Jump to content

SysWOW64 viruses

Netroth
 Share

Recommended Posts

Netroth

Netroth

Posted
Posted

I first noticed I had a problem after restarting one day, due to updates. What's been happening is my computer has been running at a cripplingly slow speed, and windows are randomly minimizing, though not in the traditional shrinking fashion, but as if I've clicked the button in the bottom-right which shows the desktop. Sometimes it'll happen once or many times within a short period, where I have to fight to keep a window open. The intervals are entirely random, sometimes being 3 minutes or 40 minutes apart. I have also noticed that when I was on the screen before login, three characters had been entered in for my password, yet I'd been away for an hour. Did some scans with MBAM and found a backdoor.bot which I removed. Checked task manager and found cmd.exe running despite my not opening it and had a look at where it was running from. I also found one other process from there, which was rundll.exe. Now I've not too sure how to proceed from here. Could somebody please help? I'm right in the middle of backing up my important documents to an external hdd while I wait.

Thank you in advance,
James C.

Link to post
Share on other sites
Netroth

Netroth

Posted
  • Author
Posted

Trying to do a scan with hijack this and it gets to C:\Windows\System32\drivers\etc\hosts and apparently it's not allowed to proceed. Reason why I'm not going to follow the suggestions of the program is because I'm in the middle of backing up a large file and I've already spent 2 hours on it, so I'd rather find another way around this.

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin....

Link to post
Share on other sites
Netroth

Netroth

Posted
  • Author
Posted
Thanks Kevin, here are the results:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by Netroth (administrator) on NETROTH-PC on 14-06-2014 01:42:43
Running from C:\Users\Netroth\Desktop\WorldPainter Maps
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Side Effects Software Inc.) C:\Windows\System32\sesinetd.exe
(Side Effects Software Inc.) C:\Windows\System32\hserver.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dolby Laboratories Inc.) C:\DOLBY PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
(Sierra Wireless Inc.) C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\WaHelper.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files\WinRAR\WinRAR.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-30] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-09] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-21] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-01-21] (Atheros Commnucations)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-11] (Acer Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4035152 2011-09-22] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [suiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-03-10] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-04] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-02-19] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-06] (Adobe Systems Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [TRUUpdater] => C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe [562456 2009-09-21] (Sierra Wireless, Inc.)
HKLM-x32\...\Run: [WatcherHelper] => C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\WaHelper.exe [58648 2009-09-25] (Sierra Wireless Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-08] (Elaborate Bytes AG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1655055398-3632467434-674196435-1001\...\Run: [Google Update] => C:\Users\Netroth\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-10] (Google Inc.)
HKU\S-1-5-21-1655055398-3632467434-674196435-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\Steam.exe [1754816 2014-05-30] (Valve Corporation)
HKU\S-1-5-21-1655055398-3632467434-674196435-1001\...\Run: [Facebook Update] => C:\Users\Netroth\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-23] (Facebook Inc.)
HKU\S-1-5-21-1655055398-3632467434-674196435-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1655055398-3632467434-674196435-1001\...\Run: [DAEMON Tools Lite] => "F:\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-1655055398-3632467434-674196435-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1268472 2013-05-13] (Bogdan Sharkov)
HKU\S-1-5-21-1655055398-3632467434-674196435-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-18] ()
HKU\S-1-5-21-1655055398-3632467434-674196435-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1655055398-3632467434-674196435-1001\...\MountPoints2: {10346995-e5e4-11e1-b066-b870f4a0cc59} - E:\WIN\setup.exe
HKU\S-1-5-21-1655055398-3632467434-674196435-1001\...\MountPoints2: {fe16254d-46c2-11e2-b06d-b870f4a0cc59} - G:\autorun.exe
HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Netroth\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-10] (Google Inc.)
HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [steam] => C:\Program Files (x86)\Steam\Steam.exe [1754816 2014-05-30] (Valve Corporation)
HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Facebook Update] => C:\Users\Netroth\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-23] (Facebook Inc.)
HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => "F:\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1268472 2013-05-13] (Bogdan Sharkov)
HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-18] ()
HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => "C:\Users\Netroth\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe"  /MINIMIZED
HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {10346995-e5e4-11e1-b066-b870f4a0cc59} - E:\WIN\setup.exe
HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {fe16254d-46c2-11e2-b06d-b870f4a0cc59} - G:\autorun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\Users\Netroth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cloud Panel.lnk
ShortcutTarget: Cloud Panel.lnk -> C:\Users\Netroth\AppData\Roaming\CloudPanel\CloudPanelLauncher.exe ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.208 202.27.158.40 202.27.156.72
Tcpip\..\Interfaces\{EDD00795-38EC-496C-AC9D-679EC68D8CEA}: [NameServer]203.118.191.1 203.109.191.1
 
FireFox:
========
FF ProfilePath: C:\Users\Netroth\AppData\Roaming\Mozilla\Firefox\Profiles\mdyal90o.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ogplanet.com/npOGPPlugin - C:\Windows\system32\npOGPPlugin.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Netroth\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Netroth\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Netroth\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: No Name - C:\Users\Netroth\AppData\Roaming\Mozilla\Firefox\Profiles\mdyal90o.default\Extensions\staged [2013-10-07]
FF Extension: Easy YouTube Video Downloader - C:\Users\Netroth\AppData\Roaming\Mozilla\Firefox\Profiles\mdyal90o.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2013-02-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-07]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-07]
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-06-08]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-03-12]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-06-08]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-05-27]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-05-31]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-03-12]
 
Chrome: 
=======
CHR HomePage: hxxp://ilearn.westlake.school.nz/
CHR DefaultSearchKeyword: google.co.nz
CHR Plugin: (Shockwave Flash) - C:\Users\Netroth\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Netroth\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Netroth\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Netroth\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Google Update) - C:\Users\Netroth\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (OGPlanet Game Plugin) - C:\Windows\system32\npOGPPlugin.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-21]
CHR Extension: (Google Drive) - C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (YouTube) - C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-21]
CHR Extension: (RuneScape) - C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci [2013-05-21]
CHR Extension: (Google Search) - C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-21]
CHR Extension: (SiteAdvisor) - C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-05-21]
CHR Extension: (AdBlock) - C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-16]
CHR Extension: (Average Joe) - C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjkcchcfjhaddmjcfmflnnhggofplgim [2013-05-21]
CHR Extension: (Skype Click to Call) - C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-17]
CHR Extension: (Google Wallet) - C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-05-21]
CHR Extension: (Gmail) - C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-21]
CHR HKCU\...\Chrome\Extension: [cfgmipjabpfjdgflgbjjpgekdejokfci] - C:\Users\Netroth\AppData\Local\CRE\cfgmipjabpfjdgflgbjjpgekdejokfci.crx [2012-11-22]
CHR HKCU\...\Chrome\Extension: [jjkcchcfjhaddmjcfmflnnhggofplgim] - C:\Users\Netroth\AppData\Local\CRE\jjkcchcfjhaddmjcfmflnnhggofplgim.crx [2012-08-02]
CHR HKLM-x32\...\Chrome\Extension: [cfgmipjabpfjdgflgbjjpgekdejokfci] - C:\Users\Netroth\AppData\Local\CRE\cfgmipjabpfjdgflgbjjpgekdejokfci.crx [2012-11-22]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-06-13]
CHR HKLM-x32\...\Chrome\Extension: [jjkcchcfjhaddmjcfmflnnhggofplgim] - C:\Users\Netroth\AppData\Local\CRE\jjkcchcfjhaddmjcfmflnnhggofplgim.crx [2012-08-02]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-13]
CHR StartMenuInternet: Google Chrome - C:\Users\Netroth\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [76448 2011-01-21] (Atheros Commnucations) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [974944 2011-09-22] (ESET)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed]
R2 HoudiniLicenseServer; C:\Windows\system32\sesinetd.exe [2550272 2012-02-09] (Side Effects Software Inc.) [File not signed]
R2 HoudiniServer; C:\Windows\system32\hserver.exe [2418176 2012-02-09] (Side Effects Software Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [140424 2014-04-23] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-03-10] (NTI Corporation)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-09-24] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2012-12-16] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2011-08-04] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-14] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 swmsflt; C:\Windows\System32\DRIVERS\swmsflt.sys [34304 2009-01-15] ()
S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [280064 2009-08-12] (Sierra Wireless Inc.)
S3 SWUMXA3; C:\Windows\System32\DRIVERS\swumxa3.sys [199552 2009-07-22] (Sierra Wireless Inc.)
S3 SWUMX20; system32\DRIVERS\swumx20.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-14 01:42 - 2014-06-14 01:42 - 02081792 _____ (Farbar) C:\Users\Netroth\Downloads\FRST64.exe
2014-06-14 01:35 - 2014-06-14 01:42 - 00000000 ____D () C:\FRST
2014-06-14 01:10 - 2014-06-14 01:10 - 00019941 _____ () C:\Users\Netroth\Downloads\hijackthis.log
2014-06-14 00:48 - 2014-06-14 00:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\Netroth\Downloads\HijackThis.exe
2014-06-14 00:25 - 2014-06-14 00:25 - 00000000 ____D () C:\Users\Netroth\Desktop\Azurim Series
2014-06-14 00:25 - 2014-06-14 00:25 - 00000000 ____D () C:\Users\Netroth\Desktop\Animations
2014-06-14 00:24 - 2014-06-14 00:26 - 00000000 ____D () C:\Users\Netroth\Desktop\Watch
2014-06-14 00:23 - 2014-06-14 00:27 - 00000000 ____D () C:\Users\Netroth\Desktop\University of Auckland
2014-06-14 00:21 - 2014-06-14 00:21 - 00000000 ____D () C:\Users\Netroth\Desktop\Skyrim Based Build Pics
2014-06-14 00:18 - 2014-06-14 00:20 - 00000000 ____D () C:\Users\Netroth\Desktop\King's Landing Renders 1.29.13
2014-06-14 00:18 - 2014-06-14 00:20 - 00000000 ____D () C:\Users\Netroth\Desktop\Backgrounds
2014-06-14 00:18 - 2014-06-14 00:19 - 00000000 ____D () C:\Users\Netroth\Desktop\My Voices
2014-06-14 00:04 - 2014-06-14 01:07 - 00000000 ____D () C:\Users\Netroth\Desktop\Electronic Arts
2014-06-13 23:46 - 2014-06-13 23:47 - 00000000 ____D () C:\Users\Netroth\Desktop\Yogspack Backups
2014-06-13 23:08 - 2014-06-14 01:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-13 23:08 - 2014-06-13 23:08 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-13 23:08 - 2014-06-13 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-13 23:07 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-13 23:07 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-13 23:07 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-13 23:03 - 2014-06-13 23:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Netroth\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-13 22:57 - 2014-06-13 22:57 - 00231180 _____ () C:\Users\Netroth\Desktop\bookmarks_6_13_14.html
2014-06-13 20:34 - 2014-06-13 20:34 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-13 20:31 - 2013-11-14 23:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-13 20:31 - 2013-11-14 23:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-13 04:09 - 2014-06-13 23:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-13 04:09 - 2014-06-13 04:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-12 16:21 - 2014-06-12 17:00 - 3144902700 _____ () C:\Users\Netroth\Desktop\Yogsbackup - 1.zip
2014-06-11 23:08 - 2014-06-11 23:08 - 06625904 _____ () C:\Users\Netroth\Downloads\DecoCraft 1.6.4 V1.9a.zip
2014-06-11 23:08 - 2014-06-11 23:08 - 00890649 _____ () C:\Users\Netroth\Downloads\TailorMod1.6.4V1.2.zip
2014-06-11 16:17 - 2014-06-11 16:22 - 00000000 ____D () C:\Users\Netroth\Desktop\Configs
2014-06-11 02:52 - 2014-06-11 02:52 - 00795784 _____ () C:\Users\Netroth\Downloads\Resonant-Engine-1.2.0.348-universal.jar
2014-06-11 02:51 - 2014-06-11 02:51 - 00144141 _____ () C:\Users\Netroth\Downloads\Universal-Electricity-3.1.0.108-core.jar
2014-06-11 02:48 - 2014-06-11 02:48 - 06075516 _____ () C:\Users\Netroth\Downloads\ICBM-1.4.2.386.jar
2014-06-11 02:48 - 2014-06-11 02:48 - 01155307 _____ () C:\Users\Netroth\Downloads\Modular-Force-Field-System-3.6.3.88-core.jar
2014-06-11 02:45 - 2014-06-11 02:45 - 00322720 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-electrical.jar
2014-06-11 02:45 - 2014-06-11 02:45 - 00178096 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-mechanical.jar
2014-06-11 02:44 - 2014-06-11 02:44 - 00112463 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-archaic (1).jar
2014-06-11 02:43 - 2014-06-11 02:44 - 02793388 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-Resonant-Induction Core (1).jar
2014-06-11 02:43 - 2014-06-11 02:43 - 02793388 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-Resonant-Induction Core.jar
2014-06-11 02:43 - 2014-06-11 02:43 - 00157492 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-atomic.jar
2014-06-11 02:43 - 2014-06-11 02:43 - 00112463 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-archaic.jar
2014-06-11 02:28 - 2014-06-12 01:56 - 00000000 ____D () C:\Users\Netroth\Desktop\YCP RPs
2014-06-11 02:17 - 2014-06-11 02:17 - 00054123 _____ () C:\Users\Netroth\Downloads\Sphax_CalclaviaCore_64x.zip
2014-06-11 02:10 - 2014-06-11 02:11 - 24089604 _____ () C:\Users\Netroth\Downloads\Tekkit 64x patch v1.0.4.zip
2014-06-11 02:00 - 2014-06-11 02:02 - 23432587 _____ () C:\Users\Netroth\Downloads\SphaxTekkit64x_Patch.zip
2014-06-09 17:42 - 2014-06-09 17:43 - 07585256 _____ () C:\Users\Netroth\Downloads\Unofficial Dragonborn Patch 2.0.4a - BSA Version.7z
2014-06-09 17:42 - 2014-06-09 17:42 - 01755449 _____ () C:\Users\Netroth\Downloads\Unofficial Hearthfire Patch 2.0.4 - BSA Version.7z
2014-06-09 17:36 - 2014-06-09 17:41 - 83551593 _____ () C:\Users\Netroth\Downloads\Unofficial Skyrim Patch 2.0.4a - BSA Version.7z
2014-06-09 17:12 - 2014-06-09 17:13 - 05386235 _____ () C:\Users\Netroth\Downloads\Unofficial Dawnguard Patch 2.0.4 - BSA Version.7z
2014-06-09 16:54 - 2014-06-09 16:55 - 39407582 _____ () C:\Users\Netroth\Desktop\Skyrim Backups.rar
2014-06-06 16:19 - 2014-06-07 01:41 - 00000000 ____D () C:\Users\Netroth\AppData\Roaming\Notepad++
2014-06-06 16:19 - 2014-06-06 16:20 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-06-06 16:19 - 2014-06-06 16:19 - 00001061 _____ () C:\Users\Test\Desktop\Notepad++.lnk
2014-06-06 16:19 - 2014-06-06 16:19 - 00001061 _____ () C:\Users\Netroth\Desktop\Notepad++.lnk
2014-06-06 16:19 - 2014-06-06 16:19 - 00000000 ____D () C:\Users\Netroth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-06 16:19 - 2014-06-06 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-06 16:17 - 2014-06-06 16:18 - 07648470 _____ () C:\Users\Netroth\Downloads\npp.6.6.4.Installer.exe
2014-06-06 16:12 - 2014-06-06 16:13 - 00000000 ____D () C:\Users\Netroth\Desktop\CC
2014-06-05 21:12 - 2014-06-05 21:25 - 22012596 _____ () C:\Users\Netroth\Downloads\DrZharks MoCreatures Mod v6.1.0.zip
2014-06-05 21:05 - 2014-06-05 21:05 - 00436572 _____ () C:\Users\Netroth\Downloads\Starminer0_9_6_please_extract.zip
2014-06-05 19:44 - 2014-06-05 19:47 - 254383516 _____ () C:\Users\Netroth\Desktop\YogscastCompletePack.rar
2014-06-04 04:56 - 2014-06-04 04:56 - 00004298 _____ () C:\Users\Netroth\Downloads\touchpoint_api.lua
2014-06-04 04:56 - 2014-06-04 04:56 - 00004298 _____ () C:\Users\Netroth\Desktop\touchpoint_api.lua
2014-06-04 04:33 - 2014-06-04 04:25 - 143867769 _____ () C:\Users\Netroth\Desktop\timetravel_demoworld_24022013.zip
2014-06-04 04:16 - 2014-06-04 04:25 - 143867769 _____ () C:\Users\Netroth\Downloads\timetravel_demoworld_24022013.zip
2014-06-03 18:11 - 2014-05-30 20:14 - 00015253 _____ () C:\Users\Netroth\Desktop\Resonant Induction.cfg
2014-05-29 16:26 - 2014-05-29 16:26 - 00002443 _____ () C:\Users\Netroth\Desktop\IDConflicts.txt
2014-05-29 15:50 - 2014-05-29 15:50 - 00788580 _____ () C:\Users\Netroth\Downloads\jd-gui-0.3.6.windows.zip
2014-05-28 16:35 - 2014-05-28 17:16 - 00000000 ____D () C:\Users\Netroth\workspace
2014-05-28 16:16 - 2014-05-30 17:03 - 00000000 ____D () C:\Users\Netroth\Desktop\Res Induc. Edit
2014-05-28 16:09 - 2014-05-28 16:33 - 210335332 _____ () C:\Users\Netroth\Downloads\eclipse-standard-kepler-SR2-win32-x86_64.zip
2014-05-28 14:39 - 2014-05-28 14:39 - 00143912 _____ () C:\Users\Netroth\Downloads\Universal-Electricity-3.1.0.101-core.jar
2014-05-28 14:38 - 2014-05-28 14:38 - 00170731 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.362-mechanical.jar
2014-05-28 14:37 - 2014-05-28 14:37 - 02778093 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.362-Resonant-Induction Core (1).jar
2014-05-28 14:37 - 2014-05-28 14:37 - 00328428 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.362-electrical.jar
2014-05-28 14:37 - 2014-05-28 14:37 - 00163724 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.362-atomic.jar
2014-05-28 14:37 - 2014-05-28 14:37 - 00112610 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.362-archaic.jar
2014-05-28 14:36 - 2014-05-28 14:36 - 02778093 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.362-Resonant-Induction Core.jar
2014-05-28 14:35 - 2014-05-28 14:35 - 00790716 _____ () C:\Users\Netroth\Downloads\Resonant-Engine-1.2.0.343-universal.jar
2014-05-28 14:34 - 2014-05-28 14:34 - 01136239 _____ () C:\Users\Netroth\Downloads\Modular-Force-Field-System-3.6.2.70-core (1).jar
2014-05-28 14:33 - 2014-05-28 14:33 - 06091150 _____ () C:\Users\Netroth\Downloads\ICBM-1.4.2.385.jar
2014-05-28 14:30 - 2014-05-28 14:30 - 00882639 _____ () C:\Users\Netroth\Downloads\ForgeMultipart-universal-1.6.4-1.0.0.250.jar
2014-05-28 01:13 - 2014-05-28 01:13 - 01148096 _____ () C:\Users\Netroth\Downloads\modular-force-field-system-3.6.2.42-core.jar
2014-05-28 01:09 - 2014-05-28 01:13 - 05701632 _____ () C:\Users\Netroth\Downloads\Calclavia Pack_Technic (3).zip
2014-05-28 01:07 - 2014-05-28 01:08 - 01903089 _____ () C:\Users\Netroth\Downloads\Calclavia Pack_FTB_Client.zip
2014-05-28 01:06 - 2014-05-28 01:09 - 03538944 _____ () C:\Users\Netroth\Downloads\Calclavia Pack_Technic (2).zip
2014-05-28 01:05 - 2014-05-28 01:07 - 04101408 _____ () C:\Users\Netroth\Downloads\archive.zip
2014-05-28 01:03 - 2014-05-28 01:05 - 02588672 _____ () C:\Users\Netroth\Downloads\Calclavia Pack_Technic (1).zip
2014-05-28 00:59 - 2014-05-28 01:01 - 02555904 _____ () C:\Users\Netroth\Downloads\Calclavia Pack_Technic.zip
2014-05-27 17:57 - 2014-05-27 19:37 - 00000000 ____D () C:\Windows\XK32
2014-05-27 13:23 - 2014-05-27 13:23 - 01279524 _____ () C:\Users\Netroth\Downloads\Sphax_Witchery1.6.4 (1).zip
2014-05-27 12:45 - 2014-05-27 12:45 - 00000000 ____D () C:\Users\Netroth\Desktop\Azurim
2014-05-27 12:44 - 2014-05-27 12:44 - 178962925 _____ () C:\Users\Netroth\Desktop\Azurim FTB - 27.05.14.zip
2014-05-27 02:04 - 2014-05-27 02:04 - 00155950 _____ () C:\Users\Netroth\Downloads\Sphax_CarpentersBlocks_64x.zip
2014-05-27 02:04 - 2014-05-27 02:04 - 00155950 _____ () C:\Users\Netroth\Desktop\Sphax_CarpentersBlocks_64x.zip
2014-05-27 02:01 - 2014-05-27 02:03 - 53666502 _____ () C:\Users\Netroth\Downloads\MoonQuest Texture Patch 1.8 64x.zip
2014-05-27 00:06 - 2014-05-27 00:07 - 03210837 _____ () C:\Users\Netroth\Downloads\Sphax 64x - Metallurgy 2 r8.rar
2014-05-26 23:52 - 2014-05-26 23:54 - 40712808 _____ () C:\Users\Netroth\Downloads\Sphax_Feed-the-Beast_Addon_MC1.4.7_64x.zip
2014-05-23 17:54 - 2014-05-23 17:37 - 178339925 _____ () C:\Users\Netroth\Desktop\Azurim FTB - 23.05.14.zip
2014-05-20 19:11 - 2014-05-20 19:12 - 01136239 _____ () C:\Users\Netroth\Downloads\Modular-Force-Field-System-3.6.2.70-core.jar
2014-05-20 18:44 - 2014-05-20 18:43 - 01279524 _____ () C:\Users\Netroth\Desktop\Sphax_Witchery1.6.4.zip
2014-05-20 18:43 - 2014-05-20 18:43 - 01279524 _____ () C:\Users\Netroth\Downloads\Sphax_Witchery1.6.4.zip
2014-05-20 17:46 - 2014-05-20 20:20 - 00000000 ____D () C:\Users\Netroth\Desktop\RETURN TO - Yogscast instance, Jarmods
2014-05-20 17:32 - 2014-05-20 17:32 - 00421291 _____ () C:\Users\Netroth\Downloads\OptiFine_1.6.4_HD_U_C6.jar
2014-05-19 23:30 - 2014-05-19 23:30 - 01263192 _____ () C:\Users\Netroth\Downloads\Atomic-Science-1.1.0.49-core.jar
2014-05-19 23:15 - 2014-05-19 23:15 - 00787357 _____ () C:\Users\Netroth\Downloads\Resonant-Engine-1.2.0.340-universal (1).jar
2014-05-19 23:13 - 2014-05-19 23:13 - 01298000 _____ () C:\Users\Netroth\Downloads\Atomic Science-1.2.0.96-core.jar
2014-05-19 22:53 - 2014-05-19 22:53 - 00704675 _____ () C:\Users\Netroth\Downloads\Resonant-Engine-1.2.0.333-universal.jar
2014-05-19 22:45 - 2014-05-19 22:45 - 00782102 _____ () C:\Users\Netroth\Downloads\Calclavia-Core-1.2.0.332-universal (1).jar
2014-05-19 22:39 - 2014-05-19 22:40 - 00782102 _____ () C:\Users\Netroth\Downloads\Calclavia-Core-1.2.0.332-universal.jar
2014-05-19 22:28 - 2014-05-19 22:28 - 00787357 _____ () C:\Users\Netroth\Downloads\Resonant-Engine-1.2.0.340-universal.jar
2014-05-19 22:14 - 2014-05-19 22:14 - 00143631 _____ () C:\Users\Netroth\Downloads\Universal-Electricity-3.1.0.96-core.jar
2014-05-19 22:13 - 2014-05-19 22:13 - 01230590 _____ () C:\Users\Netroth\Downloads\Atomic Science-1.2.0.120-universal.jar
2014-05-19 13:58 - 2014-05-19 13:56 - 159891191 _____ () C:\Users\Netroth\Desktop\Azurim FTB - 19.05.14.rar
2014-05-19 13:58 - 2014-05-19 13:55 - 160285778 _____ () C:\Users\Netroth\Desktop\Azurim FTB - 19.05.14.zip
2014-05-17 19:25 - 2012-02-22 11:08 - 00049586 _____ () C:\Users\Netroth\Desktop\tutorial
2014-05-17 19:10 - 2014-05-17 19:10 - 00011163 _____ () C:\Users\Netroth\Downloads\tutorial.rar
2014-05-17 18:05 - 2014-05-17 18:06 - 00000000 ____D () C:\Users\Netroth\Desktop\textures
2014-05-17 02:15 - 2014-05-17 02:24 - 60289150 _____ () C:\Users\Netroth\Downloads\Attack of the B-Team 32x.zip
2014-05-17 01:55 - 2014-05-17 02:04 - 80877997 _____ () C:\Users\Netroth\Downloads\Attack of the B-Team 64x.zip
2014-05-17 01:39 - 2014-05-17 01:49 - 104723863 _____ () C:\Users\Netroth\Downloads\Attack of the BTeam Sphax 128x Patch - Generikb.zip
2014-05-17 01:30 - 2014-05-17 01:31 - 03719158 _____ () C:\Users\Netroth\Downloads\Witchery x128 WIP.zip
2014-05-15 17:13 - 2014-05-15 17:12 - 00000510 _____ () C:\Users\Netroth\Desktop\Backup-codes-prawnmenn.txt
2014-05-15 17:12 - 2014-05-15 17:12 - 00000510 _____ () C:\Users\Netroth\Downloads\Backup-codes-prawnmenn.txt
2014-05-15 03:37 - 2014-05-15 21:20 - 00000164 _____ () C:\Users\Netroth\Desktop\kevinisweird.txt
2014-05-15 03:14 - 2014-05-06 16:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 03:14 - 2014-05-06 16:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 03:14 - 2014-05-06 15:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 03:14 - 2014-05-06 15:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 03:14 - 2014-05-06 15:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 03:14 - 2014-05-06 14:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 02:25 - 2014-05-15 02:25 - 132317349 _____ () C:\Users\Netroth\Desktop\Azurim FTB - 15.05.14.zip
 
==================== One Month Modified Files and Folders =======
 
2014-06-14 01:46 - 2011-12-10 11:48 - 00000000 ____D () C:\Users\Netroth\AppData\Local\Temp
2014-06-14 01:42 - 2014-06-14 01:42 - 02081792 _____ (Farbar) C:\Users\Netroth\Downloads\FRST64.exe
2014-06-14 01:42 - 2014-06-14 01:35 - 00000000 ____D () C:\FRST
2014-06-14 01:42 - 2014-04-20 01:40 - 00000000 ____D () C:\Users\Netroth\Desktop\WorldPainter Maps
2014-06-14 01:41 - 2012-12-04 15:36 - 00000000 ____D () C:\Users\Netroth\AppData\Roaming\uTorrent
2014-06-14 01:36 - 2012-09-29 14:56 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-14 01:23 - 2014-06-13 23:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-14 01:19 - 2011-12-10 12:00 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1655055398-3632467434-674196435-1001UA.job
2014-06-14 01:10 - 2014-06-14 01:10 - 00019941 _____ () C:\Users\Netroth\Downloads\hijackthis.log
2014-06-14 01:07 - 2014-06-14 00:04 - 00000000 ____D () C:\Users\Netroth\Desktop\Electronic Arts
2014-06-14 01:06 - 2011-12-10 11:48 - 00000000 ____D () C:\Users\Netroth\AppData\Local\VirtualStore
2014-06-14 00:49 - 2014-06-14 00:48 - 00388608 _____ (Trend Micro Inc.) C:\Users\Netroth\Downloads\HijackThis.exe
2014-06-14 00:44 - 2012-02-09 17:42 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1655055398-3632467434-674196435-1001UA.job
2014-06-14 00:27 - 2014-06-14 00:23 - 00000000 ____D () C:\Users\Netroth\Desktop\University of Auckland
2014-06-14 00:26 - 2014-06-14 00:24 - 00000000 ____D () C:\Users\Netroth\Desktop\Watch
2014-06-14 00:25 - 2014-06-14 00:25 - 00000000 ____D () C:\Users\Netroth\Desktop\Azurim Series
2014-06-14 00:25 - 2014-06-14 00:25 - 00000000 ____D () C:\Users\Netroth\Desktop\Animations
2014-06-14 00:22 - 2012-10-06 01:57 - 00000000 ____D () C:\Users\Netroth\Desktop\Folders
2014-06-14 00:21 - 2014-06-14 00:21 - 00000000 ____D () C:\Users\Netroth\Desktop\Skyrim Based Build Pics
2014-06-14 00:20 - 2014-06-14 00:18 - 00000000 ____D () C:\Users\Netroth\Desktop\King's Landing Renders 1.29.13
2014-06-14 00:20 - 2014-06-14 00:18 - 00000000 ____D () C:\Users\Netroth\Desktop\Backgrounds
2014-06-14 00:19 - 2014-06-14 00:18 - 00000000 ____D () C:\Users\Netroth\Desktop\My Voices
2014-06-14 00:08 - 2013-08-14 18:16 - 00000000 ___HD () C:\Users\Netroth\Documents\Electronic Arts
2014-06-14 00:06 - 2011-12-11 07:57 - 01184501 _____ () C:\Windows\WindowsUpdate.log
2014-06-13 23:47 - 2014-06-13 23:46 - 00000000 ____D () C:\Users\Netroth\Desktop\Yogspack Backups
2014-06-13 23:31 - 2009-07-14 16:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-13 23:31 - 2009-07-14 16:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-13 23:22 - 2013-10-23 21:23 - 00000000 ____D () C:\Users\Netroth\AppData\Local\TSVNCache
2014-06-13 23:22 - 2011-12-10 12:02 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-13 23:21 - 2011-12-11 08:09 - 00000035 ____H () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-06-13 23:19 - 2011-12-11 12:56 - 00000000 ____D () C:\ProgramData\clear.fi
2014-06-13 23:19 - 2009-07-14 17:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-13 23:19 - 2009-07-14 16:51 - 00143301 _____ () C:\Windows\setupact.log
2014-06-13 23:08 - 2014-06-13 23:08 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-13 23:08 - 2014-06-13 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-13 23:08 - 2014-06-13 04:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-13 23:06 - 2014-06-13 23:03 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Netroth\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-13 22:57 - 2014-06-13 22:57 - 00231180 _____ () C:\Users\Netroth\Desktop\bookmarks_6_13_14.html
2014-06-13 22:52 - 2012-01-01 23:06 - 00000000 ____D () C:\Users\Netroth\AppData\Local\Adobe
2014-06-13 22:35 - 2011-12-10 11:48 - 00000000 ____D () C:\Users\Netroth
2014-06-13 22:34 - 2014-05-07 03:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-13 22:34 - 2012-04-30 16:29 - 00000000 ____D () C:\Users\Test
2014-06-13 22:34 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-13 22:33 - 2014-04-30 01:48 - 00000000 ____D () C:\Users\Netroth\Desktop\Minecraft Modified
2014-06-13 22:33 - 2014-02-21 17:28 - 00000000 ____D () C:\Windows\.jagex_cache_32
2014-06-13 22:33 - 2013-12-17 15:01 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-13 22:33 - 2013-12-17 15:01 - 00000000 ____D () C:\Windows\system32\NV
2014-06-13 22:33 - 2013-10-07 20:52 - 00000000 ____D () C:\ProgramData\DoiwwnloAd keeepeR
2014-06-13 22:33 - 2012-11-15 23:35 - 00000000 ____D () C:\Users\Netroth\AppData\Roaming\vlc
2014-06-13 22:33 - 2012-05-27 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-13 22:33 - 2011-12-11 07:56 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-13 22:33 - 2011-12-11 07:56 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-13 22:33 - 2011-12-10 11:50 - 00000000 ___RD () C:\Users\Netroth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-13 22:33 - 2011-12-10 11:48 - 00000000 ____D () C:\Users\Netroth\AppData\Local\PowerCinema
2014-06-13 22:33 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\Help
2014-06-13 22:33 - 2009-07-14 15:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-13 22:32 - 2010-11-21 19:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-06-13 22:32 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\registration
2014-06-13 22:30 - 2013-12-17 14:06 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-13 22:30 - 2011-12-10 11:59 - 00000000 ____D () C:\Users\Netroth\AppData\Local\Google
2014-06-13 22:29 - 2011-06-08 19:10 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-06-13 20:39 - 2011-12-11 07:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-13 20:36 - 2013-12-17 14:59 - 00000000 ____D () C:\Users\Netroth\AppData\Local\NVIDIA Corporation
2014-06-13 20:34 - 2014-06-13 20:34 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-13 17:12 - 2011-12-12 19:06 - 00000046 _____ () C:\Users\Netroth\jagex_cl_runescape_LIVE.dat
2014-06-13 16:36 - 2011-12-10 23:01 - 00000000 ____D () C:\Users\Netroth\AppData\Local\CrashDumps
2014-06-13 04:09 - 2014-06-13 04:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-12 23:23 - 2014-04-20 01:41 - 00000000 ____D () C:\Users\Netroth\Desktop\Pics to sort
2014-06-12 17:00 - 2014-06-12 16:21 - 3144902700 _____ () C:\Users\Netroth\Desktop\Yogsbackup - 1.zip
2014-06-12 03:25 - 2013-08-14 11:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 01:56 - 2014-06-11 02:28 - 00000000 ____D () C:\Users\Netroth\Desktop\YCP RPs
2014-06-11 23:08 - 2014-06-11 23:08 - 06625904 _____ () C:\Users\Netroth\Downloads\DecoCraft 1.6.4 V1.9a.zip
2014-06-11 23:08 - 2014-06-11 23:08 - 00890649 _____ () C:\Users\Netroth\Downloads\TailorMod1.6.4V1.2.zip
2014-06-11 16:22 - 2014-06-11 16:17 - 00000000 ____D () C:\Users\Netroth\Desktop\Configs
2014-06-11 02:52 - 2014-06-11 02:52 - 00795784 _____ () C:\Users\Netroth\Downloads\Resonant-Engine-1.2.0.348-universal.jar
2014-06-11 02:51 - 2014-06-11 02:51 - 00144141 _____ () C:\Users\Netroth\Downloads\Universal-Electricity-3.1.0.108-core.jar
2014-06-11 02:48 - 2014-06-11 02:48 - 06075516 _____ () C:\Users\Netroth\Downloads\ICBM-1.4.2.386.jar
2014-06-11 02:48 - 2014-06-11 02:48 - 01155307 _____ () C:\Users\Netroth\Downloads\Modular-Force-Field-System-3.6.3.88-core.jar
2014-06-11 02:45 - 2014-06-11 02:45 - 00322720 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-electrical.jar
2014-06-11 02:45 - 2014-06-11 02:45 - 00178096 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-mechanical.jar
2014-06-11 02:44 - 2014-06-11 02:44 - 00112463 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-archaic (1).jar
2014-06-11 02:44 - 2014-06-11 02:43 - 02793388 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-Resonant-Induction Core (1).jar
2014-06-11 02:43 - 2014-06-11 02:43 - 02793388 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-Resonant-Induction Core.jar
2014-06-11 02:43 - 2014-06-11 02:43 - 00157492 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-atomic.jar
2014-06-11 02:43 - 2014-06-11 02:43 - 00112463 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.366-archaic.jar
2014-06-11 02:17 - 2014-06-11 02:17 - 00054123 _____ () C:\Users\Netroth\Downloads\Sphax_CalclaviaCore_64x.zip
2014-06-11 02:11 - 2014-06-11 02:10 - 24089604 _____ () C:\Users\Netroth\Downloads\Tekkit 64x patch v1.0.4.zip
2014-06-11 02:02 - 2014-06-11 02:00 - 23432587 _____ () C:\Users\Netroth\Downloads\SphaxTekkit64x_Patch.zip
2014-06-09 17:43 - 2014-06-09 17:42 - 07585256 _____ () C:\Users\Netroth\Downloads\Unofficial Dragonborn Patch 2.0.4a - BSA Version.7z
2014-06-09 17:42 - 2014-06-09 17:42 - 01755449 _____ () C:\Users\Netroth\Downloads\Unofficial Hearthfire Patch 2.0.4 - BSA Version.7z
2014-06-09 17:41 - 2014-06-09 17:36 - 83551593 _____ () C:\Users\Netroth\Downloads\Unofficial Skyrim Patch 2.0.4a - BSA Version.7z
2014-06-09 17:13 - 2014-06-09 17:12 - 05386235 _____ () C:\Users\Netroth\Downloads\Unofficial Dawnguard Patch 2.0.4 - BSA Version.7z
2014-06-09 16:55 - 2014-06-09 16:54 - 39407582 _____ () C:\Users\Netroth\Desktop\Skyrim Backups.rar
2014-06-07 02:15 - 2012-02-29 17:57 - 19891200 ___SH () C:\Users\Netroth\Desktop\Thumbs.db
2014-06-07 02:09 - 2012-04-30 16:29 - 00000000 ____D () C:\Users\Test\AppData\Local\Temp
2014-06-07 01:41 - 2014-06-06 16:19 - 00000000 ____D () C:\Users\Netroth\AppData\Roaming\Notepad++
2014-06-06 16:20 - 2014-06-06 16:19 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-06-06 16:19 - 2014-06-06 16:19 - 00001061 _____ () C:\Users\Test\Desktop\Notepad++.lnk
2014-06-06 16:19 - 2014-06-06 16:19 - 00001061 _____ () C:\Users\Netroth\Desktop\Notepad++.lnk
2014-06-06 16:19 - 2014-06-06 16:19 - 00000000 ____D () C:\Users\Netroth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-06 16:19 - 2014-06-06 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-06-06 16:18 - 2014-06-06 16:17 - 07648470 _____ () C:\Users\Netroth\Downloads\npp.6.6.4.Installer.exe
2014-06-06 16:13 - 2014-06-06 16:12 - 00000000 ____D () C:\Users\Netroth\Desktop\CC
2014-06-06 16:00 - 2012-02-09 17:42 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1655055398-3632467434-674196435-1001Core.job
2014-06-06 15:53 - 2012-04-30 16:35 - 00000000 ____D () C:\Users\Test\AppData\Local\CrashDumps
2014-06-06 04:19 - 2011-12-10 12:00 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1655055398-3632467434-674196435-1001Core.job
2014-06-05 21:25 - 2014-06-05 21:12 - 22012596 _____ () C:\Users\Netroth\Downloads\DrZharks MoCreatures Mod v6.1.0.zip
2014-06-05 21:17 - 2011-12-10 12:28 - 00000000 ____D () C:\Users\Netroth\AppData\Roaming\.minecraft
2014-06-05 21:05 - 2014-06-05 21:05 - 00436572 _____ () C:\Users\Netroth\Downloads\Starminer0_9_6_please_extract.zip
2014-06-05 19:47 - 2014-06-05 19:44 - 254383516 _____ () C:\Users\Netroth\Desktop\YogscastCompletePack.rar
2014-06-04 04:56 - 2014-06-04 04:56 - 00004298 _____ () C:\Users\Netroth\Downloads\touchpoint_api.lua
2014-06-04 04:56 - 2014-06-04 04:56 - 00004298 _____ () C:\Users\Netroth\Desktop\touchpoint_api.lua
2014-06-04 04:25 - 2014-06-04 04:33 - 143867769 _____ () C:\Users\Netroth\Desktop\timetravel_demoworld_24022013.zip
2014-06-04 04:25 - 2014-06-04 04:16 - 143867769 _____ () C:\Users\Netroth\Downloads\timetravel_demoworld_24022013.zip
2014-06-03 18:10 - 2011-12-12 19:06 - 00000024 _____ () C:\Users\Netroth\random.dat
2014-06-03 18:00 - 2013-09-16 23:13 - 00000024 _____ () C:\Users\Netroth\jagexappletviewer.preferences
2014-06-02 16:22 - 2012-11-15 23:35 - 00000000 ____D () C:\Users\Netroth\AppData\Roaming\dvdcss
2014-06-01 23:04 - 2012-12-27 01:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-01 21:30 - 2014-03-02 22:11 - 00000000 ____D () C:\Users\Test\AppData\Local\TSVNCache
2014-06-01 21:30 - 2012-04-30 16:29 - 00000000 ___RD () C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-01 21:30 - 2012-04-30 16:29 - 00000000 ___RD () C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-30 20:14 - 2014-06-03 18:11 - 00015253 _____ () C:\Users\Netroth\Desktop\Resonant Induction.cfg
2014-05-30 17:03 - 2014-05-28 16:16 - 00000000 ____D () C:\Users\Netroth\Desktop\Res Induc. Edit
2014-05-29 16:26 - 2014-05-29 16:26 - 00002443 _____ () C:\Users\Netroth\Desktop\IDConflicts.txt
2014-05-29 15:50 - 2014-05-29 15:50 - 00788580 _____ () C:\Users\Netroth\Downloads\jd-gui-0.3.6.windows.zip
2014-05-28 17:16 - 2014-05-28 16:35 - 00000000 ____D () C:\Users\Netroth\workspace
2014-05-28 16:33 - 2014-05-28 16:09 - 210335332 _____ () C:\Users\Netroth\Downloads\eclipse-standard-kepler-SR2-win32-x86_64.zip
2014-05-28 14:39 - 2014-05-28 14:39 - 00143912 _____ () C:\Users\Netroth\Downloads\Universal-Electricity-3.1.0.101-core.jar
2014-05-28 14:38 - 2014-05-28 14:38 - 00170731 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.362-mechanical.jar
2014-05-28 14:37 - 2014-05-28 14:37 - 02778093 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.362-Resonant-Induction Core (1).jar
2014-05-28 14:37 - 2014-05-28 14:37 - 00328428 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.362-electrical.jar
2014-05-28 14:37 - 2014-05-28 14:37 - 00163724 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.362-atomic.jar
2014-05-28 14:37 - 2014-05-28 14:37 - 00112610 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.362-archaic.jar
2014-05-28 14:36 - 2014-05-28 14:36 - 02778093 _____ () C:\Users\Netroth\Downloads\Resonant-Induction-0.3.1.362-Resonant-Induction Core.jar
2014-05-28 14:35 - 2014-05-28 14:35 - 00790716 _____ () C:\Users\Netroth\Downloads\Resonant-Engine-1.2.0.343-universal.jar
2014-05-28 14:34 - 2014-05-28 14:34 - 01136239 _____ () C:\Users\Netroth\Downloads\Modular-Force-Field-System-3.6.2.70-core (1).jar
2014-05-28 14:33 - 2014-05-28 14:33 - 06091150 _____ () C:\Users\Netroth\Downloads\ICBM-1.4.2.385.jar
2014-05-28 14:30 - 2014-05-28 14:30 - 00882639 _____ () C:\Users\Netroth\Downloads\ForgeMultipart-universal-1.6.4-1.0.0.250.jar
2014-05-28 01:13 - 2014-05-28 01:13 - 01148096 _____ () C:\Users\Netroth\Downloads\modular-force-field-system-3.6.2.42-core.jar
2014-05-28 01:13 - 2014-05-28 01:09 - 05701632 _____ () C:\Users\Netroth\Downloads\Calclavia Pack_Technic (3).zip
2014-05-28 01:09 - 2014-05-28 01:06 - 03538944 _____ () C:\Users\Netroth\Downloads\Calclavia Pack_Technic (2).zip
2014-05-28 01:08 - 2014-05-28 01:07 - 01903089 _____ () C:\Users\Netroth\Downloads\Calclavia Pack_FTB_Client.zip
2014-05-28 01:07 - 2014-05-28 01:05 - 04101408 _____ () C:\Users\Netroth\Downloads\archive.zip
2014-05-28 01:05 - 2014-05-28 01:03 - 02588672 _____ () C:\Users\Netroth\Downloads\Calclavia Pack_Technic (1).zip
2014-05-28 01:01 - 2014-05-28 00:59 - 02555904 _____ () C:\Users\Netroth\Downloads\Calclavia Pack_Technic.zip
2014-05-28 00:37 - 2009-07-14 17:13 - 00783360 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 19:37 - 2014-05-27 17:57 - 00000000 ____D () C:\Windows\XK32
2014-05-27 18:34 - 2012-01-01 19:19 - 01050112 ___SH () C:\Users\Netroth\Documents\Thumbs.db
2014-05-27 13:23 - 2014-05-27 13:23 - 01279524 _____ () C:\Users\Netroth\Downloads\Sphax_Witchery1.6.4 (1).zip
2014-05-27 12:45 - 2014-05-27 12:45 - 00000000 ____D () C:\Users\Netroth\Desktop\Azurim
2014-05-27 12:44 - 2014-05-27 12:44 - 178962925 _____ () C:\Users\Netroth\Desktop\Azurim FTB - 27.05.14.zip
2014-05-27 02:04 - 2014-05-27 02:04 - 00155950 _____ () C:\Users\Netroth\Downloads\Sphax_CarpentersBlocks_64x.zip
2014-05-27 02:04 - 2014-05-27 02:04 - 00155950 _____ () C:\Users\Netroth\Desktop\Sphax_CarpentersBlocks_64x.zip
2014-05-27 02:03 - 2014-05-27 02:01 - 53666502 _____ () C:\Users\Netroth\Downloads\MoonQuest Texture Patch 1.8 64x.zip
2014-05-27 00:07 - 2014-05-27 00:06 - 03210837 _____ () C:\Users\Netroth\Downloads\Sphax 64x - Metallurgy 2 r8.rar
2014-05-26 23:54 - 2014-05-26 23:52 - 40712808 _____ () C:\Users\Netroth\Downloads\Sphax_Feed-the-Beast_Addon_MC1.4.7_64x.zip
2014-05-26 01:46 - 2009-07-14 15:20 - 00000000 ____D () C:\Windows\rescache
2014-05-23 17:37 - 2014-05-23 17:54 - 178339925 _____ () C:\Users\Netroth\Desktop\Azurim FTB - 23.05.14.zip
2014-05-22 17:40 - 2012-10-05 02:06 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-22 17:30 - 2010-11-21 15:47 - 00206686 _____ () C:\Windows\PFRO.log
2014-05-20 20:20 - 2014-05-20 17:46 - 00000000 ____D () C:\Users\Netroth\Desktop\RETURN TO - Yogscast instance, Jarmods
2014-05-20 19:12 - 2014-05-20 19:11 - 01136239 _____ () C:\Users\Netroth\Downloads\Modular-Force-Field-System-3.6.2.70-core.jar
2014-05-20 18:43 - 2014-05-20 18:44 - 01279524 _____ () C:\Users\Netroth\Desktop\Sphax_Witchery1.6.4.zip
2014-05-20 18:43 - 2014-05-20 18:43 - 01279524 _____ () C:\Users\Netroth\Downloads\Sphax_Witchery1.6.4.zip
2014-05-20 17:32 - 2014-05-20 17:32 - 00421291 _____ () C:\Users\Netroth\Downloads\OptiFine_1.6.4_HD_U_C6.jar
2014-05-19 23:30 - 2014-05-19 23:30 - 01263192 _____ () C:\Users\Netroth\Downloads\Atomic-Science-1.1.0.49-core.jar
2014-05-19 23:15 - 2014-05-19 23:15 - 00787357 _____ () C:\Users\Netroth\Downloads\Resonant-Engine-1.2.0.340-universal (1).jar
2014-05-19 23:13 - 2014-05-19 23:13 - 01298000 _____ () C:\Users\Netroth\Downloads\Atomic Science-1.2.0.96-core.jar
2014-05-19 22:53 - 2014-05-19 22:53 - 00704675 _____ () C:\Users\Netroth\Downloads\Resonant-Engine-1.2.0.333-universal.jar
2014-05-19 22:45 - 2014-05-19 22:45 - 00782102 _____ () C:\Users\Netroth\Downloads\Calclavia-Core-1.2.0.332-universal (1).jar
2014-05-19 22:40 - 2014-05-19 22:39 - 00782102 _____ () C:\Users\Netroth\Downloads\Calclavia-Core-1.2.0.332-universal.jar
2014-05-19 22:28 - 2014-05-19 22:28 - 00787357 _____ () C:\Users\Netroth\Downloads\Resonant-Engine-1.2.0.340-universal.jar
2014-05-19 22:14 - 2014-05-19 22:14 - 00143631 _____ () C:\Users\Netroth\Downloads\Universal-Electricity-3.1.0.96-core.jar
2014-05-19 22:13 - 2014-05-19 22:13 - 01230590 _____ () C:\Users\Netroth\Downloads\Atomic Science-1.2.0.120-universal.jar
2014-05-19 21:56 - 2013-11-11 10:13 - 00000997 _____ () C:\Users\Public\Desktop\REAPER (x64).lnk
2014-05-19 13:56 - 2014-05-19 13:58 - 159891191 _____ () C:\Users\Netroth\Desktop\Azurim FTB - 19.05.14.rar
2014-05-19 13:55 - 2014-05-19 13:58 - 160285778 _____ () C:\Users\Netroth\Desktop\Azurim FTB - 19.05.14.zip
2014-05-17 19:10 - 2014-05-17 19:10 - 00011163 _____ () C:\Users\Netroth\Downloads\tutorial.rar
2014-05-17 18:06 - 2014-05-17 18:05 - 00000000 ____D () C:\Users\Netroth\Desktop\textures
2014-05-17 02:24 - 2014-05-17 02:15 - 60289150 _____ () C:\Users\Netroth\Downloads\Attack of the B-Team 32x.zip
2014-05-17 02:04 - 2014-05-17 01:55 - 80877997 _____ () C:\Users\Netroth\Downloads\Attack of the B-Team 64x.zip
2014-05-17 01:49 - 2014-05-17 01:39 - 104723863 _____ () C:\Users\Netroth\Downloads\Attack of the BTeam Sphax 128x Patch - Generikb.zip
2014-05-17 01:31 - 2014-05-17 01:30 - 03719158 _____ () C:\Users\Netroth\Downloads\Witchery x128 WIP.zip
2014-05-15 21:20 - 2014-05-15 03:37 - 00000164 _____ () C:\Users\Netroth\Desktop\kevinisweird.txt
2014-05-15 17:12 - 2014-05-15 17:13 - 00000510 _____ () C:\Users\Netroth\Desktop\Backup-codes-prawnmenn.txt
2014-05-15 17:12 - 2014-05-15 17:12 - 00000510 _____ () C:\Users\Netroth\Downloads\Backup-codes-prawnmenn.txt
2014-05-15 13:58 - 2011-12-10 11:50 - 00000000 ___RD () C:\Users\Netroth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 03:04 - 2012-11-14 17:16 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 02:25 - 2014-05-15 02:25 - 132317349 _____ () C:\Users\Netroth\Desktop\Azurim FTB - 15.05.14.zip
2014-05-15 01:40 - 2012-09-29 14:56 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-15 01:40 - 2012-09-29 14:56 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 01:40 - 2012-09-29 14:56 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
 
Files to move or delete:
====================
C:\Users\Netroth\jagex_cl_runescape_LIVE.dat
C:\Users\Netroth\jagex_cl_runescape_LIVE1.dat
C:\Users\Netroth\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\Netroth\jagex_cl_speccollect_LIVE.dat
C:\Users\Netroth\random.dat
C:\Users\Netroth\worldpainter_64_1.2.5.exe
C:\Users\Netroth\worldpainter_64_1.5.0.exe
C:\Users\Netroth\worldpainter_64_1.6.4.exe
 
 
Some content of TEMP:
====================
C:\Users\Netroth\AppData\Local\Temp\down.17272.newtab_setup.exe
C:\Users\Netroth\AppData\Local\Temp\down.18588.ext_setup.exe
C:\Users\Netroth\AppData\Local\Temp\EAD7836.exe
C:\Users\Netroth\AppData\Local\Temp\GUR9ECD.exe
C:\Users\Netroth\AppData\Local\Temp\Gw2.exe
C:\Users\Netroth\AppData\Local\Temp\i4jdel0.exe
C:\Users\Netroth\AppData\Local\Temp\ICReinstall_PMB_updater.exe
C:\Users\Netroth\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R1.0-b2788jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-b2838jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R1.0-b2879jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-164-251.dll
C:\Users\Netroth\AppData\Local\Temp\jblas1112472921421216207libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas1183089336288930192libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas139582770625245328jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas1402290047374413437libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas1434629025182506230libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas1489519053186897012jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas151909331597118826libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas1548985005037012807libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas1634132656229826225jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas1639660586743788648jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas1698951704635560372jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas170131850579086962jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas1758740672207962137libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas1804826693563329492jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas1818041055071295573jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas1912020977727120072libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas200714988704125978libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas2022466636315746376libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas2220529959564459687jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas2238284668769506946libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas2414261429630892263libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas2457095924735348753libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas2539171138879581168libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas2542126645947345674jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas2559014460176657683jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas2593401148157933877jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas2604871116628457075jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas264802407917125095jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas2754569592286701495jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas2801821243302355187jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3062382070742279376libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3091522830281319290jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3133746834051721872libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3149781760660024670jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas315821688453003769jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3316629025148289688libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3320979985823472251jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3385071030156974215libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3432946681450041564jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3473395330146716621libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3540261587600228853jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3544539355897799633libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas356814143573936631libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3593355746101820070libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3623251324157212875jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas38304033255925521jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas385109084293206046libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas3970188523654959757libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas402015670379149103jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas409018023742718368jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4099951923514875607jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4169929838828706891jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4213074263526285131jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4271916015977846212libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4371757563827378755jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4418978508487923167jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4467520028011559817libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4485485457359652167libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4519967590441723584jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4571056466854196471libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4605588708825299549libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4630013012010551642libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4750448750579401300jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas4774055446412041051libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5063340212775272149jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5072606721660909651jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5095480235191596883jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5150325962933094140jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5210440891406974784libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5214881616664259746libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5303853142432267997libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5307922130053334929libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas543036258392102753jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5451737675595088880jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas545949441275989785libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5480703710993508626libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5525608609131771550jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5562113823220127861libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5613217962629912625jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5660499785518610358jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5741253957617697427jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5811966199877809354jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas588437079685742184libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5940698848421685591jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas5954349668363499926libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas596147214671233507libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6019866763502791882libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6121168146358379201libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6151358280169315868jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6253608974546442106jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6314521102080910740jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6372409542118455072libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6379244059985646954libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas659227944628338745libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6743579598450546049jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6758074404196013348libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6770350299610782878jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6797619818307203833libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6843223785825607376jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6912042820800418601jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6942862017437676966jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas6943292064380552402jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas700619006729921244libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas7073509484742919408libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas7077913045237505533libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas7158003409512335517libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas726665395625396996jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas730639237356281627jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas7417488888165215781libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas7449830263228785518jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas7486130142756382379libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas7501449640845655591libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas7541510004386785975jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas7803832804434886943libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8009606307523855691jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8031077134583572118jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas811700894661903392libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8205753555316673500jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8227252730129430143jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8265743816832284851libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8266541034160984158libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8283837763039462852jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8284943747674469819jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8297661332679182253libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8367459045425405359jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas839974017570091900libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8422546079589332271jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8444455907418671237libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8504814009529344727libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8537531504587437729libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8716574343845066434libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas8953916974752325108libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas9044583601801205258libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas9064319879619007372libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas9077024776036922092jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas9091262926690721483libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\jblas9127482619663915814libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\jblas9181660811749785464jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jblas9187141349929597116jblas_arch_flavor.dll
C:\Users\Netroth\AppData\Local\Temp\jblas951503374416403535jblas.dll
C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_0_1-R1-b1597jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R2-1-gae6a811-b1841jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R2-b1840jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R3-13-gb3c56b8-b1871jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-11-g24b8704-b2006jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-29-gd6d767e-b2029jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-33-gb66156b-b2034jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-45-g39dde73-b2044jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-9-g66ea5a9-b2000jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-b1988jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_2_4-R1_0-b2126jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_2_5-R1_0-b2149jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_8_1-R4-17-g04a14f7-b1493jnks.dll
C:\Users\Netroth\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Netroth\AppData\Local\Temp\libgcc_s_sjlj-1.dll
C:\Users\Netroth\AppData\Local\Temp\libgfortran-3.dll
C:\Users\Netroth\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Netroth\AppData\Local\Temp\OpenComputersMod-native.64.dll
C:\Users\Netroth\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe
C:\Users\Netroth\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Netroth\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Netroth\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Netroth\AppData\Local\Temp\Tsu89ADB58F.dll
C:\Users\Netroth\AppData\Local\Temp\TsuC027696F.dll
C:\Users\Netroth\AppData\Local\Temp\uninstall.exe
C:\Users\Netroth\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Netroth\AppData\Local\Temp\uttCE08.tmp.exe
C:\Users\Netroth\AppData\Local\Temp\wmpfirefoxplugin.exe
C:\Users\Netroth\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Netroth\AppData\Local\Temp\_isC65F.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-05-29 19:35
 
==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

There are two security programs on your system with AV components, that is counterproductive, ensure to uninstall one asap.

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.


Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button.
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

Open Malwarebytes 2.0, run a Threat Scan

 


On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

 

Post log:

 


After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

 

Let me see those logs, also give an update on any remaining issues or concerns....

 

Kevin....

 

 

 

 

 

fixlist.txt

Link to post
Share on other sites
Netroth

Netroth

Posted
  • Author
Posted
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-06-2014 02

Ran by Netroth at 2014-06-14 02:16:09 Run:1

Running from C:\Users\Netroth\Desktop\WorldPainter Maps

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

Start

HKU\S-1-5-21-1655055398-3632467434-674196435-1001\...\MountPoints2: {10346995-e5e4-11e1-b066-b870f4a0cc59} - E:\WIN\setup.exe

HKU\S-1-5-21-1655055398-3632467434-674196435-1001\...\MountPoints2: {fe16254d-46c2-11e2-b06d-b870f4a0cc59} - G:\autorun.exe

HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => "C:\Users\Netroth\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe"  /MINIMIZED

HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {10346995-e5e4-11e1-b066-b870f4a0cc59} - E:\WIN\setup.exe

HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {fe16254d-46c2-11e2-b06d-b870f4a0cc59} - G:\autorun.exe

S3 SWUMX20; system32\DRIVERS\swumx20.sys [X]

S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

C:\Users\Netroth\jagex_cl_runescape_LIVE.dat

C:\Users\Netroth\jagex_cl_runescape_LIVE1.dat

C:\Users\Netroth\jagex_cl_runescape_LIVE_BETA.dat

C:\Users\Netroth\jagex_cl_speccollect_LIVE.dat

C:\Users\Netroth\random.dat

C:\Users\Netroth\worldpainter_64_1.2.5.exe

C:\Users\Netroth\worldpainter_64_1.5.0.exe

C:\Users\Netroth\worldpainter_64_1.6.4.exe

C:\Users\Netroth\AppData\Local\Temp\down.17272.newtab_setup.exe

C:\Users\Netroth\AppData\Local\Temp\down.18588.ext_setup.exe

C:\Users\Netroth\AppData\Local\Temp\EAD7836.exe

C:\Users\Netroth\AppData\Local\Temp\GUR9ECD.exe

C:\Users\Netroth\AppData\Local\Temp\Gw2.exe

C:\Users\Netroth\AppData\Local\Temp\i4jdel0.exe

C:\Users\Netroth\AppData\Local\Temp\ICReinstall_PMB_updater.exe

C:\Users\Netroth\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R1.0-b2788jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-b2838jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R1.0-b2879jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-164-251.dll

C:\Users\Netroth\AppData\Local\Temp\jblas1112472921421216207libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas1183089336288930192libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas139582770625245328jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas1402290047374413437libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas1434629025182506230libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas1489519053186897012jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas151909331597118826libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas1548985005037012807libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas1634132656229826225jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas1639660586743788648jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas1698951704635560372jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas170131850579086962jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas1758740672207962137libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas1804826693563329492jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas1818041055071295573jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas1912020977727120072libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas200714988704125978libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas2022466636315746376libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas2220529959564459687jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas2238284668769506946libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas2414261429630892263libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas2457095924735348753libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas2539171138879581168libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas2542126645947345674jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas2559014460176657683jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas2593401148157933877jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas2604871116628457075jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas264802407917125095jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas2754569592286701495jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas2801821243302355187jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3062382070742279376libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3091522830281319290jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3133746834051721872libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3149781760660024670jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas315821688453003769jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3316629025148289688libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3320979985823472251jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3385071030156974215libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3432946681450041564jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3473395330146716621libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3540261587600228853jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3544539355897799633libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas356814143573936631libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3593355746101820070libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3623251324157212875jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas38304033255925521jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas385109084293206046libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas3970188523654959757libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas402015670379149103jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas409018023742718368jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4099951923514875607jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4169929838828706891jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4213074263526285131jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4271916015977846212libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4371757563827378755jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4418978508487923167jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4467520028011559817libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4485485457359652167libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4519967590441723584jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4571056466854196471libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4605588708825299549libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4630013012010551642libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4750448750579401300jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas4774055446412041051libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5063340212775272149jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5072606721660909651jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5095480235191596883jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5150325962933094140jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5210440891406974784libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5214881616664259746libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5303853142432267997libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5307922130053334929libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas543036258392102753jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5451737675595088880jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas545949441275989785libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5480703710993508626libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5525608609131771550jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5562113823220127861libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5613217962629912625jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5660499785518610358jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5741253957617697427jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5811966199877809354jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas588437079685742184libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5940698848421685591jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas5954349668363499926libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas596147214671233507libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6019866763502791882libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6121168146358379201libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6151358280169315868jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6253608974546442106jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6314521102080910740jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6372409542118455072libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6379244059985646954libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas659227944628338745libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6743579598450546049jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6758074404196013348libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6770350299610782878jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6797619818307203833libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6843223785825607376jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6912042820800418601jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6942862017437676966jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas6943292064380552402jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas700619006729921244libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas7073509484742919408libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas7077913045237505533libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas7158003409512335517libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas726665395625396996jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas730639237356281627jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas7417488888165215781libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas7449830263228785518jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas7486130142756382379libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas7501449640845655591libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas7541510004386785975jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas7803832804434886943libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8009606307523855691jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8031077134583572118jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas811700894661903392libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8205753555316673500jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8227252730129430143jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8265743816832284851libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8266541034160984158libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8283837763039462852jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8284943747674469819jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8297661332679182253libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8367459045425405359jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas839974017570091900libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8422546079589332271jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8444455907418671237libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8504814009529344727libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8537531504587437729libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8716574343845066434libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas8953916974752325108libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas9044583601801205258libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas9064319879619007372libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas9077024776036922092jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas9091262926690721483libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\jblas9127482619663915814libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\jblas9181660811749785464jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jblas9187141349929597116jblas_arch_flavor.dll

C:\Users\Netroth\AppData\Local\Temp\jblas951503374416403535jblas.dll

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_0_1-R1-b1597jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R2-1-gae6a811-b1841jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R2-b1840jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R3-13-gb3c56b8-b1871jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-11-g24b8704-b2006jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-29-gd6d767e-b2029jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-33-gb66156b-b2034jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-45-g39dde73-b2044jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-9-g66ea5a9-b2000jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-b1988jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_2_4-R1_0-b2126jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_2_5-R1_0-b2149jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_8_1-R4-17-g04a14f7-b1493jnks.dll

C:\Users\Netroth\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\Netroth\AppData\Local\Temp\libgcc_s_sjlj-1.dll

C:\Users\Netroth\AppData\Local\Temp\libgfortran-3.dll

C:\Users\Netroth\AppData\Local\Temp\MSETUP4.EXE

C:\Users\Netroth\AppData\Local\Temp\OpenComputersMod-native.64.dll

C:\Users\Netroth\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe

C:\Users\Netroth\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Netroth\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

C:\Users\Netroth\AppData\Local\Temp\swt-win32-3349.dll

C:\Users\Netroth\AppData\Local\Temp\Tsu89ADB58F.dll

C:\Users\Netroth\AppData\Local\Temp\TsuC027696F.dll

C:\Users\Netroth\AppData\Local\Temp\uninstall.exe

C:\Users\Netroth\AppData\Local\Temp\UninstallEADM.dll

C:\Users\Netroth\AppData\Local\Temp\uttCE08.tmp.exe

C:\Users\Netroth\AppData\Local\Temp\wmpfirefoxplugin.exe

C:\Users\Netroth\AppData\Local\Temp\xmlUpdater.exe

C:\Users\Netroth\AppData\Local\Temp\_isC65F.exe

AlternateDataStreams: C:\ProgramData\Temp:5D458568

End

*****************

 

'HKU\S-1-5-21-1655055398-3632467434-674196435-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10346995-e5e4-11e1-b066-b870f4a0cc59}' => Key deleted successfully.

'HKCR\CLSID\{10346995-e5e4-11e1-b066-b870f4a0cc59}'=> Key not found.

'HKU\S-1-5-21-1655055398-3632467434-674196435-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fe16254d-46c2-11e2-b06d-b870f4a0cc59}' => Key deleted successfully.

'HKCR\CLSID\{fe16254d-46c2-11e2-b06d-b870f4a0cc59}'=> Key not found.

HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => Value not found.

'HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {10346995-e5e4-11e1-b066-b870f4a0cc59}'=> Key not found.

'HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {10346995-e5e4-11e1-b066-b870f4a0cc59}'=> Key not found.

'HKU\S-1-5-21-1655055398-3632467434-674196435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {fe16254d-46c2-11e2-b06d-b870f4a0cc59}'=> Key not found.

'HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {fe16254d-46c2-11e2-b06d-b870f4a0cc59}'=> Key not found.

SWUMX20 => Service deleted successfully.

X6va011 => Service deleted successfully.

C:\Users\Netroth\jagex_cl_runescape_LIVE.dat => Moved successfully.

C:\Users\Netroth\jagex_cl_runescape_LIVE1.dat => Moved successfully.

C:\Users\Netroth\jagex_cl_runescape_LIVE_BETA.dat => Moved successfully.

C:\Users\Netroth\jagex_cl_speccollect_LIVE.dat => Moved successfully.

C:\Users\Netroth\random.dat => Moved successfully.

C:\Users\Netroth\worldpainter_64_1.2.5.exe => Moved successfully.

C:\Users\Netroth\worldpainter_64_1.5.0.exe => Moved successfully.

C:\Users\Netroth\worldpainter_64_1.6.4.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\down.17272.newtab_setup.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\down.18588.ext_setup.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\EAD7836.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\GUR9ECD.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\Gw2.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\i4jdel0.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\ICReinstall_PMB_updater.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R1.0-b2788jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-b2838jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R1.0-b2879jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jansi-64-git-MCPC-Plus-jenkins-MCPC-Plus-164-251.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas1112472921421216207libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas1183089336288930192libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas139582770625245328jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas1402290047374413437libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas1434629025182506230libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas1489519053186897012jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas151909331597118826libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas1548985005037012807libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas1634132656229826225jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas1639660586743788648jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas1698951704635560372jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas170131850579086962jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas1758740672207962137libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas1804826693563329492jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas1818041055071295573jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas1912020977727120072libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas200714988704125978libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas2022466636315746376libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas2220529959564459687jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas2238284668769506946libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas2414261429630892263libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas2457095924735348753libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas2539171138879581168libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas2542126645947345674jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas2559014460176657683jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas2593401148157933877jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas2604871116628457075jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas264802407917125095jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas2754569592286701495jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas2801821243302355187jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3062382070742279376libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3091522830281319290jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3133746834051721872libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3149781760660024670jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas315821688453003769jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3316629025148289688libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3320979985823472251jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3385071030156974215libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3432946681450041564jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3473395330146716621libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3540261587600228853jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3544539355897799633libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas356814143573936631libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3593355746101820070libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3623251324157212875jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas38304033255925521jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas385109084293206046libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas3970188523654959757libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas402015670379149103jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas409018023742718368jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4099951923514875607jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4169929838828706891jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4213074263526285131jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4271916015977846212libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4371757563827378755jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4418978508487923167jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4467520028011559817libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4485485457359652167libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4519967590441723584jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4571056466854196471libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4605588708825299549libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4630013012010551642libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4750448750579401300jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas4774055446412041051libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5063340212775272149jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5072606721660909651jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5095480235191596883jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5150325962933094140jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5210440891406974784libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5214881616664259746libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5303853142432267997libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5307922130053334929libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas543036258392102753jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5451737675595088880jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas545949441275989785libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5480703710993508626libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5525608609131771550jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5562113823220127861libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5613217962629912625jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5660499785518610358jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5741253957617697427jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5811966199877809354jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas588437079685742184libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5940698848421685591jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas5954349668363499926libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas596147214671233507libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6019866763502791882libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6121168146358379201libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6151358280169315868jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6253608974546442106jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6314521102080910740jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6372409542118455072libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6379244059985646954libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas659227944628338745libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6743579598450546049jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6758074404196013348libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6770350299610782878jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6797619818307203833libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6843223785825607376jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6912042820800418601jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6942862017437676966jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas6943292064380552402jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas700619006729921244libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas7073509484742919408libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas7077913045237505533libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas7158003409512335517libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas726665395625396996jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas730639237356281627jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas7417488888165215781libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas7449830263228785518jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas7486130142756382379libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas7501449640845655591libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas7541510004386785975jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas7803832804434886943libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8009606307523855691jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8031077134583572118jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas811700894661903392libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8205753555316673500jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8227252730129430143jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8265743816832284851libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8266541034160984158libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8283837763039462852jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8284943747674469819jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8297661332679182253libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8367459045425405359jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas839974017570091900libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8422546079589332271jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8444455907418671237libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8504814009529344727libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8537531504587437729libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8716574343845066434libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas8953916974752325108libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas9044583601801205258libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas9064319879619007372libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas9077024776036922092jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas9091262926690721483libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas9127482619663915814libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas9181660811749785464jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas9187141349929597116jblas_arch_flavor.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jblas951503374416403535jblas.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_0_1-R1-b1597jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R2-1-gae6a811-b1841jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R2-b1840jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R3-13-gb3c56b8-b1871jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-11-g24b8704-b2006jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-29-gd6d767e-b2029jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-33-gb66156b-b2034jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-45-g39dde73-b2044jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-9-g66ea5a9-b2000jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_1-R6-b1988jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_2_4-R1_0-b2126jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_2_5-R1_0-b2149jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jline_git-Bukkit-1_8_1-R4-17-g04a14f7-b1493jnks.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\libgcc_s_sjlj-1.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\libgfortran-3.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\MSETUP4.EXE => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\OpenComputersMod-native.64.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\swt-win32-3349.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\Tsu89ADB58F.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\TsuC027696F.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\uninstall.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\UninstallEADM.dll => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\uttCE08.tmp.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\wmpfirefoxplugin.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\xmlUpdater.exe => Moved successfully.

C:\Users\Netroth\AppData\Local\Temp\_isC65F.exe => Moved successfully.

C:\ProgramData\Temp => ":5D458568" ADS removed successfully.

 

==== End of Fixlog ====

Link to post
Share on other sites
Netroth

Netroth

Posted
  • Author
Posted
# AdwCleaner v3.212 - Report created 14/06/2014 at 02:36:06

# Updated 05/06/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Netroth - NETROTH-PC

# Running from : C:\Users\Netroth\Downloads\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\DoiwwnloAd keeepeR

Folder Deleted : C:\Users\Netroth\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Netroth\AppData\Local\Software

Folder Deleted : C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci

File Deleted : C:\Users\Netroth\AppData\Roaming\Mozilla\Firefox\Profiles\mdyal90o.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

File Deleted : C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage

File Deleted : C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal

File Deleted : C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_images.search.conduit.com_0.localstorage

File Deleted : C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_images.search.conduit.com_0.localstorage-journal

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKCU\Software\Google\Chrome\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cfgmipjabpfjdgflgbjjpgekdejokfci

Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKLM\Software\Conduit

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17041

 

 

-\\ Mozilla Firefox v17.0.1 (en-US)

 

[ File : C:\Users\Netroth\AppData\Roaming\Mozilla\Firefox\Profiles\mdyal90o.default\prefs.js ]

 

 

[ File : C:\Users\Test\AppData\Roaming\Mozilla\Firefox\Profiles\8lg73iec.default\prefs.js ]

 

 

-\\ Google Chrome v

 

[ File : C:\Users\Netroth\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted [Extension] : cfgmipjabpfjdgflgbjjpgekdejokfci

 

*************************

 

AdwCleaner[R0].txt - [3026 octets] - [14/06/2014 02:22:31]

AdwCleaner[s0].txt - [2950 octets] - [14/06/2014 02:36:06]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3010 octets] ##########

 

Link to post
Share on other sites
Netroth

Netroth

Posted
  • Author
Posted
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x64

Ran by Netroth on Sat 14/06/2014 at  3:00:23.16

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

Successfully deleted: [File] C:\Windows\syswow64\sho5F90.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho637C.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho7A61.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho9CC1.tmp

Successfully deleted: [File] C:\Windows\syswow64\shoC8EE.tmp

Successfully deleted: [File] C:\Windows\syswow64\shoCFD6.tmp

Successfully deleted: [File] C:\Windows\syswow64\shoD141.tmp

Successfully deleted: [File] C:\Windows\syswow64\shoFBD.tmp

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\Users\Netroth\AppData\Roaming\thinstall"

Successfully deleted: [Folder] "C:\Users\Netroth\appdata\locallow\boost_interprocess"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

Successfully deleted: [Empty Folder] C:\Users\Netroth\appdata\local\{0C5F1207-414A-403A-90BA-96F851A97815}

Successfully deleted: [Empty Folder] C:\Users\Netroth\appdata\local\{4100BBC0-DAE4-42D0-A1BB-44B4F53BDF1B}

Successfully deleted: [Empty Folder] C:\Users\Netroth\appdata\local\{4B4A92F9-844B-420F-8491-DA2D4076A271}

Successfully deleted: [Empty Folder] C:\Users\Netroth\appdata\local\{4D9EBF38-2B0A-4511-B3FE-A529713A0DD6}

Successfully deleted: [Empty Folder] C:\Users\Netroth\appdata\local\{7D1F5BA9-95A4-4C69-AA1F-C1D1BA0A0A2D}

Successfully deleted: [Empty Folder] C:\Users\Netroth\appdata\local\{92AB8C59-E9D9-4EA0-8899-35801B815DC1}

Successfully deleted: [Empty Folder] C:\Users\Netroth\appdata\local\{955FDDC5-B2CC-4B16-8B4A-14A41837124B}

Successfully deleted: [Empty Folder] C:\Users\Netroth\appdata\local\{E4A16301-410C-4A8F-9735-5CE77D2DC41B}

Successfully deleted: [Empty Folder] C:\Users\Netroth\appdata\local\{F61391CC-3FC5-4DE3-8E21-DDFE44AAA813}

 

 

 

~~~ FireFox

 

Successfully deleted: [Folder] C:\Users\Netroth\AppData\Roaming\mozilla\firefox\profiles\mdyal90o.default\extensions\staged

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sat 14/06/2014 at  3:15:45.73

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites
Netroth

Netroth

Posted
  • Author
Posted
Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 14/06/2014

Scan Time: 3:30:40 a.m.

Logfile: 

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.06.13.06

Rootkit Database: v2014.06.02.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Netroth

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 337116

Time Elapsed: 52 min, 24 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

We need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 


Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the add/on to be installed
Click Start
Make sure that the option "Remove found threats"  is UNticked
Click on Advanced Settings, ensure the options
Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

 

When the scan is complete

 


If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

 

If threats were found

 


click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish

 

close program

 

Copy and paste the report in next reply.....

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept