian Backup 11\cbInterface.exe" [2012-06-30 4407808]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
.
c:\users\Telesis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Telesis\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-6-13 27595032]
MagicDisc.lnk - f:\program files\MagicDisc\MagicDisc.exe [2011-12-7 576000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2011-8-15 2589808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 nxsnbztk;nxsnbztk;c:\windows\system32\drivers\nxsnbztk.sys [x]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 vproiah;vproiah;c:\windows\system32\DRIVERS\vproiah.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 XDva389;XDva389;c:\windows\system32\XDva389.sys [x]
R3 XDva391;XDva391;c:\windows\system32\XDva391.sys [x]
R3 XDva392;XDva392;c:\windows\system32\XDva392.sys [x]
R3 XDva394;XDva394;c:\windows\system32\XDva394.sys [x]
R3 XDva397;XDva397;c:\windows\system32\XDva397.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x]
S2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files\Cobian Backup 11\cbVSCService11.exe [x]
S2 CobianBackup11;Cobian Backup 11 Gravity;c:\program files\Cobian Backup 11\cbService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S2 MBAMService;MBAMService;f:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 21:35]
.
2012-07-16 c:\windows\Tasks\FinalTorrent Update Checker.job
- c:\program files\FinalTorrent\FTCheckForUpdates.exe [2011-11-07 23:24]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-21 18:41]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-21 18:41]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2310123422-4128129539-160789890-1000Core.job
- c:\users\Telesis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-25 07:54]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2310123422-4128129539-160789890-1000UA.job
- c:\users\Telesis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-25 07:54]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://youtube.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\users\Telesis\AppData\Roaming\Mozilla\Firefox\Profiles\y0j2hf25.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Apple Computer - c:\users\Telesis\AppData\Local\Arktos\Apple Computer\btyvpvae.dll
HKCU-Run-mtolis - c:\users\Telesis\AppData\Roaming\mtolis.dll
HKLM-Run-SBRegRebootCleaner - c:\program files\Ad-Aware Antivirus\SBRC.exe
SafeBoot-MsMpSvc
AddRemove-Half-Life Dedicated Server Update Tool - f:\kfserver\UNWISE.EXE
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(960)
c:\users\Telesis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\atieclxx.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
f:\program files\Hi-Rez Studios\HiPatchService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2012-07-16 13:09:05 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-16 20:09
.
Pre-Run: 77,873,836,032 bytes free
Post-Run: 82,205,573,120 bytes free
.
- - End Of File - - 4759843031139A1753A0A2A3444C89E8

#4 CatByte

bleepin' tiger

Malware Response Team
13,569 posts

Gender:Not Telling
Location:Canada

Posted 16 July 2012 - 04:00 PM

Hi,

Please do the following:

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.
They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".

Copy/paste the text inside the Codebox below into notepad:

Here's how to do that:
Click Start > Run type Notepad click OK.
This will open an empty notepad file:

Copy all the text inside of the code box - Press Ctrl+C (or right click on the highlighted section and choose 'copy')

Driver::
nxsnbztk
vproiah

Folder::
c:\users\Telesis\AppData\Local\{3F3E745F-BD5E-11E1-8270-B8AC6F996F26}
c:\programdata\B7E85889000D8E97006BA627B4EB238B
c:\users\Telesis\AppData\Roaming\Alebel
c:\users\Telesis\AppData\Roaming\Ipheu
c:\users\Telesis\AppData\Roaming\Byohsi
c:\users\Telesis\AppData\Roaming\.spoutcraft

ClearJavaCache::

Now paste the copied text into the open notepad - press CTRL+V (or right click and choose 'paste')

Save this file to your desktop, Save this as "CFScript"

Here's how to do that:

1.Click File;
2.Click Save As... Change the directory to your desktop;
3.Change the Save as type to "All Files";
4.Type in the file name: CFScript
5.Click Save ...

Posted Image

Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix may request an update; please allow it.
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it shall produce a log for you.
Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

NEXT

Please open your MalwareBytes AntiMalware Program
Click the Update Tab and search for updates
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish, so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected. <-- very important
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

NEXT

Go here to run an online scanner from ESET.

Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activeX control to install
Click Start
Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
Wait for the scan to finish
When the scan completes, press the LIST OF THREATS FOUND button
Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
Include the contents of this report in your next reply.
Press the BACK button.
Press Finish

The help you receive here is free. If you wish to show your appreciation, then you may
Microsoft MVP - 2010, 2011, 2012

#5 ckbruin

Member

Members
17 posts

Gender:Male

Posted 16 July 2012 - 10:30 PM

Combofix Log #2:

ComboFix 12-07-16.01 - Telesis 07/16/2012 17:04:20.2.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3068.1835 [GMT -7:00]
Running from: c:\users\Telesis\Desktop\ComboFix.exe
Command switches used :: c:\users\Telesis\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\B7E85889000D8E97006BA627B4EB238B
c:\programdata\B7E85889000D8E97006BA627B4EB238B\B7E85889000D8E97006BA627B4EB238B
c:\users\Telesis\AppData\Local\{3F3E745F-BD5E-11E1-8270-B8AC6F996F26}
c:\users\Telesis\AppData\Local\{3F3E745F-BD5E-11E1-8270-B8AC6F996F26}\chrome.manifest
c:\users\Telesis\AppData\Local\{3F3E745F-BD5E-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul
c:\users\Telesis\AppData\Local\{3F3E745F-BD5E-11E1-8270-B8AC6F996F26}\install.rdf
c:\users\Telesis\AppData\Roaming\.spoutcraft
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day1.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day2.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day3.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day4.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day5.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day6.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day7.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day8.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\evening\evening1.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\evening\evening2.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\evening\evening3.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\evening\evening4.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\evening\evening5.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\night\night1.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\night\night2.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\night\night3.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\background\night\night4.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\icon\blacklist.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\icon\graylist.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\icon\info.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\icon\lock.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\icon\unknown_server.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\icon\whitelist.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\logo\minecraft.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\logo\spoutcraft.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\arrow.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\marker.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\roundmap.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\roundmap_white.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\squaremap.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\squaremap_white.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\waypoint.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\misc\disconnected.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\blaze.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\cave_spider.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\chicken.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\cow.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\creeper.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\ender_dragon.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\enderman.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\ghast.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\human.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\iron_golem.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\magma_cube.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\mooshroom.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\ocelot.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\pig.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\sheep.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\silverfish.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\skeleton.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\slime.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\snow_golem.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\spider.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\spider_jockey.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\squid.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\villager.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\wolf.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\zombie.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\zombie_pigman.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\composite.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\composite.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\final.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\final.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_basic.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_basic.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_hand.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_hand.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_terrain.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_terrain.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_textured.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_textured.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_textured_lit.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_textured_lit.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_water.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_water.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_weather.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_weather.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\composite.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\composite.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\final.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\final.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_basic.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_basic.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_hand.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_hand.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_terrain.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_terrain.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_textured.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_textured.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_textured_lit.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_textured_lit.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_water.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_water.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_weather.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_weather.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\composite.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\composite.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\final.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\final.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_basic.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_basic.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_hand.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_hand.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_terrain.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_terrain.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_textured.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_textured.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_textured_lit.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_textured_lit.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_water.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_water.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_weather.fsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_weather.vsh
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_ascending.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_check.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_descending.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_disabled.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_hover.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_normal.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_radio.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\backups\1412-backup.zip
c:\users\Telesis\AppData\Roaming\.spoutcraft\backups\1412-backup.zip2161563671785229916.tmp
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\cache\jinput.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\cache\lwjgl.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\cache\lwjgl_util.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\cache\minecraft_1.2.5.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\jinput.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\commons-io.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\commons-lang3.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\dnsjava.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\guava.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\jmdns.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\joda-time.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\slick.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\snakeyaml.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\trove4j.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\lwjgl.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\lwjgl_util.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\minecraft.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\jinput-dx8.dll
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\jinput-dx8_64.dll
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\jinput-raw.dll
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\jinput-raw_64.dll
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\lwjgl.dll
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\lwjgl64.dll
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\OpenAL32.dll
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\OpenAL64.dll
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\spoutcraft.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\commons-io.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\commons-lang3.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\dnsjava.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\guava.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\jinput.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\jmdns.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\lwjgl.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\lwjgl_util.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\minecraft.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\slick.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\snakeyaml.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\spoutcraft.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\trove4j.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\chunk\cache.dat
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\chunk\cache.fat
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\chunk\cache.index
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\bazooka.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\black.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\ExtraScope.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\gr%C3%BCneskreuz.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\grauekartoffel.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\guudarueckstoss.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\handle.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\heavyammo.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\HUDBackgroundBlue.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemBarrelFat.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemBarrelLong.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemBarrelShort.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemBarrelShotgun.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemGripMetal.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemGunAk47.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemGunFlamethrower.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemGunMp5.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemMagazine.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemMetalParts.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemOil.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemReceiverMetal.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemStockMetal.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\lightammo.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\MN106N.PNG
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\pistol.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\pistolammo.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\pumpgunammo.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\rocket.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\scope.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\scopeScreen.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\shotgun.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\Silencer.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\sniper.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\launcher_background.jpg
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Acrobatics.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Acrobatics_r.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Archery.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Archery_r.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Axes.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Axes_r.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Excavation.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Excavation_r.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Fishing.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Fishing_r.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Herbalism.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Herbalism_r.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Icon.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Icon_r.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\level.wav
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Mining.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Mining_r.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Repair.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\repair.wav
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Repair_r.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Swords.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Swords_r.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Taming.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Taming_r.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Unarmed.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Unarmed_r.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Woodcutting.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Woodcutting_r.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc000.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc001.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc002.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc003.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc004.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc005.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc006.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc007.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc008.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc009.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc010.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc011.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc012.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc013.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc014.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc015.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc016.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc017.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc018.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc019.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc020.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc021.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc022.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc023.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc024.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc025.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc026.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc027.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc028.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc029.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc030.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc031.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc032.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc033.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc034.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc035.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc036.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc037.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc038.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc039.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc040.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc041.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc042.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc043.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc044.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc045.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc046.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc047.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc048.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc049.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc050.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc051.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc052.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc053.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc054.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc055.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc056.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc057.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc058.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc059.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc060.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc061.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc062.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc063.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc064.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc065.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc066.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc067.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc068.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc069.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc070.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc071.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc072.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc073.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc074.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc075.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc076.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc077.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc078.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc079.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc080.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc081.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc082.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc083.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc084.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc085.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc086.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc087.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc088.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc089.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc090.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc091.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc092.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc093.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc094.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc095.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc096.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc097.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc098.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc099.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc100.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc101.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc102.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc103.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc104.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc105.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc106.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc107.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc108.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc109.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc110.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc111.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc112.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc113.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc114.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc115.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc116.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc117.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc118.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc119.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc120.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc121.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc122.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc123.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc124.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc125.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc126.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc127.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc128.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc129.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc130.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc131.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc132.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc133.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc134.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc135.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc136.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc137.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc138.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc139.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc140.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc141.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc142.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc143.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc144.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc145.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc146.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc147.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc148.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc149.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc150.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc151.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc152.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc153.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc154.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc155.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc156.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc157.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc158.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc159.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc160.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc161.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc162.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc163.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc164.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc165.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc166.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc167.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc168.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc169.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc170.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc171.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc172.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc173.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc174.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc175.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc176.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc177.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc178.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc179.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc180.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc181.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc182.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc183.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc184.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc185.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc186.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc187.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc188.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc189.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc190.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc191.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc192.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc193.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc194.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc195.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc196.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc197.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc198.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc199.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc200.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc201.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc202.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc203.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc204.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc205.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc206.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc207.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc208.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc209.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc210.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc211.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc212.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc213.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc214.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc215.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc216.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc217.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc218.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc219.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc220.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc221.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc222.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc223.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc224.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc225.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc226.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc227.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc228.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc229.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc230.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc231.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc232.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc233.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc234.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc235.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc236.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc237.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc238.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc239.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc240.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc241.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc242.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc243.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc244.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc245.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc246.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc247.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc248.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc249.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc250.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc251.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc252.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc253.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc254.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\au.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\beastnode_319x105.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\ca.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\cz.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\de.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\eg.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\es.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\eu.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\fr.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\gb.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\minecraft_biz_230x38.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\nl.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\se.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\unknown.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\us.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\chunkcache\cache.dat
c:\users\Telesis\AppData\Roaming\.spoutcraft\chunkcache\cache.fat
c:\users\Telesis\AppData\Roaming\.spoutcraft\chunkcache\cache.index
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\addoninfo.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\assets.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\bindings.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\chatSettings.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\favorites.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\heightmap\108-170-47-2.hma
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\heightmap\74-121-180-205.hma
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\heightmap\localhost.hma
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\heightmap\skyblock-co.hma
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\heightmap\World.hma
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\libraries.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\minecraft.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\minimap.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\mirrors.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\runonce
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\settings.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\shortcuts.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\special.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\splashes.temp
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\splashes.txt
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\spoutcraft.properties
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\spoutcraft.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\config\vip.yml
c:\users\Telesis\AppData\Roaming\.spoutcraft\lastlogin
c:\users\Telesis\AppData\Roaming\.spoutcraft\launcherVersion
c:\users\Telesis\AppData\Roaming\.spoutcraft\logs\spoutcraft_2012-06-20.log
c:\users\Telesis\AppData\Roaming\.spoutcraft\logs\spoutcraft_2012-06-21.log
c:\users\Telesis\AppData\Roaming\.spoutcraft\logs\spoutcraft_2012-06-22.log
c:\users\Telesis\AppData\Roaming\.spoutcraft\logs\spoutcraft_2012-06-23.log
c:\users\Telesis\AppData\Roaming\.spoutcraft\logs\spoutcraft_2012-06-25.log
c:\users\Telesis\AppData\Roaming\.spoutcraft\options.txt
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\music\calm1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\music\calm2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\music\calm3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\hal1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\hal2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\hal3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\hal4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\nuance1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\nuance2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\piano1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\piano2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\piano3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave10.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave11.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave12.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave13.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave5.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave6.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave7.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave8.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave9.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\rain1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\rain2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\rain3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\rain4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\thunder1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\thunder2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\thunder3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\damage\fallbig1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\damage\fallbig2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\damage\fallsmall.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\damage\hurtflesh1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\damage\hurtflesh2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\damage\hurtflesh3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\fire\fire.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\fire\ignite.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\liquid\lava.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\liquid\lavapop.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\liquid\splash.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\liquid\water.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\breathe1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\breathe2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\breathe3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\breathe4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\death.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\hit1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\hit2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\hit3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\hit4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\hiss1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\hiss2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\hiss3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\hitt1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\hitt2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\hitt3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\meow1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\meow2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\meow3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\meow4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\purr1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\purr2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\purr3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\purreow1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\purreow2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\chicken1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\chicken2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\chicken3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\chickenhurt1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\chickenhurt2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\chickenplop.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cow1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cow2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cow3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cow4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cowhurt1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cowhurt2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cowhurt3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\creeper1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\creeper2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\creeper3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\creeper4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\creeperdeath.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\death.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\hit1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\hit2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\hit3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\hit4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\idle1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\idle2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\idle3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\idle4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\idle5.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\portal.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\portal2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\scream1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\scream2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\scream3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\scream4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\stare.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\affectionate scream.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\charge.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\death.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\fireball4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan5.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan6.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan7.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\scream1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\scream2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\scream3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\scream4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\scream5.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\death.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\hit1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\hit2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\hit3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\hit4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\throw.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\walk1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\walk2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\walk3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\walk4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\big1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\big2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\big3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\big4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\jump1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\jump2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\jump3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\jump4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\small1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\small2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\small3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\small4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\small5.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\pig1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\pig2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\pig3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\pigdeath.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\sheep1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\sheep2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\sheep3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\hit1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\hit2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\hit3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\kill.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\say1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\say2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\say3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\say4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\step1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\step2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\step3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\step4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeleton1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeleton2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeleton3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeletondeath.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeletonhurt1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeletonhurt2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeletonhurt3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeletonhurt4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slime1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slime2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slime3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slime4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slime5.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slimeattack1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slimeattack2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\spider1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\spider2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\spider3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\spider4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\spiderdeath.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\bark1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\bark2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\bark3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\death.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\growl1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\growl2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\growl3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\howl1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\howl2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\hurt1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\hurt2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\hurt3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\panting.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\shake.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\whine.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\metal1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\metal2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\metal3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\wood1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\wood2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\wood3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\wood4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\woodbreak.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiedeath.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiehurt1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiehurt2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpig1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpig2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpig3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpig4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpigangry1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpigangry2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpigangry3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpigangry4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpigdeath.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpighurt1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpighurt2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\bass.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\bassattack.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\bd.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\harp.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\hat.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\pling.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\snare.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\portal\portal.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\portal\travel.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\portal\trigger.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\bow.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\bowhit1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\bowhit2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\bowhit3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\bowhit4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\break.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\breath.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\burp.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\chestclosed.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\chestopen.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\click.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\door_close.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\door_open.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\drink.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\drr.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\eat1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\eat2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\eat3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\explode1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\explode2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\explode3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\explode4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\fizz.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\fuse.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\glass1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\glass2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\glass3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\hurt.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\levelup.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\old_explode.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\orb.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\pop.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\splash.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\wood click.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\cloth1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\cloth2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\cloth3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\cloth4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\grass1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\grass2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\grass3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\grass4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\gravel1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\gravel2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\gravel3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\gravel4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\sand1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\sand2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\sand3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\sand4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\snow1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\snow2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\snow3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\snow4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\stone1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\stone2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\stone3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\stone4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\wood1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\wood2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\wood3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\wood4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\tile\piston\in.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\tile\piston\out.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\pe\humble.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\grass1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\grass2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\grass3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\grass4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\gravel1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\gravel2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\gravel3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\gravel4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\stone1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\stone2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\stone3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\stone4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\wood1.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\wood2.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\wood3.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\wood4.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\11.mus
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\13.mus
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\13.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\blocks.mus
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\cat.mus
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\cat.ogg
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\chirp.mus
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\far.mus
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\mall.mus
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\mellohi.mus
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\stal.mus
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\strad.mus
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\ward.mus
c:\users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\where are we now.mus
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.-1.-1.mca
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.-1.0.mca
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.0.-1.mca
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.0.-2.mca
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.0.-3.mca
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.0.0.mca
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.1.-2.mca
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.1.-3.mca
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\World\level.dat
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\World\level.dat_old
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\World\region\r.-1.-1.mca
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\World\region\r.-1.0.mca
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\World\region\r.0.-1.mca
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\World\region\r.0.0.mca
c:\users\Telesis\AppData\Roaming\.spoutcraft\saves\World\session.lock
c:\users\Telesis\AppData\Roaming\.spoutcraft\screenshots\2012-06-22_23.21.10.png
c:\users\Telesis\AppData\Roaming\.spoutcraft\Spoutcraft-Launcher.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\stats\stats_ckbruin13_unsent.dat
c:\users\Telesis\AppData\Roaming\.spoutcraft\stats\stats_ckbruin13_unsent.old
c:\users\Telesis\AppData\Roaming\.spoutcraft\temp\minecraft.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\temp\natives.jar
c:\users\Telesis\AppData\Roaming\.spoutcraft\temp\spoutcraft.jar
c:\users\Telesis\AppData\Roaming\Alebel
c:\users\Telesis\AppData\Roaming\Byohsi
c:\users\Telesis\AppData\Roaming\Byohsi\ovxi.loi
c:\users\Telesis\AppData\Roaming\Ipheu
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_VPROIAH
-------\Service_nxsnbztk
-------\Service_vproiah
.
.
((((((((((((((((((((((((( Files Created from 2012-06-17 to 2012-07-17 )))))))))))))))))))))))))))))))
.
.
2012-07-17 00:12 . 2012-07-17 00:14 -------- d-----w- c:\users\Telesis\AppData\Local\temp
2012-07-17 00:12 . 2012-07-17 00:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-13 12:30 . 2012-07-13 12:30 -------- d-----w- c:\users\Telesis\AppData\Roaming\Unity
2012-07-12 20:35 . 2012-07-12 20:35 -------- d-----w- c:\programdata\ATI
2012-07-12 20:34 . 2012-07-12 20:34 -------- d-----w- c:\program files\AMD APP
2012-07-06 05:21 . 2012-07-06 06:59 -------- d-----w- c:\users\Telesis\AppData\Roaming\FileZilla
2012-07-03 10:29 . 2012-07-03 10:29 -------- d-----w- c:\program files\Cobian Backup 11
2012-06-29 21:46 . 2012-06-29 21:46 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-29 21:46 . 2012-06-29 21:46 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-28 04:21 . 2012-06-28 04:21 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-06-26 23:13 . 2012-07-16 11:56 -------- d-----w- c:\users\Telesis\AppData\Roaming\.techniclauncher
2012-06-25 08:29 . 2012-06-25 08:29 -------- d-----w- c:\users\Telesis\AppData\Local\Macromedia
2012-06-25 08:22 . 2012-06-26 21:45 -------- d-----r- c:\users\Telesis\AppData\Local\{3F3EAC3C-BD5E-11E1-8270-B8AC6F996F26}
2012-06-23 18:10 . 2012-06-23 18:10 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-06-22 23:34 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{366C1FB4-94EF-4DDC-B37A-1B3730E80ADC}\mpengine.dll
2012-06-21 04:06 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-19 09:07 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-19 09:07 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-19 09:07 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-19 09:07 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-19 09:07 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-19 09:07 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-19 09:07 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-19 09:07 . 2012-06-02 22:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-19 09:07 . 2012-06-02 22:12 33792 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 21:35 . 2012-04-13 03:17 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-12 21:35 . 2011-05-21 18:41 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-05 22:09 . 2011-07-11 22:04 140480 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-07-05 22:09 . 2011-07-11 22:04 298016 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-07-05 22:09 . 2011-07-11 22:03 298016 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-07-05 07:52 . 2011-07-11 22:03 298016 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-07-04 06:02 . 2011-07-11 22:03 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-07-04 05:03 . 2011-07-11 22:04 138056 ----a-w- c:\users\Telesis\AppData\Roaming\PnkBstrK.sys
2012-07-04 02:08 . 2012-02-03 05:00 3130440 ----a-w- c:\windows\system32\pbsvc_blr.exe
2012-07-03 20:46 . 2011-06-13 10:55 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-11 20:50 . 2012-06-11 20:50 159232 ----a-w- c:\windows\system32\clinfo.exe
2012-06-11 20:50 . 2012-06-11 20:50 65024 ----a-w- c:\windows\system32\OpenVideo.dll
2012-06-11 20:50 . 2012-06-11 20:50 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-06-11 20:49 . 2012-06-11 20:49 13008896 ----a-w- c:\windows\system32\amdocl.dll
2012-06-11 18:58 . 2012-06-11 18:58 8733696 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-06-11 18:35 . 2012-06-11 18:35 58880 ----a-w- c:\windows\system32\coinst_8.98.dll
2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\system32\atioglxx.dll
2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-06-11 17:24 . 2011-04-20 09:09 924160 ----a-w- c:\windows\system32\aticfx32.dll
2012-06-11 17:20 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-06-11 17:19 . 2012-06-11 17:19 468992 ----a-w- c:\windows\system32\atieclxx.exe
2012-06-11 17:19 . 2012-06-11 17:19 217600 ----a-w- c:\windows\system32\atiesrxx.exe
2012-06-11 17:17 . 2012-06-11 17:17 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-06-11 17:17 . 2012-06-11 17:17 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-06-11 17:16 . 2011-04-20 08:59 6301696 ----a-w- c:\windows\system32\atidxx32.dll
2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-06-11 16:45 . 2011-11-10 02:33 5480448 ----a-w- c:\windows\system32\atiumdag.dll
2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-06-11 16:43 . 2011-11-10 02:29 4729344 ----a-w- c:\windows\system32\atiumdva.dll
2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\system32\aticaldd.dll
2012-06-11 16:26 . 2012-06-11 16:26 368640 ----a-w- c:\windows\system32\atiadlxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-06-11 16:25 . 2012-06-11 16:25 295936 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-06-11 16:25 . 2011-04-20 08:21 42496 ----a-w- c:\windows\system32\atiuxpag.dll
2012-06-11 16:24 . 2011-04-20 08:21 32768 ----a-w- c:\windows\system32\atiu9pag.dll
2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-05-30 04:47 . 2011-09-02 01:39 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2012-05-30 04:47 . 2011-09-02 01:39 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2012-05-26 09:22 . 2012-05-08 05:26 674600 ----a-w- c:\windows\system32\pbsvc.exe
2012-05-15 03:03 . 2012-06-13 19:43 981504 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 01:05 . 2012-06-13 19:43 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-05-01 04:44 . 2012-06-13 19:43 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:17 . 2012-06-13 19:43 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 04:45 . 2012-06-13 19:43 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 04:45 . 2012-06-13 19:43 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:41 . 2012-06-13 19:43 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 04:36 . 2012-06-13 19:43 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 19:43 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 19:43 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-20 03:16 . 2012-06-13 19:43 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-29 21:46 . 2012-05-28 18:51 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{13FA2453-9287-4F18-8554-976D7C02F4EE}]
2012-01-11 05:43 63368 ----a-w- f:\perfect world entertainment\CORE Client\plugins\CorePluginIE.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2012-02-10 18:28 1307928 ----a-w- c:\program files\Microsoft\BingBar\7.1.361.0\BingExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Telesis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Telesis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Telesis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-21 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-03 17417392]
"InstallIQUpdater"="c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe" [2011-08-10 1176064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"QuickTime Task"="f:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2009-09-13 103768]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1313640]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 931200]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"Malwarebytes' Anti-Malware"="f:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"Cobian Backup 11 interface"="c:\program files\Cobian Backup 11\cbInterface.exe" [2012-06-30 4407808]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
.
c:\users\Telesis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Telesis\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-6-13 27595032]
MagicDisc.lnk - f:\program files\MagicDisc\MagicDisc.exe [2011-12-7 576000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2011-8-15 2589808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 XDva389;XDva389;c:\windows\system32\XDva389.sys [x]
R3 XDva391;XDva391;c:\windows\system32\XDva391.sys [x]
R3 XDva392;XDva392;c:\windows\system32\XDva392.sys [x]
R3 XDva394;XDva394;c:\windows\system32\XDva394.sys [x]
R3 XDva397;XDva397;c:\windows\system32\XDva397.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x]
S2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files\Cobian Backup 11\cbVSCService11.exe [x]
S2 CobianBackup11;Cobian Backup 11 Gravity;c:\program files\Cobian Backup 11\cbService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S2 MBAMService;MBAMService;f:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 21:35]
.
2012-07-17 c:\windows\Tasks\FinalTorrent Update Checker.job
- c:\program files\FinalTorrent\FTCheckForUpdates.exe [2011-11-07 23:24]
.
2012-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-21 18:41]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-21 18:41]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2310123422-4128129539-160789890-1000Core.job
- c:\users\Telesis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-25 07:54]
.
2012-07-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2310123422-4128129539-160789890-1000UA.job
- c:\users\Telesis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-25 07:54]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://youtube.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\users\Telesis\AppData\Roaming\Mozilla\Firefox\Profiles\y0j2hf25.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1568)
c:\users\Telesis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\atieclxx.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
f:\program files\Hi-Rez Studios\HiPatchService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2012-07-16 17:19:09 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-17 00:19
ComboFix2.txt 2012-07-16 20:09
.
Pre-Run: 80,603,283,456 bytes free
Post-Run: 80,441,745,408 bytes free
.
- - End Of File - - BD67320C66BC3B9DA081D23A547CCA8A

Malwarebytes Scan Log:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.16.12

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Telesis :: TELESIS-PC [administrator]

7/16/2012 5:23:51 PM
mbam-log-2012-07-16 (17-23-51).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 225443
Time elapsed: 4 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

ESET Scan:

C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Local\Pando_Temp\Microsoft\dmucjvldv.dll.vir a variant of Win32/Kryptik.AHHC trojan
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Local\{3F3E745F-BD5E-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul.vir JS/Redirector.NIQ trojan
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\mtolis.dll.vir a variant of Win32/Medfos.AI trojan
C:\Qoobox\Quarantine\C\Windows\Installer\{ce6eb33f-3405-9ad3-1bed-a8fc21d6ad11}\U\80000000.@.vir a variant of Win32/Sirefef.FA trojan
C:\Qoobox\Quarantine\C\Windows\Installer\{ce6eb33f-3405-9ad3-1bed-a8fc21d6ad11}\U\800000cb.@.vir probably a variant of Win32/Agent.TEO trojan
C:\Qoobox\Quarantine\C\Windows\System32\Services.exe.vir Win32/Sirefef.FC trojan
C:\Users\Telesis\AppData\Roaming\Mozilla\Firefox\Profiles\y0j2hf25.default\extensions\olzrghkhrl@olzrghkhrl.org.xpi JS/Redirector.NCA trojan

#6 CatByte

bleepin' tiger

Malware Response Team
13,569 posts

Gender:Not Telling
Location:Canada

Posted 17 July 2012 - 10:09 AM

Please do the following:

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.
They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".

File::
C:\Users\Telesis\AppData\Roaming\Mozilla\Firefox\Profiles\y0j2hf25.default\extensions\olzrghkhrl@olzrghkhrl.org.xpi 

ClearJavaCache::

Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix may request an update; please allow it.
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it shall produce a log for you.
Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

NEXT

Press the WinKey + R to open a run box, copy/paste the following bolded text into the Run box and click OK:

C:\Qoobox\ComboFix-quarantined-files.txt

A report should pop open for you. Please zip this up and attach it to your next reply.

The help you receive here is free. If you wish to show your appreciation, then you may
Microsoft MVP - 2010, 2011, 2012

#7 ckbruin

Member

Members
17 posts

Gender:Male

Posted 17 July 2012 - 09:50 PM

ComboFix Log:

ComboFix 12-07-16.01 - Telesis 07/17/2012 18:01:03.3.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3068.2113 [GMT -7:00]
Running from: c:\users\Telesis\Desktop\ComboFix.exe
Command switches used :: c:\users\Telesis\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Telesis\AppData\Roaming\Mozilla\Firefox\Profiles\y0j2hf25.default\extensions\olzrghkhrl@olzrghkhrl.org.xpi"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Telesis\AppData\Roaming\Mozilla\Firefox\Profiles\y0j2hf25.default\extensions\olzrghkhrl@olzrghkhrl.org.xpi
.
.
((((((((((((((((((((((((( Files Created from 2012-06-18 to 2012-07-18 )))))))))))))))))))))))))))))))
.
.
2012-07-18 01:10 . 2012-07-18 01:10 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-18 01:10 . 2012-07-18 01:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-17 21:08 . 2012-07-17 21:08 -------- d-----w- c:\users\Telesis\AppData\Roaming\LolClient
2012-07-17 00:30 . 2012-07-17 00:30 -------- d-----w- c:\program files\ESET
2012-07-17 00:12 . 2012-07-18 01:10 -------- d-----w- c:\users\Telesis\AppData\Local\temp
2012-07-13 12:30 . 2012-07-13 12:30 -------- d-----w- c:\users\Telesis\AppData\Roaming\Unity
2012-07-12 20:35 . 2012-07-12 20:35 -------- d-----w- c:\programdata\ATI
2012-07-12 20:34 . 2012-07-12 20:34 -------- d-----w- c:\program files\AMD APP
2012-07-06 05:21 . 2012-07-06 06:59 -------- d-----w- c:\users\Telesis\AppData\Roaming\FileZilla
2012-07-03 10:29 . 2012-07-03 10:29 -------- d-----w- c:\program files\Cobian Backup 11
2012-06-29 21:46 . 2012-06-29 21:46 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-29 21:46 . 2012-06-29 21:46 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-28 04:21 . 2012-06-28 04:21 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-06-26 23:13 . 2012-07-16 11:56 -------- d-----w- c:\users\Telesis\AppData\Roaming\.techniclauncher
2012-06-25 08:29 . 2012-06-25 08:29 -------- d-----w- c:\users\Telesis\AppData\Local\Macromedia
2012-06-25 08:22 . 2012-06-26 21:45 -------- d-----r- c:\users\Telesis\AppData\Local\{3F3EAC3C-BD5E-11E1-8270-B8AC6F996F26}
2012-06-23 18:10 . 2012-06-23 18:10 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-06-22 23:34 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{366C1FB4-94EF-4DDC-B37A-1B3730E80ADC}\mpengine.dll
2012-06-21 04:06 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-19 09:07 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-19 09:07 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-19 09:07 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-19 09:07 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-19 09:07 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-19 09:07 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-19 09:07 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-19 09:07 . 2012-06-02 22:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-19 09:07 . 2012-06-02 22:12 33792 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-17 23:37 . 2011-07-11 22:04 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-07-17 23:37 . 2011-07-11 22:03 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-07-12 21:35 . 2012-04-13 03:17 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-12 21:35 . 2011-05-21 18:41 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-05 22:09 . 2011-07-11 22:04 140480 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-07-05 22:09 . 2011-07-11 22:03 298016 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-07-04 06:02 . 2011-07-11 22:03 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-07-04 05:03 . 2011-07-11 22:04 138056 ----a-w- c:\users\Telesis\AppData\Roaming\PnkBstrK.sys
2012-07-04 02:08 . 2012-02-03 05:00 3130440 ----a-w- c:\windows\system32\pbsvc_blr.exe
2012-07-03 20:46 . 2011-06-13 10:55 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-11 20:50 . 2012-06-11 20:50 159232 ----a-w- c:\windows\system32\clinfo.exe
2012-06-11 20:50 . 2012-06-11 20:50 65024 ----a-w- c:\windows\system32\OpenVideo.dll
2012-06-11 20:50 . 2012-06-11 20:50 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-06-11 20:49 . 2012-06-11 20:49 13008896 ----a-w- c:\windows\system32\amdocl.dll
2012-06-11 18:58 . 2012-06-11 18:58 8733696 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-06-11 18:35 . 2012-06-11 18:35 58880 ----a-w- c:\windows\system32\coinst_8.98.dll
2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\system32\atioglxx.dll
2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-06-11 17:24 . 2011-04-20 09:09 924160 ----a-w- c:\windows\system32\aticfx32.dll
2012-06-11 17:20 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-06-11 17:19 . 2012-06-11 17:19 468992 ----a-w- c:\windows\system32\atieclxx.exe
2012-06-11 17:19 . 2012-06-11 17:19 217600 ----a-w- c:\windows\system32\atiesrxx.exe
2012-06-11 17:17 . 2012-06-11 17:17 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-06-11 17:17 . 2012-06-11 17:17 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-06-11 17:16 . 2011-04-20 08:59 6301696 ----a-w- c:\windows\system32\atidxx32.dll
2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-06-11 16:45 . 2011-11-10 02:33 5480448 ----a-w- c:\windows\system32\atiumdag.dll
2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-06-11 16:43 . 2011-11-10 02:29 4729344 ----a-w- c:\windows\system32\atiumdva.dll
2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\system32\aticaldd.dll
2012-06-11 16:26 . 2012-06-11 16:26 368640 ----a-w- c:\windows\system32\atiadlxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-06-11 16:25 . 2012-06-11 16:25 295936 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-06-11 16:25 . 2011-04-20 08:21 42496 ----a-w- c:\windows\system32\atiuxpag.dll
2012-06-11 16:24 . 2011-04-20 08:21 32768 ----a-w- c:\windows\system32\atiu9pag.dll
2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-05-30 04:47 . 2011-09-02 01:39 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2012-05-30 04:47 . 2011-09-02 01:39 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2012-05-26 09:22 . 2012-05-08 05:26 674600 ----a-w- c:\windows\system32\pbsvc.exe
2012-05-15 03:03 . 2012-06-13 19:43 981504 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 01:05 . 2012-06-13 19:43 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-05-01 04:44 . 2012-06-13 19:43 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:17 . 2012-06-13 19:43 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 04:45 . 2012-06-13 19:43 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 04:45 . 2012-06-13 19:43 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:41 . 2012-06-13 19:43 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 04:36 . 2012-06-13 19:43 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 19:43 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 19:43 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-20 03:16 . 2012-06-13 19:43 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-29 21:46 . 2012-05-28 18:51 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{13FA2453-9287-4F18-8554-976D7C02F4EE}]
2012-01-11 05:43 63368 ----a-w- f:\perfect world entertainment\CORE Client\plugins\CorePluginIE.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2012-02-10 18:28 1307928 ----a-w- c:\program files\Microsoft\BingBar\7.1.361.0\BingExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Telesis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Telesis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Telesis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-21 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"InstallIQUpdater"="c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe" [2011-08-10 1176064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"QuickTime Task"="f:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2009-09-13 103768]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1313640]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 931200]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"Malwarebytes' Anti-Malware"="f:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"Cobian Backup 11 interface"="c:\program files\Cobian Backup 11\cbInterface.exe" [2012-06-30 4407808]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
.
c:\users\Telesis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Telesis\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-6-13 27595032]
MagicDisc.lnk - f:\program files\MagicDisc\MagicDisc.exe [2011-12-7 576000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2011-8-15 2589808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 XDva389;XDva389;c:\windows\system32\XDva389.sys [x]
R3 XDva391;XDva391;c:\windows\system32\XDva391.sys [x]
R3 XDva392;XDva392;c:\windows\system32\XDva392.sys [x]
R3 XDva394;XDva394;c:\windows\system32\XDva394.sys [x]
R3 XDva397;XDva397;c:\windows\system32\XDva397.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x]
S2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files\Cobian Backup 11\cbVSCService11.exe [x]
S2 CobianBackup11;Cobian Backup 11 Gravity;c:\program files\Cobian Backup 11\cbService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S2 MBAMService;MBAMService;f:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 21:35]
.
2012-07-17 c:\windows\Tasks\FinalTorrent Update Checker.job
- c:\program files\FinalTorrent\FTCheckForUpdates.exe [2011-11-07 23:24]
.
2012-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-21 18:41]
.
2012-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-21 18:41]
.
2012-07-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2310123422-4128129539-160789890-1000Core.job
- c:\users\Telesis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-25 07:54]
.
2012-07-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2310123422-4128129539-160789890-1000UA.job
- c:\users\Telesis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-25 07:54]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://youtube.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\users\Telesis\AppData\Roaming\Mozilla\Firefox\Profiles\y0j2hf25.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-07-17 18:12:06
ComboFix-quarantined-files.txt 2012-07-18 01:12
ComboFix2.txt 2012-07-17 00:19
ComboFix3.txt 2012-07-16 20:09
.
Pre-Run: 76,471,726,080 bytes free
Post-Run: 76,782,649,344 bytes free
.
- - End Of File - - E9B14DF1A7447C25B7023B7B6751651D

Attached Files

ComboFix-quarantined-files.zip 11.71K 2 downloads

#8 CatByte

bleepin' tiger

Malware Response Team
13,569 posts

Gender:Not Telling
Location:Canada

Posted 18 July 2012 - 10:31 AM

Please run the following:

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.
They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".

DeQuarantine::
C:\Qoobox\Quarantine\c\users\Telesis\AppData\Roaming\.spoutcraft
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\scopeScreen.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\spoutcraft.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\lwjgl_util.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\lwjgl.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\jinput.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\minecraft.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\trove4j.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\snakeyaml.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\slick.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\jmdns.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\guava.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\dnsjava.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\commons-lang3.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\temp_0\commons-io.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\MN106N.PNG.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_weather.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_weather.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_water.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_water.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_textured_lit.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_textured_lit.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_textured.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_textured.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_terrain.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_terrain.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_hand.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_hand.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_basic.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\gbuffers_basic.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\final.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\final.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\composite.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\low\composite.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_weather.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_weather.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_water.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_water.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_textured_lit.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_textured_lit.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_textured.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_textured.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_terrain.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_terrain.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_hand.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_hand.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_basic.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\gbuffers_basic.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\final.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\final.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\composite.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\medium\composite.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_weather.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_weather.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_water.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_water.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_textured_lit.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_textured_lit.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_textured.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_textured.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_terrain.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_terrain.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_hand.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_hand.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_basic.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\gbuffers_basic.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\final.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\final.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\composite.vsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\shader\high\composite.fsh.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_radio.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_normal.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_hover.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_disabled.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_descending.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_check.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\ui\box_ascending.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\zombie_pigman.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\zombie.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\wolf.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\villager.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\squid.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\spider_jockey.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\spider.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\snow_golem.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\slime.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\skeleton.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\silverfish.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\sheep.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\pig.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\ocelot.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\mooshroom.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\magma_cube.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\iron_golem.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\human.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\ghast.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\enderman.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\ender_dragon.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\creeper.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\cow.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\chicken.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\cave_spider.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\mobface\blaze.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\misc\disconnected.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\waypoint.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\squaremap_white.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\squaremap.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\roundmap_white.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\roundmap.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\marker.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\minimap\arrow.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\logo\spoutcraft.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\logo\minecraft.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\icon\unknown_server.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\icon\lock.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\icon\info.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\icon\whitelist.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\icon\graylist.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\icon\blacklist.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\night\night4.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\night\night3.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\night\night2.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\night\night1.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\evening\evening5.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\evening\evening4.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\evening\evening3.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\evening\evening2.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\evening\evening1.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day8.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day7.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day6.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day5.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day4.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day3.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day2.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\assets\background\day\day1.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\assets.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\logs\spoutcraft_2012-06-25.log.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\ca.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\eg.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\nl.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\eu.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\de.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\fr.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\cz.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\se.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\heightmap\74-121-180-205.hma.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\es.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\au.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\unknown.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\gb.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\us.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\logs\spoutcraft_2012-06-23.log.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\launcherVersion.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\Spoutcraft-Launcher.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\temp\spoutcraft.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\temp\natives.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\temp\minecraft.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\stats\stats_ckbruin13_unsent.old.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\stats\stats_ckbruin13_unsent.dat.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\screenshots\2012-06-22_23.21.10.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\World\region\r.0.0.mca.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\World\region\r.0.-1.mca.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\World\region\r.-1.0.mca.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\World\region\r.-1.-1.mca.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\World\session.lock.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\World\level.dat_old.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\World\level.dat.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.1.-3.mca.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.1.-2.mca.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.0.0.mca.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.0.-3.mca.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.0.-2.mca.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.0.-1.mca.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.-1.0.mca.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\saves\Super Hostile - Legendary v3.0\region\r.-1.-1.mca.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\where are we now.mus.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\ward.mus.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\strad.mus.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\stal.mus.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\mellohi.mus.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\mall.mus.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\far.mus.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\chirp.mus.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\cat.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\cat.mus.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\blocks.mus.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\13.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\13.mus.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\streaming\11.mus.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\wood4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\stone3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\stone4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\wood1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\wood2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\wood3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\gravel4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\stone1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\stone2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\gravel3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\gravel1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\gravel2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\grass4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\grass2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\grass3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\sound\step\grass1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\pe\humble.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\tile\piston\out.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\tile\piston\in.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\wood3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\wood4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\wood1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\wood2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\stone4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\stone2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\stone3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\stone1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\snow2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\snow3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\snow4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\snow1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\gravel4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\sand1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\sand2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\sand3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\sand4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\gravel1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\gravel2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\gravel3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\grass1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\grass2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\grass3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\grass4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\cloth2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\cloth3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\cloth4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\splash.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\wood click.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\step\cloth1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\levelup.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\old_explode.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\orb.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\pop.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\glass2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\glass3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\hurt.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\explode4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\fizz.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\fuse.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\glass1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\explode3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\eat2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\eat3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\explode1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\explode2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\drr.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\eat1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\chestclosed.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\chestopen.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\click.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\door_close.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\door_open.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\drink.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\breath.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\burp.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\bowhit1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\bowhit2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\bowhit3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\bowhit4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\break.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\random\bow.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\portal\travel.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\portal\trigger.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\pling.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\snare.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\portal\portal.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\hat.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\harp.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\bd.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\bassattack.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\note\bass.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpighurt2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpighurt1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpigangry4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpigdeath.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpig4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpigangry1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpigangry2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpigangry3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpig1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpig2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiepig\zpig3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\wood4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\woodbreak.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\wood2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\wood3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\wood1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\metal1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\metal2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie\metal3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\hurt1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\hurt2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\hurt3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\panting.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\shake.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\whine.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\howl1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\howl2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\growl3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\growl1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\growl2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\death.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\bark2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\bark3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\step3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\step4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\wolf\bark1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\step2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\step1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\say4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\say3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\say2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\say1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\kill.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\hit3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\hit1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\silverfish\hit2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\small4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\small5.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\small2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\small3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\jump4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\small1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\jump1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\jump2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\jump3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\big2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\big3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\big4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\walk3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\walk4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\magmacube\big1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\walk2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\throw.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\walk1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\hit4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\hit3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\hit1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\hit2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\scream4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\scream5.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\irongolem\death.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\scream2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\scream3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\scream1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan7.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan5.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan6.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\moan1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\fireball4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\affectionate scream.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\charge.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\ghast\death.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\stare.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\scream3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\scream4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\portal2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\scream1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\scream2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\portal.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\hit4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\idle1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\idle2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\idle3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\idle4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\idle5.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\hit2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\hit3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\death.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\endermen\hit1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\purreow2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\purr3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\purreow1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\purr2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\purr1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\meow4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\meow3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\meow1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\meow2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\hitt2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\hitt3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\hitt1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\hiss3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\hiss2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cat\hiss1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\hit4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\hit3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\hit2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\hit1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\death.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\breathe4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\breathe3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\breathe2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\blaze\breathe1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiedeath.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiehurt1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombiehurt2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slimeattack1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slimeattack2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\spider1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\spider2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\spider3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\spider4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\spiderdeath.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\zombie1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slime5.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slime1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slime2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slime3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\slime4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeletondeath.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeletonhurt1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeletonhurt2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeletonhurt3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeletonhurt4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeleton2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeleton3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\sheep3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\skeleton1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\sheep2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\sheep1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\creeper2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\creeper3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\creeper4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\creeperdeath.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\pig1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\pig2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\pig3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\pigdeath.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cow2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cow3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cow4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cowhurt1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cowhurt2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cowhurt3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\creeper1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\chickenplop.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\cow1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\chickenhurt2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\liquid\splash.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\liquid\water.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\chicken1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\chicken2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\chicken3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\mob\chickenhurt1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\fire\fire.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\fire\ignite.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\liquid\lava.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\liquid\lavapop.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\damage\hurtflesh3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\damage\fallbig1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\damage\fallbig2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\damage\fallsmall.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\damage\hurtflesh1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\damage\hurtflesh2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\thunder3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\thunder2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\thunder1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\rain1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\rain2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\rain3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\weather\rain4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave9.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave7.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave8.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave6.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave5.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave12.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave13.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave11.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newsound\ambient\cave\cave10.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\piano3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\piano2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\piano1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\nuance2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\nuance1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\hal4.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\hal3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\hal2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\newmusic\hal1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\music\calm3.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\music\calm2.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\resources\music\calm1.ogg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\logs\spoutcraft_2012-06-22.log.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\logs\spoutcraft_2012-06-21.log.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\logs\spoutcraft_2012-06-20.log.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\heightmap\World.hma.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\heightmap\skyblock-co.hma.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\heightmap\108-170-47-2.hma.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\heightmap\localhost.hma.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\vip.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\splashes.txt.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\spoutcraft.properties.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\spoutcraft.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\special.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\splashes.temp.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\shortcuts.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\bindings.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\chatSettings.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\favorites.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\libraries.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\minecraft.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\minimap.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\mirrors.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\runonce.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\settings.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\chunkcache\cache.fat.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\chunkcache\cache.index.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\config\addoninfo.yml.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\minecraft_biz_230x38.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\chunkcache\cache.dat.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\Spoutcraft\beastnode_319x105.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc247.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc248.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc249.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc250.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc251.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc252.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc253.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc254.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc238.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc239.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc240.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc241.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc242.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc243.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc244.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc245.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc246.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc228.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc229.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc230.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc231.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc232.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc233.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc234.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc235.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc236.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc237.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc223.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc224.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc225.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc226.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc227.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc215.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc216.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc217.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc218.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc219.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc220.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc221.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc222.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc205.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc206.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc207.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc208.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc209.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc210.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc211.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc212.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc213.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc214.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc195.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc196.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc197.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc198.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc199.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc200.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc201.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc202.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc203.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc204.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc186.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc187.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc188.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc189.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc190.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc191.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc192.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc193.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc194.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc177.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc178.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc179.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc180.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc181.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc182.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc183.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc184.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc185.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc167.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc168.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc169.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc170.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc171.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc172.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc173.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc174.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc175.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc176.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc157.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc158.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc159.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc160.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc161.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc162.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc163.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc164.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc165.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc166.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc147.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc148.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc149.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc150.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc151.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc152.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc153.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc154.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc155.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc156.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc138.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc139.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc140.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc141.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc142.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc143.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc144.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc145.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc146.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc128.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc129.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc130.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc131.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc132.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc133.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc134.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc135.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc136.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc137.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc119.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc120.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc121.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc122.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc123.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc124.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc125.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc126.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc127.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc110.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc111.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc112.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc113.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc114.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc115.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc116.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc117.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc118.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc107.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc108.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc109.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc098.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc099.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc100.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc101.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc102.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc103.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc104.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc105.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc106.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc093.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc094.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc095.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc096.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc097.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc084.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc085.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc086.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc087.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc088.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc089.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc090.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc091.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc092.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc075.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc076.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc077.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc078.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc079.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc080.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc081.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc082.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc083.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc068.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc069.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc070.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc071.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc072.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc073.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc074.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc064.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc065.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc066.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc067.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc063.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc062.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc061.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc060.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc059.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc058.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc057.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc056.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc054.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc055.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc051.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc052.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc053.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc049.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc050.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc047.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc048.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc043.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc044.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc045.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc046.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc034.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc035.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc036.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc037.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc038.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc039.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc040.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc041.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc042.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc025.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc026.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc027.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc028.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc029.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc030.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc031.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc032.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc033.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc015.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc016.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc017.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc018.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc019.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc020.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc021.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc022.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc023.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc024.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc006.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc007.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc008.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc009.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc010.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc011.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc012.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc013.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc014.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Unarmed_r.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Woodcutting.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Woodcutting_r.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc000.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc001.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc002.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc003.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc004.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\xpbar_inc005.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Mining.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Mining_r.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Repair.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\repair.wav.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Repair_r.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Swords.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Swords_r.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Taming.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Taming_r.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Unarmed.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Excavation.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Excavation_r.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Fishing.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Fishing_r.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Herbalism.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Herbalism_r.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Icon.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Icon_r.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\level.wav.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\Silencer.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\sniper.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Acrobatics.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Acrobatics_r.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Archery.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Archery_r.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Axes.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\mcMMO\Axes_r.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\pistol.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\pistolammo.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\pumpgunammo.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\rocket.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\scope.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\shotgun.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemOil.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemReceiverMetal.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemStockMetal.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\lightammo.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemBarrelLong.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemBarrelShort.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemBarrelShotgun.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemGripMetal.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemGunAk47.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemGunFlamethrower.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemGunMp5.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemMagazine.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemMetalParts.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\black.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\ExtraScope.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\GR%C3%~1.PNG.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\grauekartoffel.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\guudarueckstoss.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\handle.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\heavyammo.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\HUDBackgroundBlue.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\itemBarrelFat.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\chunk\cache.fat.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\chunk\cache.index.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\GunsPlus\bazooka.png.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\chunk\cache.dat.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\cache\launcher_background.jpg.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\OpenAL64.dll.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\lwjgl64.dll.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\OpenAL32.dll.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\jinput-raw_64.dll.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\lwjgl.dll.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\jinput-dx8_64.dll.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\jinput-raw.dll.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\natives\jinput-dx8.dll.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\joda-time.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\slick.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\snakeyaml.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\trove4j.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\jmdns.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\commons-io.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\commons-lang3.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\dnsjava.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\lib\guava.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\cache\minecraft_1.2.5.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\cache\lwjgl_util.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\cache\lwjgl.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\cache\jinput.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\lwjgl_util.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\minecraft.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\spoutcraft.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\backups\1412-backup.zip2161563671785229916.tmp.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\jinput.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\bin\lwjgl.jar.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\backups\1412-backup.zip.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\options.txt.vir
C:\Qoobox\Quarantine\C\Users\Telesis\AppData\Roaming\.spoutcraft\lastlogin.vir

Quit::

Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix may request an update; please allow it.
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it shall produce a log for you.
Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

NEXT

Please advise how your computer is running now and if there are any outstanding issues

Edited by CatByte, 18 July 2012 - 10:38 AM.

The help you receive here is free. If you wish to show your appreciation, then you may
Microsoft MVP - 2010, 2011, 2012

#9 ckbruin

Member

Members
17 posts

Gender:Male

Posted 19 July 2012 - 05:08 AM

Computer runs nicely now, no audio ads have been heard of between the hours of 11PM - 4AM (That's when the audio ads usually popped up before). Google does not redirect to meaningless sites. Things are looking pretty clear on here! Anything else that needs to be taken care of?

I had to attach the ComboFix DeQuarantine log due to the sheer amount of text that was contained in it.

Attached Files

DeQuarantine.txt 323.87K 1 downloads

#10 CatByte

bleepin' tiger

Malware Response Team
13,569 posts

Gender:Not Telling
Location:Canada

Posted 19 July 2012 - 10:38 AM

Hi

Just some housekeeping to do now,

Please do the following:

You can delete the DDS and GMER logs and programs from your desktop.

NEXT

Follow these steps to uninstall Combofix

Make sure your security programs are totally disabled.
Click START then RUN
Now copy/paste Combofix /uninstall into the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.

If there are any logs/tools remaining on your desktop > right click and delete them.

NEXT

Below I have included a number of recommendations for how to protect your computer against malware infections.

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
Strong passwords: How to create and use them Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.
Keep Windows updated by regularly checking their website at :
http://windowsupdate.microsoft.com/
This will ensure your computer has always the latest security updates available installed on your computer.
Make Internet Explorer more secure
- Click Start > Run
- Type Inetcpl.cpl & click OK
- Click on the Security tab
- Click Reset all zones to default level
- Make sure the Internet Zone is selected & Click Custom level
- In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
- Next Click OK, then Apply button and then OK to exit the Internet Properties page.
Download TFC to your desktop
- Close any open windows.
- Double click the TFC icon to run the program
- TFC will close all open programs itself in order to run,
- Click the Start button to begin the process.
- Allow TFC to run uninterrupted.
- The program should not take long to finish it's job
- Once its finished it should automatically reboot your machine,
- if it doesn't, manually reboot to ensure a complete clean
It's normal after running TFC cleaner that the PC will be slower to boot the first time.
WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
- Green to go
- Yellow for caution
- Red to stop
WOT has an addon available for both Firefox and IE
Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at this well written article:
PC Safety and Security--What Do I Need?.

Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

The help you receive here is free. If you wish to show your appreciation, then you may
Microsoft MVP - 2010, 2011, 2012

#11 ckbruin

Member

Members
17 posts

Gender:Male

Posted 19 July 2012 - 03:18 PM

Thank you for your help, CatByte! I think I'll be coming back if I get another malware problem (hopefully I won't, though).

#12 CatByte

bleepin' tiger

Malware Response Team
13,569 posts

Gender:Not Telling
Location:Canada

Posted 19 July 2012 - 03:19 PM

you are welcome

stay safe :hello:

~CB

The help you receive here is free. If you wish to show your appreciation, then you may
Microsoft MVP - 2010, 2011, 2012

#13 CatByte

bleepin' tiger

Malware Response Team
13,569 posts

Gender:Not Telling
Location:Canada

Posted 19 July 2012 - 03:19 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

The help you receive here is free. If you wish to show your appreciation, then you may
Microsoft MVP - 2010, 2011, 2012

Back to Virus, Trojan, Spyware, and Malware Removal Logs