Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another happy ZeroAccess Rootkit customer


  • This topic is locked This topic is locked
14 replies to this topic

#1 Wereducky

Wereducky

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas, ya'll
  • Local time:08:03 PM

Posted 08 July 2012 - 04:33 PM

Hello,
My AVG Free home edition gave me the news today that my services.exe is infected with trojan dropper.generic_c.MMI. A full AVG scan also indicated and alleviated the following infections
"";"C:\Windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\n";"Trojan horse BackDoor.Generic15.BHGZ";"Moved to Virus Vault"
"";"C:\Users\Wereducky\AppData\Local\{c5a8250a-3c0e-7511-5fec-114d29070370}\n";"Trojan horse BackDoor.Generic15.BHGZ";"Moved to Virus Vault"

I am running Windows 7 Professional 64-bit SP1, using Firefox, and protected with AVG free home ed. and Spybot S&D. Firefox has been attempting to redirect to some other pages since early this morning, but spybot appears to have the targets blocked. I have noticed no other effects yet besides AVG reminding me of the services.exe infection periodically.
...

Broni over on the 'Am I infected?' forum let me know I have the ZeroAccess rootkit. Spybot is no longer breaking the redirects after restarting my computer, but the situation hasn't otherwise changed. Are there any immediate steps I should take to limit damage, like keep the infected computer off perhaps? Or would restarting more likely lead to more complications? Further logs (TDSSkiller, aswMBR, ESET) are available in my post quoted above, DDS log follows.
Thank you guys n gals for all your help.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_31
Run by Wereducky at 16:03:00 on 2012-07-08
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4095.2297 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://192.168.1.1/
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [ECS eSF]
uRun: [Comrade.exe] C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\Wereducky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameStopNow.lnk.disabled
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{4656AD07-B0D2-4900-9F51-E7E4CFC44CCA} : DhcpNameServer = 70.243.117.1
TCP: Interfaces\{5FBB8D6F-16B0-4DE1-B1C0-B616DFE4B23A} : NameServer = 70.243.119.1,8.8.8.8
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Wereducky\AppData\Roaming\Mozilla\Firefox\Profiles\rw4fljgc.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amdide64;amdide64;C:\Windows\system32\DRIVERS\amdide64.sys --> C:\Windows\system32\DRIVERS\amdide64.sys [?]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-4-12 8704]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-4-12 1153368]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-5 160944]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 113120]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-07-08 17:33:13 -------- d-----w- C:\Program Files (x86)\ESET
2012-07-08 16:32:54 -------- d-----w- C:\Users\Wereducky\AppData\Local\{EE59B1C8-3229-4702-A895-CC709F3BDF68}
2012-07-08 16:32:42 -------- d-----w- C:\Users\Wereducky\AppData\Local\{69AE49B3-6C59-4DF1-B6B5-AEA36F410F4E}
2012-07-08 04:32:30 -------- d-----w- C:\Users\Wereducky\AppData\Local\{EE46025D-CEC0-4A26-9622-7528A5268D08}
2012-07-08 04:32:18 -------- d-----w- C:\Users\Wereducky\AppData\Local\{26FC5366-8478-4A01-A270-100377F449AE}
2012-07-07 16:32:05 -------- d-----w- C:\Users\Wereducky\AppData\Local\{DB983889-9D9D-4C6F-9932-77AF44D5EC15}
2012-07-07 16:31:53 -------- d-----w- C:\Users\Wereducky\AppData\Local\{FBD9DF78-C5E6-441F-94EE-C3DF25F0E83A}
2012-07-07 04:31:40 -------- d-----w- C:\Users\Wereducky\AppData\Local\{E6688D01-FE2A-4300-AA14-378C8AF07513}
2012-07-07 04:31:26 -------- d-----w- C:\Users\Wereducky\AppData\Local\{8ED2D914-4FF5-4688-AE7C-EF683980439D}
2012-07-06 16:31:01 -------- d-----w- C:\Users\Wereducky\AppData\Local\{3EF49D0C-1517-4C2C-ADF7-D0F41C0C46D9}
2012-07-06 16:30:38 -------- d-----w- C:\Users\Wereducky\AppData\Local\{F9D7E7A1-8584-43B9-A454-D73D5C5B702A}
2012-07-06 16:30:18 -------- d-----w- C:\Users\Wereducky\AppData\Local\GameSpy
2012-07-06 16:29:04 -------- d-----w- C:\Users\Wereducky\AppData\Local\ApplicationHistory
2012-07-06 04:26:49 -------- d-----w- C:\Users\Wereducky\AppData\Local\{9AE60FDE-B6F7-4CD0-8C00-45DC8D2B25D0}
2012-07-06 04:26:36 -------- d-----w- C:\Users\Wereducky\AppData\Local\{41F1AF6A-CAB3-4ED3-B888-F609D071B631}
2012-07-05 16:26:24 -------- d-----w- C:\Users\Wereducky\AppData\Local\{06E79B1C-D0AE-4249-92A7-D9D339AAE3F0}
2012-07-05 16:26:12 -------- d-----w- C:\Users\Wereducky\AppData\Local\{4A64431A-030D-49AA-8694-DC09E3D10901}
2012-07-05 04:25:59 -------- d-----w- C:\Users\Wereducky\AppData\Local\{413F890D-7117-43E2-8780-C95504C10831}
2012-07-05 04:25:46 -------- d-----w- C:\Users\Wereducky\AppData\Local\{D6EFE52D-5EBA-415A-93A3-DE343E40E758}
2012-07-04 16:25:34 -------- d-----w- C:\Users\Wereducky\AppData\Local\{CD163948-E10B-4825-8372-5FAAD3A3A34D}
2012-07-04 16:25:22 -------- d-----w- C:\Users\Wereducky\AppData\Local\{670ED293-345D-425A-AB3C-83362A9B993A}
2012-07-04 04:25:08 -------- d-----w- C:\Users\Wereducky\AppData\Local\{BE5A14F1-9983-48F3-A80F-10457EBD20CC}
2012-07-04 04:24:56 -------- d-----w- C:\Users\Wereducky\AppData\Local\{E6749B26-8362-49F8-8E12-D9BE565F830D}
2012-07-03 16:24:43 -------- d-----w- C:\Users\Wereducky\AppData\Local\{C5F28502-CBE0-45D9-9DF5-05CAE7D381E0}
2012-07-03 16:24:31 -------- d-----w- C:\Users\Wereducky\AppData\Local\{760067C3-27ED-4AC0-A6EF-B025A344E5C8}
2012-07-03 04:24:17 -------- d-----w- C:\Users\Wereducky\AppData\Local\{7CB965D0-CFBE-4B83-9CF2-F76080B68CC9}
2012-07-03 04:24:03 -------- d-----w- C:\Users\Wereducky\AppData\Local\{80365F25-961B-4B67-AD61-B29B4CCDA93A}
2012-07-02 16:23:49 -------- d-----w- C:\Users\Wereducky\AppData\Local\{1B50C61B-A15D-4EDB-8009-E563FCFF2344}
2012-07-02 16:23:34 -------- d-----w- C:\Users\Wereducky\AppData\Local\{905C3803-6450-43D7-B6DE-60635208D398}
2012-07-02 15:21:02 -------- d-----w- C:\Windows\SysWow64\URTTEMP
2012-07-02 14:56:47 -------- d-----w- C:\Program Files (x86)\Firaxis Games
2012-07-02 14:56:30 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2012-07-02 14:56:30 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2012-07-02 14:56:30 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2012-07-02 14:56:30 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2012-07-02 14:56:30 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2012-07-02 14:56:30 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2012-07-02 14:56:28 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2012-07-02 14:56:28 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2012-07-02 14:50:27 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2012-07-02 14:47:22 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2012-07-02 14:47:19 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Toolbar
2012-07-02 14:14:04 560184 ----a-w- C:\Windows\System32\drivers\sptd.sys
2012-07-02 14:13:48 -------- d-----w- C:\Users\Wereducky\AppData\Roaming\DAEMON Tools Lite
2012-07-02 05:22:47 -------- d-----w- C:\Users\Wereducky\AppData\Roaming\deluge
2012-07-02 05:22:23 -------- d-----w- C:\Program Files (x86)\Deluge
2012-07-02 04:23:06 -------- d-----w- C:\Users\Wereducky\AppData\Local\{0BEFB979-D46B-49B8-9AB4-2E5BBF2F4CE1}
2012-07-02 04:22:51 -------- d-----w- C:\Users\Wereducky\AppData\Local\{8B0E34A1-DB14-4847-AC3E-32D524CEED47}
2012-07-01 17:24:42 -------- d-----w- C:\Users\Wereducky\AppData\Roaming\GameFly
2012-07-01 17:24:22 -------- d-----w- C:\Program Files (x86)\GameFly
2012-07-01 16:22:33 -------- d-----w- C:\Users\Wereducky\AppData\Local\{50459905-0483-4311-9802-D2A101B0E6F3}
2012-07-01 16:22:13 -------- d-----w- C:\Users\Wereducky\AppData\Local\{CB559DEE-7B1B-45A7-926D-9BF1305AAE11}
2012-06-28 12:38:13 -------- d-----w- C:\Users\Wereducky\AppData\Local\{92033B19-08C5-4A38-8108-D80AFF948002}
2012-06-28 12:38:01 -------- d-----w- C:\Users\Wereducky\AppData\Local\{C2E67940-ECD3-4DC0-9E1E-618DB35392C4}
2012-06-28 00:37:46 -------- d-----w- C:\Users\Wereducky\AppData\Local\{05E593FD-FD1B-4D13-8F0C-35335CB1C3EB}
2012-06-28 00:37:33 -------- d-----w- C:\Users\Wereducky\AppData\Local\{B614D6BA-7EBC-41F4-A51F-3EBF05F06695}
2012-06-27 12:37:15 -------- d-----w- C:\Users\Wereducky\AppData\Local\{24D85230-CDE4-48CB-9011-4ACB7709CB16}
2012-06-27 12:36:51 -------- d-----w- C:\Users\Wereducky\AppData\Local\{A471C110-AC8C-4D9A-BA4E-6BDE8F1C66FE}
2012-06-27 02:45:07 -------- d-----w- C:\Program Files (x86)\elona+1.07
2012-06-27 00:36:35 -------- d-----w- C:\Users\Wereducky\AppData\Local\{2F6DF664-0D79-4265-9C64-DA6C78FB6E6E}
2012-06-27 00:36:19 -------- d-----w- C:\Users\Wereducky\AppData\Local\{03B4DB0D-A4C7-4008-A099-21875632D4C7}
2012-06-26 12:36:05 -------- d-----w- C:\Users\Wereducky\AppData\Local\{D59563AE-AFFB-4606-A785-1EB861F082BE}
2012-06-26 12:35:53 -------- d-----w- C:\Users\Wereducky\AppData\Local\{E57A71F6-12AB-4741-BBAF-7F60199DB9EC}
2012-06-26 00:35:38 -------- d-----w- C:\Users\Wereducky\AppData\Local\{61E46055-FD40-4353-AFFA-E94EF08428A8}
2012-06-26 00:35:23 -------- d-----w- C:\Users\Wereducky\AppData\Local\{ED2D3EBE-FA5F-42C0-83D0-D93826C352F5}
2012-06-25 12:35:10 -------- d-----w- C:\Users\Wereducky\AppData\Local\{617CD694-7676-4F5E-8F50-FA54BB2EE07A}
2012-06-25 12:34:58 -------- d-----w- C:\Users\Wereducky\AppData\Local\{E0D87677-6F6D-412F-B9EE-22B1387747B4}
2012-06-25 00:34:44 -------- d-----w- C:\Users\Wereducky\AppData\Local\{836921A9-1F56-4D9B-818C-328F87EF46BD}
2012-06-25 00:34:31 -------- d-----w- C:\Users\Wereducky\AppData\Local\{4DDC6126-40DE-4257-A9B3-3C1E169CCA96}
2012-06-24 12:34:18 -------- d-----w- C:\Users\Wereducky\AppData\Local\{5831A7CA-80BB-40BB-B037-E2567DBD2C2E}
2012-06-24 12:34:05 -------- d-----w- C:\Users\Wereducky\AppData\Local\{278D970B-8348-436A-A515-CA7B0BD9A325}
2012-06-24 00:33:51 -------- d-----w- C:\Users\Wereducky\AppData\Local\{67CFB058-AFB8-40C4-9833-7404E0C2FDF5}
2012-06-24 00:33:38 -------- d-----w- C:\Users\Wereducky\AppData\Local\{59F83A74-E8FF-4686-A562-D8DD0509DA17}
2012-06-23 12:33:25 -------- d-----w- C:\Users\Wereducky\AppData\Local\{85905726-0B4D-4EB3-B070-81EF9FADEB17}
2012-06-23 12:33:13 -------- d-----w- C:\Users\Wereducky\AppData\Local\{4A53601B-F420-4B28-B747-6DA3C4827C96}
2012-06-23 00:32:58 -------- d-----w- C:\Users\Wereducky\AppData\Local\{A25F4BB8-06C0-4922-BBF6-89C1AD24BC66}
2012-06-23 00:32:42 -------- d-----w- C:\Users\Wereducky\AppData\Local\{935DDA94-8996-4AB0-9562-12274B3ED254}
2012-06-22 12:32:29 -------- d-----w- C:\Users\Wereducky\AppData\Local\{59242C69-80BA-4EC6-8473-665B32C1D450}
2012-06-22 12:32:17 -------- d-----w- C:\Users\Wereducky\AppData\Local\{480C0B82-0E26-42EB-A7C4-D3CA87DDE80B}
2012-06-22 00:32:02 -------- d-----w- C:\Users\Wereducky\AppData\Local\{172DC922-0F24-49C1-80BD-631ECF1A815F}
2012-06-22 00:31:48 -------- d-----w- C:\Users\Wereducky\AppData\Local\{70D4974C-C080-4779-B75E-55AE8FC7DDBA}
2012-06-21 13:50:37 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-21 13:50:15 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-21 13:50:01 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-21 13:50:01 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-21 12:31:35 -------- d-----w- C:\Users\Wereducky\AppData\Local\{48A1CC34-0607-4DC3-93C9-293BA1A5C63C}
2012-06-21 12:31:24 -------- d-----w- C:\Users\Wereducky\AppData\Local\{D9FED7BE-FA93-4B12-AB5B-2F3A5CFFF008}
2012-06-21 00:31:09 -------- d-----w- C:\Users\Wereducky\AppData\Local\{5113026B-3A00-4DF8-BA3A-717DF4BEBB4A}
2012-06-21 00:30:55 -------- d-----w- C:\Users\Wereducky\AppData\Local\{E842EE07-B84F-4AF9-B359-0F6B5A0D0EC8}
2012-06-20 12:30:42 -------- d-----w- C:\Users\Wereducky\AppData\Local\{F7A189F2-9EC3-47AA-A139-49E6BE394EBF}
2012-06-20 12:30:30 -------- d-----w- C:\Users\Wereducky\AppData\Local\{C3C14738-4AF0-4539-8428-7CAA94D7CA68}
2012-06-20 00:30:16 -------- d-----w- C:\Users\Wereducky\AppData\Local\{66D62662-6D86-4CEE-88DB-F13AF3FBF56C}
2012-06-20 00:30:02 -------- d-----w- C:\Users\Wereducky\AppData\Local\{0B79ED54-CB8D-4E74-86CE-102E81F01215}
2012-06-19 18:32:18 -------- d-----w- C:\Users\Wereducky\AppData\Local\Ironclad Games
2012-06-19 18:30:45 -------- d-----w- C:\ProgramData\Ironclad Games
2012-06-19 15:33:58 -------- d-----w- C:\Program Files (x86)\Common Files\Stardock
2012-06-19 15:31:57 -------- d-----w- C:\ProgramData\Gibraltar
2012-06-19 15:30:09 -------- d-----w- C:\ProgramData\GameStop
2012-06-19 15:22:02 -------- d-----w- C:\Users\Wereducky\AppData\Roaming\Stardock
2012-06-19 15:21:39 -------- dc-h--w- C:\ProgramData\{6F7EF3E6-7F1B-4824-84CD-E8DF6F1B4168}
2012-06-19 15:21:34 -------- d-----w- C:\ProgramData\Stardock
2012-06-19 15:21:34 -------- d-----w- C:\Program Files (x86)\Stardock
2012-06-19 15:21:20 -------- dc-h--w- C:\ProgramData\{DF6E6A21-48E9-4FBD-B0B2-9E838A1DFED0}
2012-06-19 15:21:13 -------- d-----w- C:\Program Files (x86)\Stardock Games
2012-06-19 15:19:50 -------- d-----w- C:\Users\Wereducky\AppData\Local\PackageAware
2012-06-19 12:29:49 -------- d-----w- C:\Users\Wereducky\AppData\Local\{CB3B95B6-2764-44D4-95D8-6E02D356EBDF}
2012-06-19 12:29:37 -------- d-----w- C:\Users\Wereducky\AppData\Local\{1AC3A773-FB20-40AF-98AA-D600A294CC5D}
2012-06-19 00:29:15 -------- d-----w- C:\Users\Wereducky\AppData\Local\{B9ED92E5-DE76-41D8-8D04-A8F70BCE0D94}
2012-06-19 00:29:03 -------- d-----w- C:\Users\Wereducky\AppData\Local\{A2F1DC9A-1485-472E-B2A8-5D311DF33520}
2012-06-18 12:28:37 -------- d-----w- C:\Users\Wereducky\AppData\Local\{1883473E-07B8-47DF-BC35-00A5E2891393}
2012-06-18 00:28:25 -------- d-----w- C:\Users\Wereducky\AppData\Local\{F4087206-60C2-4356-99F6-B286AC009DCE}
2012-06-17 12:28:12 -------- d-----w- C:\Users\Wereducky\AppData\Local\{A7C9FB92-E714-4984-B8F1-A8F06EB731E4}
2012-06-17 00:27:59 -------- d-----w- C:\Users\Wereducky\AppData\Local\{42D0EEEA-5AF8-43FE-B85F-0FCA0BDA3239}
2012-06-17 00:27:16 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-17 00:27:16 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-16 21:16:13 -------- d-----w- C:\Program Files (x86)\Data Realms
2012-06-16 17:22:14 -------- d-----w- C:\Users\Wereducky\AppData\Local\{E53FF23F-2C9F-4088-9432-CBFC013050FD}
2012-06-16 05:22:01 -------- d-----w- C:\Users\Wereducky\AppData\Local\{5EDFB528-0D9D-4269-B0C6-5C3E8CA72E8C}
2012-06-15 17:21:43 -------- d-----w- C:\Users\Wereducky\AppData\Local\{CFB60B73-B41C-42CD-850C-7DB933BFAD98}
2012-06-15 05:21:30 -------- d-----w- C:\Users\Wereducky\AppData\Local\{7D78FEA8-11C3-4397-A8B0-E791B89B147B}
2012-06-15 00:25:18 -------- d--h--w- C:\Windows\msdownld.tmp
2012-06-15 00:25:18 -------- d-----w- C:\Windows\SysWow64\directx
2012-06-14 17:21:16 -------- d-----w- C:\Users\Wereducky\AppData\Local\{8F0DAA13-3B7B-4063-85E4-D5DBEC14BD3B}
2012-06-14 17:21:03 -------- d-----w- C:\Users\Wereducky\AppData\Local\{37C94866-9C09-4845-ACB6-F4E6917F839B}
2012-06-14 05:20:50 -------- d-----w- C:\Users\Wereducky\AppData\Local\{A144554D-5638-414C-B6B5-D4323057C9F7}
2012-06-14 05:20:38 -------- d-----w- C:\Users\Wereducky\AppData\Local\{11DE3A36-1474-425E-997C-73C536442068}
2012-06-14 04:06:06 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-14 04:06:06 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-14 04:06:06 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-14 04:05:48 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-06-14 04:05:48 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-06-14 04:05:48 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-06-14 04:05:29 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-06-14 04:05:25 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-13 23:34:37 -------- d-----w- C:\Users\Wereducky\AppData\Local\Macromedia
2012-06-13 17:20:12 -------- d-----w- C:\Users\Wereducky\AppData\Local\{9D952C39-6DAA-4C27-91AC-4B22264B2C47}
2012-06-13 17:20:00 -------- d-----w- C:\Users\Wereducky\AppData\Local\{5ADAF77F-5539-44CF-AA45-08171AEFE8C5}
2012-06-13 05:19:46 -------- d-----w- C:\Users\Wereducky\AppData\Local\{47FDE25B-67B1-4B9D-AEFA-0EAA2BA11952}
2012-06-13 05:19:32 -------- d-----w- C:\Users\Wereducky\AppData\Local\{F7585FAA-C284-4531-B478-C613E5E46747}
2012-06-12 17:19:19 -------- d-----w- C:\Users\Wereducky\AppData\Local\{578AB106-6434-46B2-B3BF-813CFA33C39F}
2012-06-12 17:19:07 -------- d-----w- C:\Users\Wereducky\AppData\Local\{3BC45399-BD05-446A-A219-6FAFFB5011F2}
2012-06-12 05:18:53 -------- d-----w- C:\Users\Wereducky\AppData\Local\{0F359004-7699-4322-91A6-3BBD9038E29D}
2012-06-12 05:18:41 -------- d-----w- C:\Users\Wereducky\AppData\Local\{A0B94FE0-49F0-461A-8365-EE6459263E08}
2012-06-11 22:44:06 -------- d-----w- C:\msys
2012-06-11 17:18:28 -------- d-----w- C:\Users\Wereducky\AppData\Local\{2C455994-BFEE-44D6-9589-7D87258F2BE7}
2012-06-11 17:18:16 -------- d-----w- C:\Users\Wereducky\AppData\Local\{B320CC02-4986-4FF0-A4CC-5AC64D7C91F7}
2012-06-11 05:18:03 -------- d-----w- C:\Users\Wereducky\AppData\Local\{363714DD-B638-435C-A889-C8B769D1CBA8}
2012-06-11 05:17:51 -------- d-----w- C:\Users\Wereducky\AppData\Local\{6B8089BB-80DA-4C88-980A-966F0C97CBED}
2012-06-10 20:24:06 -------- d-----w- C:\MinGW
2012-06-10 20:03:56 -------- d-----w- C:\Users\Wereducky\.netbeans
2012-06-10 19:48:15 -------- d-----w- C:\Program Files\NetBeans 7.1.2
2012-06-10 19:47:52 -------- d-----w- C:\Users\Wereducky\.nbi
2012-06-10 17:17:38 -------- d-----w- C:\Users\Wereducky\AppData\Local\{9713D953-C844-47F5-B059-E9DD499CD540}
2012-06-10 17:17:26 -------- d-----w- C:\Users\Wereducky\AppData\Local\{C287D183-EEF4-42B2-8553-31B5C384B1F8}
2012-06-10 05:17:13 -------- d-----w- C:\Users\Wereducky\AppData\Local\{E057BCE7-1557-4B83-A80E-29D30CCBA9C3}
2012-06-10 05:17:02 -------- d-----w- C:\Users\Wereducky\AppData\Local\{488F7EE2-E9C8-4FCA-BF64-B8CA4A4F47EC}
2012-06-10 04:38:09 -------- d-----w- C:\Users\Wereducky\AppData\Local\Adobe
2012-06-09 17:16:49 -------- d-----w- C:\Users\Wereducky\AppData\Local\{5AA10A45-0C2D-4D60-BA66-ABF97F69FEB8}
2012-06-09 17:16:37 -------- d-----w- C:\Users\Wereducky\AppData\Local\{27C18F31-B0D6-4D1C-86BD-CA51610CDB4A}
2012-06-09 05:16:23 -------- d-----w- C:\Users\Wereducky\AppData\Local\{9FA37F6B-2D4C-41EF-95D3-C6600C608D65}
2012-06-09 05:16:10 -------- d-----w- C:\Users\Wereducky\AppData\Local\{55CFB944-5891-4C00-AE2A-47D5747A557B}
.
==================== Find3M ====================
.
2012-07-08 16:14:50 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-08 16:14:50 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-15 04:01:31 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-05-15 03:03:54 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-04 11:00:43 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-05-04 09:59:54 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-04-20 03:45:41 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-04-20 03:16:44 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-04-19 09:50:26 28480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2012-04-14 15:56:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-04-14 15:55:31 525544 ----a-w- C:\Windows\System32\deployJava1.dll
2012-04-12 22:59:34 0 ----a-w- C:\Windows\ativpsrm.bin
.
============= FINISH: 16:04:01.62 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:03 PM

Posted 08 July 2012 - 11:32 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Wereducky

Wereducky
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas, ya'll
  • Local time:08:03 PM

Posted 09 July 2012 - 09:36 AM

Good morning Gringo, glad to have your assistance. I'm afraid I must apologize for not fully reading your instructions before proceeding, and made a couple mistakes.

I ran security check as instructed, and clicked save on the log, however as I didn't specify the path, I am not sure where it was saved by default, though I checked some common places without success. Let me know if I should run that again for another log, or where the original log might have been saved. I then disabled Spybot and disabled AVG 'until restart,' not realizing that combofix would be restarting the computer. So after restarting, combofix told me it was still running, and I was unable to disable it for combofix's procedure after that point.

Again I am sorry, and will be sure to read your instructions in full in the future. While testing the water, I am not noticing firefox redirecting or loading to blank pages any longer, though I notice it is recieving data from tracking sites like scorecardresearch from time to time, and being slow to change webpages as a result.

Combofix.txt
ComboFix 12-07-08.02 - Wereducky 07/09/2012 8:53.1.3 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4095.2827 [GMT -5:00]
Running from: c:\users\Wereducky\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\@
c:\windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\L\00000004.@
c:\windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\L\1afb2d56
c:\windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\L\201d3dde
c:\windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\U\00000004.@
c:\windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\U\00000008.@
c:\windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\U\000000cb.@
c:\windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\U\80000000.@
c:\windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\U\80000032.@
c:\windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\U\80000064.@
.
Infected copy of c:\windows\system32\services.exe was found and disinfected
Restored copy from - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-06-09 to 2012-07-09 )))))))))))))))))))))))))))))))
.
.
2012-07-09 13:58 . 2012-07-09 13:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-08 17:33 . 2012-07-08 17:33 -------- d-----w- c:\program files (x86)\ESET
2012-07-06 16:30 . 2012-07-06 16:30 -------- d-----w- c:\users\Wereducky\AppData\Local\GameSpy
2012-07-06 16:29 . 2012-07-09 13:33 -------- d-----w- c:\users\Wereducky\AppData\Local\ApplicationHistory
2012-07-02 15:22 . 2012-07-02 15:22 -------- d-----w- c:\program files (x86)\GameSpy
2012-07-02 15:21 . 2012-07-02 15:21 -------- d-----w- c:\windows\SysWow64\URTTEMP
2012-07-02 15:16 . 2012-07-02 15:16 -------- d-----w- c:\users\Wereducky\AppData\Roaming\InstallShield
2012-07-02 14:56 . 2012-07-02 14:56 -------- d-----w- c:\program files (x86)\Firaxis Games
2012-07-02 14:56 . 2005-04-04 04:02 753664 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2012-07-02 14:56 . 2005-04-04 04:02 69714 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2012-07-02 14:56 . 2005-04-04 04:01 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2012-07-02 14:56 . 2005-04-04 04:00 184320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2012-07-02 14:56 . 2005-04-04 04:00 63488 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2012-07-02 14:56 . 2005-04-04 03:59 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2012-07-02 14:56 . 2012-07-02 14:56 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2012-07-02 14:56 . 2012-07-02 14:56 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2012-07-02 14:50 . 2012-07-02 14:50 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-07-02 14:47 . 2012-07-02 14:56 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-07-02 14:47 . 2012-07-02 14:47 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2012-07-02 14:14 . 2012-07-02 14:50 560184 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-07-02 14:13 . 2012-07-06 16:29 -------- d-----w- c:\users\Wereducky\AppData\Roaming\DAEMON Tools Lite
2012-07-02 05:22 . 2012-07-02 14:54 -------- d-----w- c:\users\Wereducky\AppData\Roaming\deluge
2012-07-02 05:22 . 2012-07-02 05:22 -------- d-----w- c:\program files (x86)\Deluge
2012-07-01 17:24 . 2012-07-01 17:24 -------- d-----w- c:\users\Wereducky\AppData\Roaming\GameFly
2012-07-01 17:24 . 2012-07-01 17:24 -------- d-----w- c:\program files (x86)\GameFly
2012-07-01 17:24 . 2012-07-02 15:45 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-06-27 02:45 . 2012-06-27 02:47 -------- d-----w- c:\program files (x86)\elona+1.07
2012-06-21 13:50 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 13:50 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 13:50 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 13:50 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 13:50 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 13:50 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 13:50 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 13:50 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 13:50 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-19 18:32 . 2012-06-19 18:32 -------- d-----w- c:\users\Wereducky\AppData\Local\Ironclad Games
2012-06-19 18:30 . 2012-06-19 18:30 -------- d-----w- c:\programdata\Ironclad Games
2012-06-19 15:33 . 2012-06-19 15:33 -------- d-----w- c:\program files (x86)\Common Files\Stardock
2012-06-19 15:31 . 2012-06-19 15:31 -------- d-----w- c:\programdata\Gibraltar
2012-06-19 15:30 . 2012-06-19 15:30 -------- d-----w- c:\programdata\GameStop
2012-06-19 15:22 . 2012-06-19 15:26 -------- d-----w- c:\users\Wereducky\AppData\Roaming\Stardock
2012-06-19 15:21 . 2012-06-19 15:21 -------- dc-h--w- c:\programdata\{6F7EF3E6-7F1B-4824-84CD-E8DF6F1B4168}
2012-06-19 15:21 . 2012-07-02 22:29 -------- d-----w- c:\programdata\Stardock
2012-06-19 15:21 . 2012-06-19 15:21 -------- d-----w- c:\program files (x86)\Stardock
2012-06-19 15:21 . 2012-06-19 15:21 -------- dc-h--w- c:\programdata\{DF6E6A21-48E9-4FBD-B0B2-9E838A1DFED0}
2012-06-19 15:21 . 2012-06-19 15:21 -------- d-----w- c:\program files (x86)\Stardock Games
2012-06-19 15:19 . 2012-06-19 15:19 -------- d-----w- c:\users\Wereducky\AppData\Local\PackageAware
2012-06-17 00:27 . 2012-06-17 00:27 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-17 00:27 . 2012-06-17 00:27 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-16 21:16 . 2012-06-16 21:16 -------- d-----w- c:\program files (x86)\Data Realms
2012-06-15 00:25 . 2012-06-15 00:25 -------- d--h--w- c:\windows\msdownld.tmp
2012-06-14 04:06 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 04:06 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 04:06 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-14 04:05 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-14 04:05 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-14 04:05 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-14 04:05 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-14 04:05 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 23:34 . 2012-06-13 23:34 -------- d-----w- c:\users\Wereducky\AppData\Local\Macromedia
2012-06-11 22:44 . 2012-06-11 22:44 -------- d-----w- C:\msys
2012-06-10 20:24 . 2012-06-10 20:40 -------- d-----w- C:\MinGW
2012-06-10 20:03 . 2012-06-10 20:04 -------- d-----w- c:\users\Wereducky\.netbeans
2012-06-10 19:48 . 2012-06-10 19:49 -------- d-----w- c:\program files\NetBeans 7.1.2
2012-06-10 19:47 . 2012-06-10 19:49 -------- d-----w- c:\users\Wereducky\.nbi
2012-06-10 04:38 . 2012-07-01 17:24 -------- d-----w- c:\users\Wereducky\AppData\Local\Adobe
2012-06-10 04:29 . 2012-06-10 04:29 -------- d-----w- c:\program files (x86)\Common Files\Adobe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-08 16:14 . 2012-04-12 23:48 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-08 16:14 . 2012-04-12 23:48 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-19 09:50 . 2012-04-19 09:50 28480 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2012-04-14 15:56 . 2012-04-14 00:32 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-14 15:55 . 2012-04-14 15:55 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-13 02:32 . 2011-03-28 23:36 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-06-05 17344176]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-04-12 1242448]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Comrade.exe"="c:\program files (x86)\GameSpy\Comrade\Comrade.exe" [2007-05-27 36864]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-10-26 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]
"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2012-02-27 801792]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
.
c:\users\Wereducky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GameStopNow.lnk.disabled [2012-6-19 1287]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 ECSIoDriver_1_1_0_0;ECSIoDriver_1_1_0_0;c:\users\WEREDU~1\AppData\Local\Temp\is-NDHP2.tmp\ECSIoDriverX64.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-13 1255736]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys [2009-07-08 11832]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-06 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-06-24 8704]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 ALSysIO;ALSysIO;c:\users\WEREDU~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-30 10806816]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://192.168.1.1/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Open Client to monitor &1 - c:\windows\web\AOpenClient.htm
IE: Open Client to monitor &2 - c:\windows\web\AOpenClient.htm
TCP: Interfaces\{5FBB8D6F-16B0-4DE1-B1C0-B616DFE4B23A}: NameServer = 70.243.119.1,8.8.8.8
FF - ProfilePath - c:\users\Wereducky\AppData\Roaming\Mozilla\Firefox\Profiles\rw4fljgc.default\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-ECS eSF - (no file)
AddRemove-DAEMON Tools Toolbar - c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-07-09 09:05:23 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-09 14:05
.
Pre-Run: 340,208,254,976 bytes free
Post-Run: 340,654,628,864 bytes free
.
- - End Of File - - 8B6F048128222292E658226AC892A86F

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:03 PM

Posted 09 July 2012 - 12:38 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Wereducky

Wereducky
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas, ya'll
  • Local time:08:03 PM

Posted 09 July 2012 - 02:44 PM

Grabbed a fresh copy of each, and no problems running those, here are the logs.

TDSSkiller Log:

14:22:19.0201 3404 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
14:22:21.0203 3404 ============================================================
14:22:21.0203 3404 Current date / time: 2012/07/09 14:22:21.0203
14:22:21.0203 3404 SystemInfo:
14:22:21.0203 3404
14:22:21.0204 3404 OS Version: 6.1.7601 ServicePack: 1.0
14:22:21.0204 3404 Product type: Workstation
14:22:21.0204 3404 ComputerName: WEREDUCKY-PC
14:22:21.0204 3404 UserName: Wereducky
14:22:21.0204 3404 Windows directory: C:\Windows
14:22:21.0204 3404 System windows directory: C:\Windows
14:22:21.0204 3404 Running under WOW64
14:22:21.0204 3404 Processor architecture: Intel x64
14:22:21.0204 3404 Number of processors: 3
14:22:21.0204 3404 Page size: 0x1000
14:22:21.0204 3404 Boot type: Normal boot
14:22:21.0204 3404 ============================================================
14:22:23.0251 3404 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:22:23.0255 3404 ============================================================
14:22:23.0255 3404 \Device\Harddisk0\DR0:
14:22:23.0255 3404 MBR partitions:
14:22:23.0255 3404 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
14:22:23.0255 3404 ============================================================
14:22:23.0277 3404 C: <-> \Device\Harddisk0\DR0\Partition0
14:22:23.0277 3404 ============================================================
14:22:23.0277 3404 Initialize success
14:22:23.0277 3404 ============================================================
14:22:26.0270 3344 ============================================================
14:22:26.0270 3344 Scan started
14:22:26.0270 3344 Mode: Manual;
14:22:26.0270 3344 ============================================================
14:22:28.0308 3344 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:22:28.0315 3344 1394ohci - ok
14:22:28.0362 3344 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:22:28.0365 3344 ACPI - ok
14:22:28.0377 3344 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:22:28.0378 3344 AcpiPmi - ok
14:22:28.0512 3344 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:22:28.0514 3344 AdobeARMservice - ok
14:22:28.0558 3344 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
14:22:28.0565 3344 adp94xx - ok
14:22:28.0591 3344 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
14:22:28.0596 3344 adpahci - ok
14:22:28.0624 3344 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
14:22:28.0627 3344 adpu320 - ok
14:22:28.0670 3344 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:22:28.0671 3344 AeLookupSvc - ok
14:22:28.0756 3344 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
14:22:28.0829 3344 AFD - ok
14:22:28.0866 3344 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:22:28.0869 3344 agp440 - ok
14:22:28.0896 3344 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:22:28.0900 3344 ALG - ok
14:22:28.0921 3344 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:22:28.0924 3344 aliide - ok
14:22:29.0005 3344 ALSysIO - ok
14:22:29.0108 3344 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe
14:22:29.0113 3344 AMD External Events Utility - ok
14:22:29.0203 3344 AMD FUEL Service - ok
14:22:29.0225 3344 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:22:29.0227 3344 amdide - ok
14:22:29.0279 3344 amdide64 (e921853f1838ecc009a6835a8bdadb9e) C:\Windows\system32\DRIVERS\amdide64.sys
14:22:29.0280 3344 amdide64 - ok
14:22:29.0311 3344 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
14:22:29.0313 3344 amdiox64 - ok
14:22:29.0350 3344 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
14:22:29.0352 3344 AmdK8 - ok
14:22:30.0040 3344 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
14:22:30.0261 3344 amdkmdag - ok
14:22:30.0455 3344 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys
14:22:30.0458 3344 amdkmdap - ok
14:22:30.0480 3344 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:22:30.0482 3344 AmdPPM - ok
14:22:30.0526 3344 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:22:30.0528 3344 amdsata - ok
14:22:30.0554 3344 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
14:22:30.0557 3344 amdsbs - ok
14:22:30.0573 3344 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:22:30.0574 3344 amdxata - ok
14:22:30.0688 3344 AODDriver4.01 (5b25d1a753cc3a3edb909bb759ac1098) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
14:22:30.0691 3344 AODDriver4.01 - ok
14:22:30.0858 3344 AODDriver4.1 (5b25d1a753cc3a3edb909bb759ac1098) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
14:22:30.0860 3344 AODDriver4.1 - ok
14:22:30.0898 3344 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:22:30.0902 3344 AppID - ok
14:22:30.0922 3344 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:22:30.0925 3344 AppIDSvc - ok
14:22:30.0947 3344 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
14:22:30.0948 3344 Appinfo - ok
14:22:31.0027 3344 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
14:22:31.0033 3344 AppMgmt - ok
14:22:31.0057 3344 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
14:22:31.0060 3344 arc - ok
14:22:31.0081 3344 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
14:22:31.0083 3344 arcsas - ok
14:22:31.0166 3344 aspnet_state - ok
14:22:31.0185 3344 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:22:31.0187 3344 AsyncMac - ok
14:22:31.0206 3344 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:22:31.0207 3344 atapi - ok
14:22:31.0331 3344 athr (5d4529ac4156e16bedb01441ae0cf984) C:\Windows\system32\DRIVERS\athrx.sys
14:22:31.0356 3344 athr - ok
14:22:31.0579 3344 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
14:22:31.0582 3344 AtiHDAudioService - ok
14:22:31.0620 3344 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
14:22:31.0621 3344 AtiPcie - ok
14:22:31.0733 3344 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:22:31.0745 3344 AudioEndpointBuilder - ok
14:22:31.0754 3344 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:22:31.0759 3344 AudioSrv - ok
14:22:31.0840 3344 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
14:22:31.0842 3344 AVGIDSHA - ok
14:22:31.0917 3344 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
14:22:31.0922 3344 Avgldx64 - ok
14:22:31.0948 3344 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
14:22:31.0950 3344 Avgmfx64 - ok
14:22:31.0980 3344 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
14:22:31.0982 3344 Avgrkx64 - ok
14:22:32.0039 3344 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
14:22:32.0047 3344 Avgtdia - ok
14:22:32.0191 3344 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
14:22:32.0195 3344 avgwd - ok
14:22:32.0260 3344 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
14:22:32.0265 3344 AxInstSV - ok
14:22:32.0345 3344 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
14:22:32.0356 3344 b06bdrv - ok
14:22:32.0438 3344 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:22:32.0456 3344 b57nd60a - ok
14:22:32.0500 3344 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:22:32.0501 3344 BDESVC - ok
14:22:32.0512 3344 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:22:32.0513 3344 Beep - ok
14:22:32.0590 3344 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
14:22:32.0600 3344 BFE - ok
14:22:32.0685 3344 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
14:22:32.0701 3344 BITS - ok
14:22:32.0754 3344 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:22:32.0757 3344 blbdrive - ok
14:22:32.0826 3344 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:22:32.0827 3344 bowser - ok
14:22:32.0856 3344 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
14:22:32.0859 3344 BrFiltLo - ok
14:22:32.0877 3344 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
14:22:32.0880 3344 BrFiltUp - ok
14:22:32.0907 3344 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
14:22:32.0909 3344 BridgeMP - ok
14:22:32.0932 3344 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
14:22:32.0933 3344 Browser - ok
14:22:32.0972 3344 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:22:32.0976 3344 Brserid - ok
14:22:33.0001 3344 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:22:33.0003 3344 BrSerWdm - ok
14:22:33.0017 3344 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:22:33.0018 3344 BrUsbMdm - ok
14:22:33.0031 3344 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:22:33.0033 3344 BrUsbSer - ok
14:22:33.0052 3344 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
14:22:33.0054 3344 BTHMODEM - ok
14:22:33.0110 3344 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:22:33.0112 3344 bthserv - ok
14:22:33.0131 3344 catchme - ok
14:22:33.0151 3344 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:22:33.0155 3344 cdfs - ok
14:22:33.0185 3344 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
14:22:33.0188 3344 cdrom - ok
14:22:33.0212 3344 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:22:33.0214 3344 CertPropSvc - ok
14:22:33.0245 3344 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
14:22:33.0247 3344 circlass - ok
14:22:33.0296 3344 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:22:33.0303 3344 CLFS - ok
14:22:33.0415 3344 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:22:33.0422 3344 clr_optimization_v2.0.50727_32 - ok
14:22:33.0466 3344 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:22:33.0470 3344 clr_optimization_v2.0.50727_64 - ok
14:22:33.0555 3344 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:22:33.0597 3344 clr_optimization_v4.0.30319_32 - ok
14:22:33.0653 3344 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:22:33.0658 3344 clr_optimization_v4.0.30319_64 - ok
14:22:33.0715 3344 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
14:22:33.0717 3344 CmBatt - ok
14:22:33.0742 3344 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:22:33.0745 3344 cmdide - ok
14:22:33.0815 3344 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
14:22:33.0820 3344 CNG - ok
14:22:33.0885 3344 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
14:22:33.0888 3344 Compbatt - ok
14:22:33.0922 3344 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:22:33.0925 3344 CompositeBus - ok
14:22:33.0940 3344 COMSysApp - ok
14:22:33.0971 3344 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
14:22:33.0972 3344 crcdisk - ok
14:22:34.0031 3344 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
14:22:34.0032 3344 CryptSvc - ok
14:22:34.0095 3344 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
14:22:34.0142 3344 CSC - ok
14:22:34.0214 3344 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
14:22:34.0225 3344 CscService - ok
14:22:34.0313 3344 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:22:34.0324 3344 DcomLaunch - ok
14:22:34.0372 3344 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:22:34.0376 3344 defragsvc - ok
14:22:34.0410 3344 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:22:34.0412 3344 DfsC - ok
14:22:34.0445 3344 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
14:22:34.0447 3344 Dhcp - ok
14:22:34.0461 3344 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:22:34.0463 3344 discache - ok
14:22:34.0478 3344 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
14:22:34.0479 3344 Disk - ok
14:22:34.0513 3344 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
14:22:34.0515 3344 dmvsc - ok
14:22:34.0552 3344 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
14:22:34.0554 3344 Dnscache - ok
14:22:34.0579 3344 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
14:22:34.0582 3344 dot3svc - ok
14:22:34.0595 3344 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
14:22:34.0597 3344 DPS - ok
14:22:34.0640 3344 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:22:34.0643 3344 drmkaud - ok
14:22:34.0740 3344 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:22:34.0746 3344 DXGKrnl - ok
14:22:34.0792 3344 EagleX64 - ok
14:22:34.0844 3344 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:22:34.0847 3344 EapHost - ok
14:22:35.0082 3344 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
14:22:35.0135 3344 ebdrv - ok
14:22:35.0222 3344 ECSIoDriver_1_1_0_0 - ok
14:22:35.0389 3344 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
14:22:35.0393 3344 EFS - ok
14:22:35.0490 3344 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
14:22:35.0513 3344 ehRecvr - ok
14:22:35.0545 3344 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:22:35.0547 3344 ehSched - ok
14:22:35.0633 3344 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
14:22:35.0641 3344 elxstor - ok
14:22:35.0656 3344 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:22:35.0657 3344 ErrDev - ok
14:22:35.0733 3344 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:22:35.0740 3344 EventSystem - ok
14:22:35.0790 3344 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:22:35.0796 3344 exfat - ok
14:22:35.0838 3344 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:22:35.0844 3344 fastfat - ok
14:22:35.0940 3344 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
14:22:35.0963 3344 Fax - ok
14:22:35.0991 3344 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
14:22:35.0993 3344 fdc - ok
14:22:36.0020 3344 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:22:36.0023 3344 fdPHost - ok
14:22:36.0033 3344 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:22:36.0036 3344 FDResPub - ok
14:22:36.0075 3344 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:22:36.0076 3344 FileInfo - ok
14:22:36.0093 3344 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:22:36.0094 3344 Filetrace - ok
14:22:36.0110 3344 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
14:22:36.0111 3344 flpydisk - ok
14:22:36.0134 3344 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:22:36.0137 3344 FltMgr - ok
14:22:36.0230 3344 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
14:22:36.0254 3344 FontCache - ok
14:22:36.0361 3344 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:22:36.0363 3344 FontCache3.0.0.0 - ok
14:22:36.0399 3344 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:22:36.0402 3344 FsDepends - ok
14:22:36.0426 3344 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
14:22:36.0428 3344 Fs_Rec - ok
14:22:36.0464 3344 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:22:36.0466 3344 fvevol - ok
14:22:36.0496 3344 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
14:22:36.0499 3344 gagp30kx - ok
14:22:36.0571 3344 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
14:22:36.0577 3344 gpsvc - ok
14:22:36.0593 3344 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:22:36.0595 3344 hcw85cir - ok
14:22:36.0671 3344 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:22:36.0683 3344 HdAudAddService - ok
14:22:36.0726 3344 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:22:36.0730 3344 HDAudBus - ok
14:22:36.0755 3344 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
14:22:36.0758 3344 HidBatt - ok
14:22:36.0787 3344 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
14:22:36.0791 3344 HidBth - ok
14:22:36.0816 3344 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
14:22:36.0819 3344 HidIr - ok
14:22:36.0838 3344 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
14:22:36.0840 3344 hidserv - ok
14:22:36.0848 3344 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
14:22:36.0850 3344 HidUsb - ok
14:22:36.0960 3344 HiPatchService (7388756bc5f9fe857c400e340b878af2) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
14:22:36.0961 3344 HiPatchService - ok
14:22:36.0998 3344 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
14:22:37.0003 3344 hkmsvc - ok
14:22:37.0034 3344 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
14:22:37.0038 3344 HomeGroupListener - ok
14:22:37.0072 3344 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
14:22:37.0074 3344 HomeGroupProvider - ok
14:22:37.0097 3344 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:22:37.0098 3344 HpSAMD - ok
14:22:37.0178 3344 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:22:37.0183 3344 HTTP - ok
14:22:37.0213 3344 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:22:37.0213 3344 hwpolicy - ok
14:22:37.0228 3344 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:22:37.0230 3344 i8042prt - ok
14:22:37.0276 3344 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:22:37.0316 3344 iaStorV - ok
14:22:37.0500 3344 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:22:37.0514 3344 idsvc - ok
14:22:37.0538 3344 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
14:22:37.0540 3344 iirsp - ok
14:22:37.0650 3344 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
14:22:37.0662 3344 IKEEXT - ok
14:22:37.0921 3344 IntcAzAudAddService (96b0a408842b0e214edcb41e89438999) C:\Windows\system32\drivers\RTKVHD64.sys
14:22:37.0940 3344 IntcAzAudAddService - ok
14:22:38.0094 3344 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:22:38.0097 3344 intelide - ok
14:22:38.0126 3344 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
14:22:38.0130 3344 intelppm - ok
14:22:38.0154 3344 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:22:38.0159 3344 IPBusEnum - ok
14:22:38.0186 3344 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:22:38.0188 3344 IpFilterDriver - ok
14:22:38.0253 3344 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
14:22:38.0258 3344 iphlpsvc - ok
14:22:38.0279 3344 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:22:38.0281 3344 IPMIDRV - ok
14:22:38.0303 3344 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:22:38.0305 3344 IPNAT - ok
14:22:38.0340 3344 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:22:38.0341 3344 IRENUM - ok
14:22:38.0351 3344 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:22:38.0352 3344 isapnp - ok
14:22:38.0390 3344 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:22:38.0394 3344 iScsiPrt - ok
14:22:38.0410 3344 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:22:38.0412 3344 kbdclass - ok
14:22:38.0432 3344 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
14:22:38.0433 3344 kbdhid - ok
14:22:38.0448 3344 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:22:38.0449 3344 KeyIso - ok
14:22:38.0473 3344 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
14:22:38.0474 3344 KSecDD - ok
14:22:38.0501 3344 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
14:22:38.0503 3344 KSecPkg - ok
14:22:38.0517 3344 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:22:38.0518 3344 ksthunk - ok
14:22:38.0556 3344 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:22:38.0572 3344 KtmRm - ok
14:22:38.0612 3344 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
14:22:38.0615 3344 LanmanServer - ok
14:22:38.0652 3344 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
14:22:38.0654 3344 LanmanWorkstation - ok
14:22:38.0701 3344 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:22:38.0702 3344 lltdio - ok
14:22:38.0743 3344 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:22:38.0748 3344 lltdsvc - ok
14:22:38.0768 3344 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:22:38.0769 3344 lmhosts - ok
14:22:38.0797 3344 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
14:22:38.0799 3344 LSI_FC - ok
14:22:38.0823 3344 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
14:22:38.0825 3344 LSI_SAS - ok
14:22:38.0840 3344 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
14:22:38.0842 3344 LSI_SAS2 - ok
14:22:38.0860 3344 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
14:22:38.0863 3344 LSI_SCSI - ok
14:22:38.0883 3344 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:22:38.0884 3344 luafv - ok
14:22:38.0914 3344 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
14:22:38.0917 3344 Mcx2Svc - ok
14:22:38.0936 3344 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
14:22:38.0938 3344 megasas - ok
14:22:38.0968 3344 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
14:22:38.0972 3344 MegaSR - ok
14:22:38.0988 3344 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:22:38.0990 3344 MMCSS - ok
14:22:39.0010 3344 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:22:39.0012 3344 Modem - ok
14:22:39.0028 3344 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:22:39.0029 3344 monitor - ok
14:22:39.0056 3344 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:22:39.0057 3344 mouclass - ok
14:22:39.0072 3344 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:22:39.0073 3344 mouhid - ok
14:22:39.0098 3344 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:22:39.0099 3344 mountmgr - ok
14:22:39.0235 3344 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:22:39.0241 3344 MozillaMaintenance - ok
14:22:39.0274 3344 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:22:39.0280 3344 mpio - ok
14:22:39.0300 3344 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:22:39.0302 3344 mpsdrv - ok
14:22:39.0392 3344 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
14:22:39.0398 3344 MpsSvc - ok
14:22:39.0441 3344 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:22:39.0444 3344 MRxDAV - ok
14:22:39.0482 3344 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:22:39.0483 3344 mrxsmb - ok
14:22:39.0517 3344 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:22:39.0519 3344 mrxsmb10 - ok
14:22:39.0555 3344 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:22:39.0556 3344 mrxsmb20 - ok
14:22:39.0579 3344 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:22:39.0581 3344 msahci - ok
14:22:39.0605 3344 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:22:39.0610 3344 msdsm - ok
14:22:39.0632 3344 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:22:39.0635 3344 MSDTC - ok
14:22:39.0678 3344 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:22:39.0679 3344 Msfs - ok
14:22:39.0685 3344 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:22:39.0686 3344 mshidkmdf - ok
14:22:39.0707 3344 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:22:39.0707 3344 msisadrv - ok
14:22:39.0737 3344 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:22:39.0740 3344 MSiSCSI - ok
14:22:39.0743 3344 msiserver - ok
14:22:39.0784 3344 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:22:39.0786 3344 MSKSSRV - ok
14:22:39.0790 3344 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:22:39.0791 3344 MSPCLOCK - ok
14:22:39.0795 3344 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:22:39.0796 3344 MSPQM - ok
14:22:39.0834 3344 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:22:39.0836 3344 MsRPC - ok
14:22:39.0907 3344 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
14:22:39.0908 3344 mssmbios - ok
14:22:39.0917 3344 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:22:39.0919 3344 MSTEE - ok
14:22:39.0939 3344 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
14:22:39.0940 3344 MTConfig - ok
14:22:39.0963 3344 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:22:39.0964 3344 Mup - ok
14:22:40.0019 3344 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
14:22:40.0069 3344 napagent - ok
14:22:40.0148 3344 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:22:40.0153 3344 NativeWifiP - ok
14:22:40.0286 3344 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:22:40.0300 3344 NDIS - ok
14:22:40.0321 3344 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:22:40.0323 3344 NdisCap - ok
14:22:40.0352 3344 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:22:40.0353 3344 NdisTapi - ok
14:22:40.0366 3344 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:22:40.0367 3344 Ndisuio - ok
14:22:40.0393 3344 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:22:40.0396 3344 NdisWan - ok
14:22:40.0414 3344 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:22:40.0416 3344 NDProxy - ok
14:22:40.0436 3344 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:22:40.0438 3344 NetBIOS - ok
14:22:40.0479 3344 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:22:40.0483 3344 NetBT - ok
14:22:40.0512 3344 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:22:40.0513 3344 Netlogon - ok
14:22:40.0594 3344 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:22:40.0600 3344 Netman - ok
14:22:40.0639 3344 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:22:40.0643 3344 netprofm - ok
14:22:40.0756 3344 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:22:40.0761 3344 NetTcpPortSharing - ok
14:22:40.0799 3344 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
14:22:40.0803 3344 nfrd960 - ok
14:22:40.0830 3344 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
14:22:40.0833 3344 NlaSvc - ok
14:22:40.0895 3344 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:22:40.0898 3344 Npfs - ok
14:22:40.0919 3344 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:22:40.0923 3344 nsi - ok
14:22:40.0940 3344 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:22:40.0941 3344 nsiproxy - ok
14:22:41.0078 3344 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:22:41.0088 3344 Ntfs - ok
14:22:41.0247 3344 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:22:41.0250 3344 Null - ok
14:22:41.0291 3344 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:22:41.0297 3344 nvraid - ok
14:22:41.0334 3344 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:22:41.0337 3344 nvstor - ok
14:22:41.0365 3344 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:22:41.0367 3344 nv_agp - ok
14:22:41.0416 3344 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:22:41.0420 3344 ohci1394 - ok
14:22:41.0475 3344 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:22:41.0488 3344 p2pimsvc - ok
14:22:41.0537 3344 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:22:41.0543 3344 p2psvc - ok
14:22:41.0568 3344 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
14:22:41.0571 3344 Parport - ok
14:22:41.0600 3344 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
14:22:41.0601 3344 partmgr - ok
14:22:41.0618 3344 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:22:41.0621 3344 PcaSvc - ok
14:22:41.0646 3344 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:22:41.0648 3344 pci - ok
14:22:41.0663 3344 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:22:41.0663 3344 pciide - ok
14:22:41.0699 3344 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
14:22:41.0702 3344 pcmcia - ok
14:22:41.0724 3344 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:22:41.0724 3344 pcw - ok
14:22:41.0776 3344 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:22:41.0779 3344 PEAUTH - ok
14:22:41.0899 3344 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
14:22:41.0922 3344 PeerDistSvc - ok
14:22:42.0008 3344 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:22:42.0010 3344 PerfHost - ok
14:22:42.0180 3344 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
14:22:42.0203 3344 pla - ok
14:22:42.0279 3344 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
14:22:42.0283 3344 PlugPlay - ok
14:22:42.0295 3344 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:22:42.0297 3344 PNRPAutoReg - ok
14:22:42.0332 3344 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:22:42.0335 3344 PNRPsvc - ok
14:22:42.0405 3344 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
14:22:42.0419 3344 PolicyAgent - ok
14:22:42.0465 3344 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:22:42.0467 3344 Power - ok
14:22:42.0525 3344 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:22:42.0529 3344 PptpMiniport - ok
14:22:42.0567 3344 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
14:22:42.0571 3344 Processor - ok
14:22:42.0630 3344 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
14:22:42.0632 3344 ProfSvc - ok
14:22:42.0660 3344 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:22:42.0661 3344 ProtectedStorage - ok
14:22:42.0719 3344 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:22:42.0721 3344 Psched - ok
14:22:42.0895 3344 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
14:22:42.0935 3344 ql2300 - ok
14:22:43.0107 3344 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
14:22:43.0110 3344 ql40xx - ok
14:22:43.0151 3344 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:22:43.0155 3344 QWAVE - ok
14:22:43.0167 3344 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:22:43.0168 3344 QWAVEdrv - ok
14:22:43.0183 3344 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:22:43.0184 3344 RasAcd - ok
14:22:43.0223 3344 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:22:43.0225 3344 RasAgileVpn - ok
14:22:43.0241 3344 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:22:43.0244 3344 RasAuto - ok
14:22:43.0263 3344 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:22:43.0266 3344 Rasl2tp - ok
14:22:43.0318 3344 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
14:22:43.0322 3344 RasMan - ok
14:22:43.0355 3344 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:22:43.0357 3344 RasPppoe - ok
14:22:43.0377 3344 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:22:43.0379 3344 RasSstp - ok
14:22:43.0409 3344 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:22:43.0414 3344 rdbss - ok
14:22:43.0422 3344 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:22:43.0423 3344 rdpbus - ok
14:22:43.0434 3344 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:22:43.0436 3344 RDPCDD - ok
14:22:43.0500 3344 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
14:22:43.0506 3344 RDPDR - ok
14:22:43.0538 3344 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:22:43.0541 3344 RDPENCDD - ok
14:22:43.0559 3344 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:22:43.0562 3344 RDPREFMP - ok
14:22:43.0605 3344 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
14:22:43.0609 3344 RDPWD - ok
14:22:43.0641 3344 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:22:43.0643 3344 rdyboost - ok
14:22:43.0674 3344 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:22:43.0677 3344 RemoteAccess - ok
14:22:43.0724 3344 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:22:43.0727 3344 RemoteRegistry - ok
14:22:43.0739 3344 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:22:43.0741 3344 RpcEptMapper - ok
14:22:43.0772 3344 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:22:43.0774 3344 RpcLocator - ok
14:22:43.0819 3344 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:22:43.0824 3344 RpcSs - ok
14:22:43.0847 3344 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:22:43.0848 3344 rspndr - ok
14:22:43.0952 3344 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:22:43.0960 3344 RTL8167 - ok
14:22:44.0002 3344 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
14:22:44.0004 3344 s3cap - ok
14:22:44.0041 3344 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:22:44.0044 3344 SamSs - ok
14:22:44.0078 3344 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:22:44.0081 3344 sbp2port - ok
14:22:44.0277 3344 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:22:44.0292 3344 SBSDWSCService - ok
14:22:44.0315 3344 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:22:44.0319 3344 SCardSvr - ok
14:22:44.0356 3344 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:22:44.0357 3344 scfilter - ok
14:22:44.0636 3344 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
14:22:44.0652 3344 Schedule - ok
14:22:44.0681 3344 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:22:44.0681 3344 SCPolicySvc - ok
14:22:44.0707 3344 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
14:22:44.0711 3344 SDRSVC - ok
14:22:44.0732 3344 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:22:44.0733 3344 secdrv - ok
14:22:44.0743 3344 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
14:22:44.0745 3344 seclogon - ok
14:22:44.0777 3344 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
14:22:44.0779 3344 SENS - ok
14:22:44.0790 3344 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:22:44.0792 3344 SensrSvc - ok
14:22:44.0819 3344 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:22:44.0821 3344 Serenum - ok
14:22:44.0835 3344 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:22:44.0837 3344 Serial - ok
14:22:44.0850 3344 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
14:22:44.0851 3344 sermouse - ok
14:22:44.0877 3344 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
14:22:44.0879 3344 SessionEnv - ok
14:22:44.0896 3344 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:22:44.0897 3344 sffdisk - ok
14:22:44.0915 3344 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:22:44.0917 3344 sffp_mmc - ok
14:22:44.0924 3344 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:22:44.0925 3344 sffp_sd - ok
14:22:44.0932 3344 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
14:22:44.0934 3344 sfloppy - ok
14:22:44.0981 3344 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:22:44.0985 3344 SharedAccess - ok
14:22:45.0029 3344 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
14:22:45.0032 3344 ShellHWDetection - ok
14:22:45.0060 3344 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
14:22:45.0061 3344 SiSRaid2 - ok
14:22:45.0082 3344 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
14:22:45.0084 3344 SiSRaid4 - ok
14:22:45.0202 3344 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
14:22:45.0206 3344 SkypeUpdate - ok
14:22:45.0240 3344 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:22:45.0244 3344 Smb - ok
14:22:45.0288 3344 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:22:45.0289 3344 SNMPTRAP - ok
14:22:45.0306 3344 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:22:45.0306 3344 spldr - ok
14:22:45.0355 3344 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
14:22:45.0360 3344 Spooler - ok
14:22:45.0608 3344 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
14:22:45.0683 3344 sppsvc - ok
14:22:45.0852 3344 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:22:45.0855 3344 sppuinotify - ok
14:22:45.0868 3344 sptd - ok
14:22:45.0951 3344 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:22:45.0959 3344 srv - ok
14:22:46.0010 3344 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:22:46.0013 3344 srv2 - ok
14:22:46.0034 3344 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:22:46.0035 3344 srvnet - ok
14:22:46.0075 3344 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:22:46.0079 3344 SSDPSRV - ok
14:22:46.0096 3344 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:22:46.0098 3344 SstpSvc - ok
14:22:46.0201 3344 Steam Client Service - ok
14:22:46.0240 3344 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
14:22:46.0244 3344 stexstor - ok
14:22:46.0311 3344 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
14:22:46.0325 3344 stisvc - ok
14:22:46.0352 3344 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
14:22:46.0353 3344 storflt - ok
14:22:46.0382 3344 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
14:22:46.0384 3344 StorSvc - ok
14:22:46.0402 3344 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
14:22:46.0404 3344 storvsc - ok
14:22:46.0411 3344 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
14:22:46.0412 3344 swenum - ok
14:22:46.0455 3344 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:22:46.0475 3344 swprv - ok
14:22:46.0605 3344 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
14:22:46.0617 3344 SysMain - ok
14:22:46.0786 3344 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
14:22:46.0788 3344 TabletInputService - ok
14:22:46.0828 3344 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
14:22:46.0831 3344 TapiSrv - ok
14:22:46.0843 3344 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:22:46.0846 3344 TBS - ok
14:22:47.0002 3344 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
14:22:47.0011 3344 Tcpip - ok
14:22:47.0278 3344 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
14:22:47.0290 3344 TCPIP6 - ok
14:22:47.0604 3344 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:22:47.0606 3344 tcpipreg - ok
14:22:47.0642 3344 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:22:47.0643 3344 TDPIPE - ok
14:22:47.0723 3344 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
14:22:47.0731 3344 TDTCP - ok
14:22:47.0796 3344 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:22:47.0798 3344 tdx - ok
14:22:47.0874 3344 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
14:22:47.0876 3344 TermDD - ok
14:22:47.0968 3344 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
14:22:47.0984 3344 TermService - ok
14:22:47.0997 3344 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:22:47.0999 3344 Themes - ok
14:22:48.0024 3344 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:22:48.0025 3344 THREADORDER - ok
14:22:48.0050 3344 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:22:48.0053 3344 TrkWks - ok
14:22:48.0116 3344 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
14:22:48.0119 3344 TrustedInstaller - ok
14:22:48.0131 3344 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:22:48.0132 3344 tssecsrv - ok
14:22:48.0166 3344 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:22:48.0167 3344 TsUsbFlt - ok
14:22:48.0188 3344 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
14:22:48.0189 3344 TsUsbGD - ok
14:22:48.0228 3344 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:22:48.0230 3344 tunnel - ok
14:22:48.0248 3344 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
14:22:48.0250 3344 uagp35 - ok
14:22:48.0286 3344 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:22:48.0303 3344 udfs - ok
14:22:48.0318 3344 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:22:48.0321 3344 UI0Detect - ok
14:22:48.0580 3344 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:22:48.0584 3344 uliagpkx - ok
14:22:48.0751 3344 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
14:22:48.0936 3344 umbus - ok
14:22:49.0006 3344 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
14:22:49.0008 3344 UmPass - ok
14:22:49.0053 3344 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
14:22:49.0058 3344 UmRdpService - ok
14:22:49.0100 3344 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:22:49.0118 3344 upnphost - ok
14:22:49.0167 3344 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys
14:22:49.0169 3344 usbccgp - ok
14:22:49.0197 3344 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:22:49.0199 3344 usbcir - ok
14:22:49.0220 3344 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
14:22:49.0222 3344 usbehci - ok
14:22:49.0268 3344 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
14:22:49.0269 3344 usbfilter - ok
14:22:49.0313 3344 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:22:49.0317 3344 usbhub - ok
14:22:49.0328 3344 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
14:22:49.0330 3344 usbohci - ok
14:22:49.0353 3344 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
14:22:49.0354 3344 usbprint - ok
14:22:49.0399 3344 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:22:49.0402 3344 USBSTOR - ok
14:22:49.0419 3344 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
14:22:49.0420 3344 usbuhci - ok
14:22:49.0426 3344 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:22:49.0427 3344 UxSms - ok
14:22:49.0463 3344 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:22:49.0464 3344 VaultSvc - ok
14:22:49.0482 3344 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:22:49.0483 3344 vdrvroot - ok
14:22:49.0531 3344 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
14:22:49.0540 3344 vds - ok
14:22:49.0552 3344 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:22:49.0553 3344 vga - ok
14:22:49.0565 3344 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:22:49.0566 3344 VgaSave - ok
14:22:49.0595 3344 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:22:49.0598 3344 vhdmp - ok
14:22:49.0623 3344 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:22:49.0625 3344 viaide - ok
14:22:49.0664 3344 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
14:22:49.0667 3344 vmbus - ok
14:22:49.0695 3344 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
14:22:49.0697 3344 VMBusHID - ok
14:22:49.0718 3344 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:22:49.0719 3344 volmgr - ok
14:22:49.0753 3344 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:22:49.0755 3344 volmgrx - ok
14:22:49.0782 3344 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:22:49.0783 3344 volsnap - ok
14:22:49.0830 3344 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
14:22:49.0832 3344 vsmraid - ok
14:22:49.0954 3344 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
14:22:49.0977 3344 VSS - ok
14:22:50.0159 3344 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:22:50.0161 3344 vwifibus - ok
14:22:50.0194 3344 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:22:50.0196 3344 vwififlt - ok
14:22:50.0239 3344 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:22:50.0254 3344 W32Time - ok
14:22:50.0281 3344 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
14:22:50.0283 3344 WacomPen - ok
14:22:50.0329 3344 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:22:50.0331 3344 WANARP - ok
14:22:50.0335 3344 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:22:50.0336 3344 Wanarpv6 - ok
14:22:50.0468 3344 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:22:50.0495 3344 WatAdminSvc - ok
14:22:50.0609 3344 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
14:22:50.0634 3344 wbengine - ok
14:22:50.0713 3344 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:22:50.0718 3344 WbioSrvc - ok
14:22:51.0098 3344 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
14:22:51.0111 3344 wcncsvc - ok
14:22:51.0132 3344 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:22:51.0134 3344 WcsPlugInService - ok
14:22:51.0173 3344 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
14:22:51.0174 3344 Wd - ok
14:22:51.0226 3344 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:22:51.0230 3344 Wdf01000 - ok
14:22:51.0254 3344 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:22:51.0257 3344 WdiServiceHost - ok
14:22:51.0261 3344 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:22:51.0264 3344 WdiSystemHost - ok
14:22:51.0295 3344 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
14:22:51.0300 3344 WebClient - ok
14:22:51.0327 3344 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:22:51.0332 3344 Wecsvc - ok
14:22:51.0348 3344 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:22:51.0351 3344 wercplsupport - ok
14:22:51.0387 3344 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:22:51.0390 3344 WerSvc - ok
14:22:51.0405 3344 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:22:51.0406 3344 WfpLwf - ok
14:22:51.0425 3344 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:22:51.0427 3344 WIMMount - ok
14:22:51.0513 3344 WinDefend - ok
14:22:51.0530 3344 WinHttpAutoProxySvc - ok
14:22:51.0611 3344 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:22:51.0616 3344 Winmgmt - ok
14:22:51.0782 3344 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
14:22:51.0828 3344 WinRM - ok
14:22:52.0032 3344 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:22:52.0038 3344 Wlansvc - ok
14:22:52.0276 3344 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:22:52.0326 3344 wlidsvc - ok
14:22:52.0431 3344 WmBEnum (680a7846370000d20d7e74917d5b7936) C:\Windows\system32\drivers\WmBEnum.sys
14:22:52.0432 3344 WmBEnum - ok
14:22:52.0454 3344 WmFilter (14c35ba8189c6f65d839163aa285e954) C:\Windows\system32\drivers\WmFilter.sys
14:22:52.0455 3344 WmFilter - ok
14:22:52.0488 3344 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:22:52.0490 3344 WmiAcpi - ok
14:22:52.0577 3344 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:22:52.0583 3344 wmiApSrv - ok
14:22:52.0652 3344 WMPNetworkSvc - ok
14:22:52.0678 3344 WmVirHid (8488dd91a3ee54a8e29f02ad7bb8201e) C:\Windows\system32\drivers\WmVirHid.sys
14:22:52.0679 3344 WmVirHid - ok
14:22:52.0703 3344 WmXlCore (14802b3a30aa849c97cb968ccc813bf3) C:\Windows\system32\drivers\WmXlCore.sys
14:22:52.0704 3344 WmXlCore - ok
14:22:52.0752 3344 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:22:52.0754 3344 WPCSvc - ok
14:22:52.0771 3344 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
14:22:52.0774 3344 WPDBusEnum - ok
14:22:52.0781 3344 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:22:52.0782 3344 ws2ifsl - ok
14:22:52.0826 3344 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
14:22:52.0827 3344 wscsvc - ok
14:22:52.0831 3344 WSearch - ok
14:22:53.0210 3344 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
14:22:53.0242 3344 wuauserv - ok
14:22:53.0413 3344 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:22:53.0416 3344 WudfPf - ok
14:22:53.0475 3344 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:22:53.0478 3344 WUDFRd - ok
14:22:53.0497 3344 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
14:22:53.0499 3344 wudfsvc - ok
14:22:53.0522 3344 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:22:53.0527 3344 WwanSvc - ok
14:22:53.0564 3344 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:22:53.0871 3344 \Device\Harddisk0\DR0 - ok
14:22:53.0874 3344 Boot (0x1200) (268534e6080f577d3abdb3567ef4b2ef) \Device\Harddisk0\DR0\Partition0
14:22:53.0876 3344 \Device\Harddisk0\DR0\Partition0 - ok
14:22:53.0878 3344 ============================================================
14:22:53.0878 3344 Scan finished
14:22:53.0878 3344 ============================================================
14:22:53.0892 2592 Detected object count: 0
14:22:53.0892 2592 Actual detected object count: 0

aswMBR Log:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-09 14:23:55
-----------------------------
14:23:55.096 OS Version: Windows x64 6.1.7601 Service Pack 1
14:23:55.096 Number of processors: 3 586 0x503
14:23:55.098 ComputerName: WEREDUCKY-PC UserName: Wereducky
14:23:57.161 Initialize success
14:34:00.186 AVAST engine defs: 12070900
14:34:05.008 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
14:34:05.010 Disk 0 Vendor: WDC_WD5000AVDS-63U7B1 01.00A01 Size: 476940MB BusType: 3
14:34:05.028 Disk 0 MBR read successfully
14:34:05.031 Disk 0 MBR scan
14:34:05.034 Disk 0 Windows 7 default MBR code
14:34:05.036 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476937 MB offset 63
14:34:05.065 Disk 0 scanning C:\Windows\system32\drivers
14:34:13.423 Service scanning
14:34:31.364 Modules scanning
14:34:31.381 Disk 0 trace - called modules:
14:34:31.405 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS amdide64.sys PCIIDEX.SYS hal.dll atapi.sys
14:34:31.409 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004921060]
14:34:31.413 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa80048b0520]
14:34:31.760 5 ACPI.sys[fffff88000f067a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa80048ac680]
14:34:34.944 AVAST engine scan C:\Windows
14:34:38.386 AVAST engine scan C:\Windows\system32
14:37:12.801 AVAST engine scan C:\Windows\system32\drivers
14:37:23.617 AVAST engine scan C:\Users\Wereducky
14:42:09.430 AVAST engine scan C:\ProgramData
14:42:48.628 Scan finished successfully
14:43:12.664 Disk 0 MBR has been saved successfully to "C:\Users\Wereducky\Desktop\MBR.dat"
14:43:12.669 The log file has been saved successfully to "C:\Users\Wereducky\Desktop\aswMBR.txt"

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:03 PM

Posted 09 July 2012 - 03:09 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Folder::
c:\users\Wereducky\AppData\Roaming\deluge
c:\program files (x86)\Deluge

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Wereducky

Wereducky
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas, ya'll
  • Local time:08:03 PM

Posted 09 July 2012 - 03:56 PM

Initially seems alright, gonna test it out for a bit and let you know if I notice anymore oddities. I guess deluge was more trouble than it was worth, I read some good things about it. Do you think that was the source of it?

ComboFix 12-07-08.02 - Wereducky 07/09/2012 15:14:36.2.3 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4095.2512 [GMT -5:00]
Running from: c:\users\Wereducky\Downloads\ComboFix.exe
Command switches used :: c:\users\Wereducky\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Deluge
c:\program files (x86)\Deluge\_ctypes.pyd
c:\program files (x86)\Deluge\_hashlib.pyd
c:\program files (x86)\Deluge\_multiprocessing.pyd
c:\program files (x86)\Deluge\_socket.pyd
c:\program files (x86)\Deluge\_ssl.pyd
c:\program files (x86)\Deluge\_win32sysloader.pyd
c:\program files (x86)\Deluge\atk.pyd
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\__init__.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\cache.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\container.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\converters.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\crypto\__init__.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\crypto\jcecrypto.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\crypto\pbkdf2.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\crypto\pycrypto.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\exceptions.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\ext\__init__.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\ext\database.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\ext\google.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\ext\memcached.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\ext\sqla.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\middleware.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\session.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\synchronization.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\beaker\util.pyc
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\EGG-INFO\dependency_links.txt
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\EGG-INFO\entry_points.txt
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\EGG-INFO\not-zip-safe
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\EGG-INFO\PKG-INFO
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\EGG-INFO\requires.txt
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\EGG-INFO\SOURCES.txt
c:\program files (x86)\Deluge\beaker-1.4.2-py2.6.egg\EGG-INFO\top_level.txt
c:\program files (x86)\Deluge\bz2.pyd
c:\program files (x86)\Deluge\cairo._cairo.pyd
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\__init__.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\__rpcapi.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\_libtorrent.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\bencode.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\common.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\component.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\config.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\configmanager.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\__init__.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\alertmanager.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\authmanager.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\autoadd.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\core.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\daemon.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\eventmanager.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\filtermanager.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\oldstateupgrader.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\pluginmanager.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\preferencesmanager.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\rpcserver.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\torrent.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\core\torrentmanager.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\active.svg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\active16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\alert.svg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\alert16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\all.svg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\all16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\checking.svg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\checking16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\deluge-about.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\deluge.ico
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\deluge.svg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\deluge16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\dht.svg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\dht16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\downloading.svg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\downloading16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ad.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ae.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\af.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ag.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ai.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\al.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\am.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\an.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ao.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\aq.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ar.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\as.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\at.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\au.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\aw.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ax.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\az.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ba.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bb.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bd.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\be.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bf.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bh.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bi.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bj.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bm.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bn.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bo.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\br.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bs.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bt.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bv.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bw.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\by.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\bz.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ca.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cc.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cd.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cf.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ch.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ci.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ck.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cl.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cm.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cn.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\co.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cr.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cs.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cu.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cv.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cx.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cy.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\cz.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\de.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\dj.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\dk.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\dm.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\do.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\dz.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ec.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ee.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\eg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\eh.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\er.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\es.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\et.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\fi.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\fj.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\fk.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\fm.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\fo.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\fr.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\fx.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ga.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gb.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gd.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gf.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gh.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gi.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gl.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gm.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gn.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gp.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gq.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gr.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gs.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gt.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gu.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gw.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\gy.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\hk.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\hm.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\hn.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\hr.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ht.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\hu.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\id.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ie.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\il.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\in.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\io.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\iq.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ir.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\is.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\it.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\je.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\jm.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\jo.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\jp.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ke.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\kg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\kh.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ki.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\km.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\kn.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\kp.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\kr.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\kw.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ky.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\kz.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\la.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\lb.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\lc.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\li.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\lk.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\lr.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ls.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\lt.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\lu.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\lv.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ly.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ma.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mc.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\md.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\me.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mh.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mk.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ml.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mm.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mn.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mo.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mp.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mq.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mr.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ms.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mt.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mu.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mv.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mw.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mx.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\my.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\mz.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\na.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\nc.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ne.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\nf.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ng.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ni.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\nl.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\no.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\np.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\nr.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\nu.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\nz.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\om.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\pa.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\pe.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\pf.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\pg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ph.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\pk.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\pl.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\pm.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\pn.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\pr.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ps.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\pt.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\pw.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\py.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\qa.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\re.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ro.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\rs.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ru.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\rw.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sa.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sb.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sc.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sd.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\se.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sh.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\si.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sj.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sk.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sl.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sm.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sn.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\so.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sr.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\st.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sv.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sy.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\sz.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tc.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\td.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tf.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\th.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tj.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tk.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tl.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tm.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tn.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\to.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tp.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tr.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tt.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tv.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tw.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\tz.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ua.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ug.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\um.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\us.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\uy.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\uz.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\va.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\vc.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ve.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\vg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\vi.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\vn.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\vu.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\wf.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ws.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\ye.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\yt.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\yu.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\za.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\zm.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\flags\zw.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\inactive.svg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\inactive16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\lock48.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\magnet.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\queued.svg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\queued16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\seeding.svg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\seeding16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\tracker_all16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\tracker_warning16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\traffic.svg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\data\pixmaps\traffic16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\decorators.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\error.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\event.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\httpdownloader.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\ar\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\ast\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\be\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\bg\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\bn\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\bs\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\ca\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\cs\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\cy\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\da\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\de\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\el\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\en_AU\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\en_CA\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\en_GB\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\eo\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\es\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\et\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\eu\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\fa\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\fi\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\fo\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\fr\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\fy\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\gl\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\he\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\hi\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\hr\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\hu\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\id\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\is\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\it\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\iu\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\ja\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\ka\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\kk\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\kn\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\ko\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\ku\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\la\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\lb\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\lt\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\lv\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\mk\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\ml\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\ms\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\nb\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\nds\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\nl\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\nn\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\oc\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\pl\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\pms\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\pt\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\pt_BR\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\ro\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\ru\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\si\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\sk\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\sl\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\sr\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\sv\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\ta\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\te\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\th\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\tl\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\tlh\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\tr\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\uk\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\ur\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\vi\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\zh_CN\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\zh_HK\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\i18n\zh_TW\LC_MESSAGES\deluge.mo
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\log.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\main.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\maketorrent.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\metafile.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\pluginmanagerbase.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\plugins\__init__.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\plugins\AutoAdd-1.04-py2.6.egg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\plugins\Blocklist-1.2-py2.6.egg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\plugins\Execute-1.2-py2.6.egg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\plugins\Extractor-0.1-py2.6.egg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\plugins\init.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\plugins\Label-0.2-py2.6.egg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\plugins\Notifications-0.1-py2.6.egg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\plugins\pluginbase.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\plugins\Scheduler-0.2-py2.6.egg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\plugins\WebUi-0.1-py2.6.egg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\rencode.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\__init__.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\client.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\common.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\__init__.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\colors.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\__init__.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\add.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\cache.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\config.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\connect.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\debug.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\halt.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\help.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\info.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\pause.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\plugin.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\quit.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\recheck.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\resume.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\commands\rm.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\eventlog.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\main.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\screen.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\console\statusbars.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\coreconfig.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\countries.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\__init__.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\aboutdialog.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\addtorrentdialog.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\common.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\connectionmanager.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\createtorrentdialog.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\details_tab.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\dialogs.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\edittrackersdialog.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\files_tab.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\filtertreeview.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\glade\add_torrent_dialog.glade
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\glade\connection_manager.glade
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\glade\create_torrent_dialog.glade
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\glade\dgtkpopups.glade
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\glade\edit_trackers.glade
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\glade\filtertree_menu.glade
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\glade\main_window.glade
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\glade\move_storage_dialog.glade
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\glade\preferences_dialog.glade
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\glade\queuedtorrents.glade
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\glade\remove_torrent_dialog.glade
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\glade\torrent_menu.glade
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\glade\tray_menu.glade
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\gtkui.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\ipcinterface.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\listview.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\mainwindow.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\menubar.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\new_release_dialog.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\notification.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\options_tab.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\peers_tab.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\pluginmanager.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\preferences.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\queuedtorrents.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\removetorrentdialog.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\sidebar.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\status_tab.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\statusbar.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\systemtray.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\toolbar.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\torrentdetails.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\gtkui\torrentview.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\sessionproxy.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\tracker_icons.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\ui.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\__init__.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\auth.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\common.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\css\deluge.css
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\css\ext-all-notheme.css
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\css\ext-extensions-debug.css
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\css\ext-extensions.css
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\gen_gettext.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\gettext.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\active.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\add.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\add_file.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\add_magnet.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\add_url.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\alert.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\all.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\apple-pre-114.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\apple-pre-57.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\apple-pre-72.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\back.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\bottom.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\checking.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\connection_manager.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\connections.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\create.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\dht.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\document.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\down.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\downloading.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\drive.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\edit-redo.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\edit_trackers.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\error.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\expand_all.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\find_more.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\forward.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\help.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\high.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\highest.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\home.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\inactive.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\install_plugin.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\login.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\logout.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\move.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\no_download.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\normal.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\ok.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\pause.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\preferences.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\queue.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\queued.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\recheck.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\remove.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\seeding.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\start.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\top.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\traffic.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\up.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\update.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\upload_slots.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\icons\warning.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\images\debugerror.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\images\deluge-icon.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\images\deluge_icon.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\images\deluge16.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\images\deluge32.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\images\s.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\images\spinner-split.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\images\spinner.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\index.html
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all-debug.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\.order
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\add\.order
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\add\AddWindow.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\add\FilesTab.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\add\FileWindow.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\add\Infohash.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\add\OptionsPanel.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\add\OptionsTab.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\add\UrlWindow.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\add\Window.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\AddConnectionWindow.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\AddTrackerWindow.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\Client.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\ConnectionManager.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\data\.order
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\data\PeerRecord.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\data\SortTypes.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\data\TorrentRecord.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\Deluge.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\details\DetailsPanel.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\details\DetailsTab.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\details\FilesTab.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\details\OptionsTab.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\details\PeersTab.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\details\StatusTab.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\EditTrackersWindow.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\EditTrackerWindow.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\EventsManager.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\FileBrowser.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\FilterPanel.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\Formatters.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\Keys.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\LoginWindow.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\Menus.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\MoveStorage.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\MultiOptionsManager.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\OptionsManager.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\OtherLimitWindow.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\Plugin.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\BandwidthPage.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\CachePage.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\DaemonPage.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\DownloadsPage.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\EncryptionPage.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\InstallPluginWindow.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\InterfacePage.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\NetworkPage.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\OtherPage.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\PluginsPage.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\PreferencesWindow.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\ProxyField.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\ProxyPage.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\preferences\QueuePage.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\RemoveWindow.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\Sidebar.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\Statusbar.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\StatusbarMenu.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\Toolbar.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\TorrentGrid.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\deluge-all\UI.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-all-debug.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-all.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-base-debug.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-base.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions-debug.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\form\FileUploadField.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\form\RadioGroupFix.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\form\SpinnerField.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\form\SpinnerFieldFix.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\form\SpinnerGroup.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\form\ToggleField.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\grid\BufferView.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\JSLoader.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\layout\FormLayoutFix.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\Spinner.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\StatusBar.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\tree\MultiSelectionModelFix.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\tree\TreeGrid.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\tree\TreeGridColumnResizer.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\tree\TreeGridColumns.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\tree\TreeGridLoader.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\tree\TreeGridNodeUI.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\tree\TreeGridNodeUIFix.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\tree\TreeGridRenderColumn.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\js\ext-extensions\tree\TreeGridSorter.js
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\json_api.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\pluginmanager.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\render\tab_status.html
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\server.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\css\xtheme-access.css
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\css\xtheme-blue.css
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\css\xtheme-gray.css
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\box\corners-blue.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\box\corners.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\box\l-blue.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\box\l.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\box\r-blue.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\box\r.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\box\tb-blue.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\box\tb.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\button\arrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\button\btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\button\group-cs.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\button\group-lr.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\button\group-tb.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\button\s-arrow-b-noline.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\button\s-arrow-b.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\button\s-arrow-bo.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\button\s-arrow-noline.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\button\s-arrow-o.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\button\s-arrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\editor\tb-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\form\checkbox.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\form\clear-trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\form\date-trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\form\error-tip-corners.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\form\exclamation.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\form\radio.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\form\search-trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\form\text-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\form\trigger-tpl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\form\trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\arrow-left-white.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\arrow-right-white.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\col-move-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\col-move-top.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\columns.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\dirty.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\done.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\drop-no.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\drop-yes.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\footer-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\grid-blue-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\grid-blue-split.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\grid-hrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\grid-loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\grid-split.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\grid-vista-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\grid3-hd-btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\grid3-hrow-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\grid3-hrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\grid3-special-col-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\grid3-special-col-sel-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\group-by.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\group-collapse.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\group-expand-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\group-expand.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\hd-pop.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\hmenu-asc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\hmenu-desc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\hmenu-lock.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\hmenu-lock.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\hmenu-unlock.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\hmenu-unlock.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\invalid_line.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\mso-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\nowait.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\page-first-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\page-first.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\page-last-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\page-last.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\page-next-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\page-next.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\page-prev-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\page-prev.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\pick-button.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\refresh.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\row-check-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\row-expand-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\row-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\row-sel.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\sort-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\sort_asc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\sort_desc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\grid\wait.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\menu\checked.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\menu\group-checked.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\menu\item-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\menu\menu-parent.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\menu\menu.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\menu\unchecked.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\panel\corners-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\panel\left-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\panel\light-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\panel\tool-sprite-tpl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\panel\tool-sprites.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\panel\tools-sprites-trans.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\panel\top-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\panel\white-corners-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\panel\white-left-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\panel\white-top-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\progress\progress-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\qtip\close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\qtip\tip-anchor-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\qtip\tip-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\shared\glass-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\shared\hd-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\shared\left-btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\shared\right-btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\sizer\e-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\sizer\e-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\sizer\ne-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\sizer\ne-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\sizer\nw-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\sizer\nw-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\sizer\s-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\sizer\s-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\sizer\se-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\sizer\se-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\sizer\square.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\sizer\sw-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\sizer\sw-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\slider\slider-bg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\slider\slider-thumb.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\slider\slider-v-bg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\slider\slider-v-thumb.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tabs\scroll-left.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tabs\scroll-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tabs\tab-btm-inactive-left-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tabs\tab-btm-inactive-right-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tabs\tab-btm-left-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tabs\tab-btm-right-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tabs\tab-close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tabs\tab-strip-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tabs\tab-strip-btm-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tabs\tabs-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\toolbar\bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\toolbar\btn-arrow-light.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\toolbar\btn-arrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\toolbar\btn-over-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\toolbar\gray-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\toolbar\more.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\toolbar\s-arrow-bo.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\toolbar\tb-btn-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\toolbar\tb-xl-btn-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\toolbar\tb-xl-sep.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\arrows.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\drop-add.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\drop-between.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\drop-no.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\drop-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\drop-under.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\drop-yes.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\elbow-end-minus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\elbow-end-minus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\elbow-end-plus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\elbow-end-plus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\elbow-end.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\elbow-line.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\elbow-minus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\elbow-minus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\elbow-plus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\elbow-plus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\elbow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\folder-open.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\folder.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\leaf.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\tree\s.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\window\icon-error.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\window\icon-info.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\window\icon-question.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\window\icon-warning.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\window\left-corners.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\window\left-right.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\window\right-corners.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\access\window\top-bottom.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\box\corners-blue.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\box\corners.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\box\l-blue.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\box\l.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\box\r-blue.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\box\r.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\box\tb-blue.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\box\tb.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\button\arrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\button\btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\button\group-cs.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\button\group-lr.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\button\group-tb.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\button\s-arrow-b-noline.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\button\s-arrow-b.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\button\s-arrow-bo.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\button\s-arrow-noline.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\button\s-arrow-o.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\button\s-arrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\dd\drop-add.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\dd\drop-no.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\dd\drop-yes.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\editor\tb-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\form\checkbox.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\form\clear-trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\form\date-trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\form\error-tip-corners.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\form\exclamation.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\form\radio.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\form\search-trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\form\text-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\form\trigger-square.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\form\trigger-tpl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\form\trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\gradient-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\arrow-left-white.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\arrow-right-white.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\col-move-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\col-move-top.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\columns.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\dirty.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\done.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\drop-no.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\drop-yes.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\footer-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\grid-blue-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\grid-blue-split.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\grid-hrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\grid-loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\grid-split.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\grid-vista-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\grid3-hd-btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\grid3-hrow-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\grid3-hrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\grid3-rowheader.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\grid3-special-col-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\grid3-special-col-sel-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\group-by.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\group-collapse.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\group-expand-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\group-expand.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\hd-pop.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\hmenu-asc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\hmenu-desc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\hmenu-lock.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\hmenu-lock.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\hmenu-unlock.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\hmenu-unlock.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\invalid_line.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\mso-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\nowait.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\page-first-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\page-first.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\page-last-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\page-last.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\page-next-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\page-next.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\page-prev-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\page-prev.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\pick-button.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\refresh-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\refresh.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\row-check-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\row-expand-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\row-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\row-sel.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\sort-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\sort_asc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\sort_desc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\grid\wait.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\collapse.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\expand.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\gradient-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\mini-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\mini-left.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\mini-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\mini-top.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\ns-collapse.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\ns-expand.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\panel-close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\panel-title-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\panel-title-light-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\stick.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\stuck.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\tab-close-on.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\layout\tab-close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\menu\checked.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\menu\group-checked.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\menu\item-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\menu\menu-parent.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\menu\menu.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\menu\unchecked.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\panel\corners-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\panel\left-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\panel\light-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\panel\tool-sprite-tpl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\panel\tool-sprites.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\panel\tools-sprites-trans.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\panel\top-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\panel\top-bottom.png

Part 2 of the previous log:

c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\panel\white-corners-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\panel\white-left-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\panel\white-top-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\progress\progress-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\qtip\bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\qtip\close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\qtip\tip-anchor-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\qtip\tip-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\s.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\shadow-c.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\shadow-lr.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\shadow.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\shared\blue-loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\shared\calendar.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\shared\glass-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\shared\hd-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\shared\large-loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\shared\left-btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\shared\loading-balls.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\shared\right-btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\shared\warning.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\sizer\e-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\sizer\e-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\sizer\ne-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\sizer\ne-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\sizer\nw-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\sizer\nw-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\sizer\s-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\sizer\s-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\sizer\se-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\sizer\se-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\sizer\square.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\sizer\sw-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\sizer\sw-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\slider\slider-bg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\slider\slider-thumb.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\slider\slider-v-bg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\slider\slider-v-thumb.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\scroll-left.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\scroll-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\scroller-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\tab-btm-inactive-left-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\tab-btm-inactive-right-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\tab-btm-left-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\tab-btm-over-left-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\tab-btm-over-right-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\tab-btm-right-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\tab-close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\tab-strip-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\tab-strip-bg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\tab-strip-btm-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tabs\tabs-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\toolbar\bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\toolbar\btn-arrow-light.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\toolbar\btn-arrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\toolbar\btn-over-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\toolbar\gray-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\toolbar\more.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\toolbar\tb-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\toolbar\tb-btn-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\toolbar\tb-xl-btn-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\toolbar\tb-xl-sep.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\arrows.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\drop-add.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\drop-between.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\drop-no.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\drop-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\drop-under.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\drop-yes.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\elbow-end-minus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\elbow-end-minus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\elbow-end-plus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\elbow-end-plus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\elbow-end.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\elbow-line.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\elbow-minus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\elbow-minus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\elbow-plus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\elbow-plus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\elbow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\folder-open.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\folder.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\leaf.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\tree\s.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\window\icon-error.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\window\icon-info.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\window\icon-question.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\window\icon-warning.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\window\left-corners.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\window\left-right.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\window\right-corners.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\default\window\top-bottom.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\button\btn-arrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\button\btn-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\button\btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\button\group-cs.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\button\group-lr.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\button\group-tb.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\button\s-arrow-bo.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\button\s-arrow-o.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\form\clear-trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\form\date-trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\form\search-trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\form\trigger-square.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\form\trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\gradient-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\col-move-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\col-move-top.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\grid3-hd-btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\grid3-hrow-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\grid3-hrow-over2.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\grid3-hrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\grid3-hrow2.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\grid3-special-col-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\grid3-special-col-bg2.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\grid3-special-col-sel-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\group-collapse.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\group-expand-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\group-expand.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\page-first.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\page-last.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\page-next.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\page-prev.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\refresh.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\row-expand-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\sort-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\sort_asc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\grid\sort_desc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\menu\group-checked.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\menu\item-over-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\menu\item-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\menu\menu-parent.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\panel\corners-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\panel\left-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\panel\light-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\panel\tool-sprite-tpl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\panel\tool-sprites.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\panel\tools-sprites-trans.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\panel\top-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\panel\top-bottom.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\panel\white-corners-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\panel\white-left-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\panel\white-top-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\progress\progress-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\qtip\bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\qtip\close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\qtip\tip-anchor-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\qtip\tip-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\s.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\shared\hd-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\shared\left-btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\shared\right-btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\sizer\e-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\sizer\ne-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\sizer\nw-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\sizer\s-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\sizer\se-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\sizer\square.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\sizer\sw-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\slider\slider-thumb.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\slider\slider-v-thumb.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\scroll-left.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\scroll-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\scroller-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\tab-btm-inactive-left-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\tab-btm-inactive-right-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\tab-btm-left-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\tab-btm-over-left-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\tab-btm-over-right-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\tab-btm-right-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\tab-close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\tab-strip-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\tab-strip-bg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\tab-strip-btm-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tabs\tabs-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\toolbar\bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\toolbar\btn-arrow-light.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\toolbar\btn-arrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\toolbar\btn-over-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\toolbar\gray-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\toolbar\more.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\toolbar\tb-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\toolbar\tb-btn-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tree\arrows.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tree\elbow-end-minus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tree\elbow-end-minus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tree\elbow-end-plus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\tree\elbow-end-plus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\window\icon-error.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\window\icon-info.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\window\icon-question.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\window\icon-warning.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\window\left-corners.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\window\left-right.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\window\right-corners.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\gray\window\top-bottom.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\basic-dialog\bg-center.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\basic-dialog\bg-left.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\basic-dialog\bg-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\basic-dialog\close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\basic-dialog\collapse.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\basic-dialog\dlg-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\basic-dialog\e-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\basic-dialog\expand.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\basic-dialog\hd-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\basic-dialog\s-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\basic-dialog\se-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\basic-dialog\w-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\gradient-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\grid\grid-split.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\grid\grid-vista-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\layout\collapse.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\layout\expand.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\layout\gradient-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\layout\ns-collapse.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\layout\ns-expand.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\layout\panel-close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\layout\panel-title-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\layout\panel-title-light-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\layout\stick.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\layout\tab-close-on.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\layout\tab-close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\qtip\bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\qtip\tip-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\s.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\sizer\e-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\sizer\e-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\sizer\ne-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\sizer\ne-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\sizer\nw-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\sizer\nw-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\sizer\s-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\sizer\s-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\sizer\se-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\sizer\se-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\sizer\sw-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\sizer\sw-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\tabs\tab-btm-inactive-left-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\tabs\tab-btm-inactive-right-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\tabs\tab-btm-left-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\tabs\tab-btm-right-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\tabs\tab-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\toolbar\gray-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\vista\toolbar\tb-btn-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\box\corners-blue.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\box\corners.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\box\l-blue.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\box\l.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\box\r-blue.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\box\r.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\box\tb-blue.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\box\tb.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\button\arrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\button\btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\button\group-cs.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\button\group-lr.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\button\group-tb.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\button\s-arrow-b-noline.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\button\s-arrow-b.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\button\s-arrow-bo.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\button\s-arrow-noline.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\button\s-arrow-o.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\button\s-arrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\dd\drop-add.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\dd\drop-no.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\dd\drop-yes.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\editor\tb-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\form\checkbox.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\form\clear-trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\form\date-trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\form\error-tip-corners.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\form\exclamation.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\form\radio.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\form\search-trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\form\text-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\form\trigger-square.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\form\trigger-tpl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\form\trigger.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\gradient-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\arrow-left-white.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\arrow-right-white.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\col-move-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\col-move-top.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\columns.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\dirty.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\done.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\drop-no.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\drop-yes.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\footer-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\grid-blue-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\grid-blue-split.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\grid-hrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\grid-loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\grid-split.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\grid-vista-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\grid3-hd-btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\grid3-hrow-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\grid3-hrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\grid3-special-col-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\grid3-special-col-sel-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\group-by.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\group-collapse.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\group-expand-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\group-expand.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\hd-pop.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\hmenu-asc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\hmenu-desc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\hmenu-lock.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\hmenu-lock.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\hmenu-unlock.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\hmenu-unlock.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\invalid_line.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\mso-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\nowait.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\page-first-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\page-first.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\page-last-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\page-last.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\page-next-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\page-next.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\page-prev-disabled.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\page-prev.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\pick-button.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\refresh.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\row-check-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\row-expand-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\row-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\row-sel.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\sort-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\sort_asc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\sort_desc.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\grid\wait.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\collapse.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\expand.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\gradient-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\mini-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\mini-left.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\mini-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\mini-top.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\ns-collapse.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\ns-expand.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\panel-close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\panel-title-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\panel-title-light-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\stick.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\stuck.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\tab-close-on.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\layout\tab-close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\menu\checked.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\menu\group-checked.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\menu\item-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\menu\menu-parent.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\menu\menu.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\menu\unchecked.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\panel\corners-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\panel\left-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\panel\light-hd.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\panel\tool-sprite-tpl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\panel\tool-sprites.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\panel\tools-sprites-trans.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\panel\top-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\panel\top-bottom.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\panel\white-corners-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\panel\white-left-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\panel\white-top-bottom.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\progress\progress-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\qtip\bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\qtip\close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\qtip\tip-anchor-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\qtip\tip-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\s.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\shadow-c.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\shadow-lr.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\shadow.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\shared\blue-loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\shared\calendar.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\shared\glass-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\shared\hd-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\shared\large-loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\shared\left-btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\shared\loading-balls.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\shared\right-btn.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\shared\warning.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\sizer\e-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\sizer\e-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\sizer\ne-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\sizer\ne-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\sizer\nw-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\sizer\nw-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\sizer\s-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\sizer\s-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\sizer\se-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\sizer\se-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\sizer\square.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\sizer\sw-handle-dark.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\sizer\sw-handle.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\slider\slider-bg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\slider\slider-thumb.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\slider\slider-v-bg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\slider\slider-v-thumb.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\scroll-left.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\scroll-right.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\scroller-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\tab-btm-inactive-left-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\tab-btm-inactive-right-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\tab-btm-left-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\tab-btm-over-left-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\tab-btm-over-right-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\tab-btm-right-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\tab-close.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\tab-strip-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\tab-strip-bg.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\tab-strip-btm-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tabs\tabs-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\toolbar\bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\toolbar\btn-arrow-light.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\toolbar\btn-arrow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\toolbar\btn-over-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\toolbar\gray-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\toolbar\more.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\toolbar\tb-bg.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\toolbar\tb-btn-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\toolbar\tb-xl-btn-sprite.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\toolbar\tb-xl-sep.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\arrows.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\drop-add.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\drop-between.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\drop-no.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\drop-over.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\drop-under.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\drop-yes.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\elbow-end-minus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\elbow-end-minus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\elbow-end-plus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\elbow-end-plus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\elbow-end.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\elbow-line.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\elbow-minus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\elbow-minus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\elbow-plus-nl.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\elbow-plus.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\elbow.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\folder-open.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\folder.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\leaf.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\loading.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\tree\s.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\window\icon-error.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\window\icon-info.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\window\icon-question.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\window\icon-warning.gif
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\window\left-corners.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\window\left-right.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\window\right-corners.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\themes\images\yourtheme\window\top-bottom.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\web\web.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\deluge\ui\Win32IconImagePlugin.pyc
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\EGG-INFO\dependency_links.txt
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\EGG-INFO\entry_points.txt
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\EGG-INFO\not-zip-safe
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\EGG-INFO\PKG-INFO
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\EGG-INFO\SOURCES.txt
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\EGG-INFO\top_level.txt
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\icons\hicolor\128x128\apps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\icons\hicolor\16x16\apps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\icons\hicolor\192x192\apps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\icons\hicolor\22x22\apps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\icons\hicolor\24x24\apps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\icons\hicolor\256x256\apps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\icons\hicolor\32x32\apps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\icons\hicolor\36x36\apps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\icons\hicolor\48x48\apps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\icons\hicolor\64x64\apps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\icons\hicolor\72x72\apps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\icons\hicolor\96x96\apps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\icons\scalable\apps\deluge.svg
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\man\man1\deluge-console.1
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\man\man1\deluge-gtk.1
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\man\man1\deluge-web.1
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\man\man1\deluge.1
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\man\man1\deluged.1
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\pixmaps\deluge.png
c:\program files (x86)\Deluge\deluge-1.3.5-py2.6.egg\share\pixmaps\deluge.xpm
c:\program files (x86)\Deluge\deluge-console.exe
c:\program files (x86)\Deluge\deluge-debug.exe
c:\program files (x86)\Deluge\deluge-gtk.exe
c:\program files (x86)\Deluge\Deluge-uninst.exe
c:\program files (x86)\Deluge\deluge-web.exe
c:\program files (x86)\Deluge\deluge.exe
c:\program files (x86)\Deluge\deluged.exe
c:\program files (x86)\Deluge\distribute-0.6.14-py2.6.egg
c:\program files (x86)\Deluge\etc\gtk-2.0\gtkrc
c:\program files (x86)\Deluge\freetype6.dll
c:\program files (x86)\Deluge\gio._gio.pyd
c:\program files (x86)\Deluge\glib._glib.pyd
c:\program files (x86)\Deluge\gobject._gobject.pyd
c:\program files (x86)\Deluge\gtk._gtk.pyd
c:\program files (x86)\Deluge\gtk.glade.pyd
c:\program files (x86)\Deluge\homepage.url
c:\program files (x86)\Deluge\intl.dll
c:\program files (x86)\Deluge\jpeg.dll
c:\program files (x86)\Deluge\lib\gtk-2.0\2.10.0\engines\libpixmap.dll
c:\program files (x86)\Deluge\lib\gtk-2.0\2.10.0\engines\libsvg.dll
c:\program files (x86)\Deluge\lib\gtk-2.0\2.10.0\engines\libwimp.dll
c:\program files (x86)\Deluge\libatk-1.0-0.dll
c:\program files (x86)\Deluge\libcairo-2.dll
c:\program files (x86)\Deluge\LIBEAY32.dll
c:\program files (x86)\Deluge\libexpat-1.dll
c:\program files (x86)\Deluge\libfontconfig-1.dll
c:\program files (x86)\Deluge\libfreetype-6.dll
c:\program files (x86)\Deluge\libgdk-win32-2.0-0.dll
c:\program files (x86)\Deluge\libgdk_pixbuf-2.0-0.dll
c:\program files (x86)\Deluge\libgio-2.0-0.dll
c:\program files (x86)\Deluge\libglade-2.0-0.dll
c:\program files (x86)\Deluge\libglib-2.0-0.dll
c:\program files (x86)\Deluge\libgmodule-2.0-0.dll
c:\program files (x86)\Deluge\libgobject-2.0-0.dll
c:\program files (x86)\Deluge\libgthread-2.0-0.dll
c:\program files (x86)\Deluge\libgtk-win32-2.0-0.dll
c:\program files (x86)\Deluge\libogg-0.dll
c:\program files (x86)\Deluge\libpango-1.0-0.dll
c:\program files (x86)\Deluge\libpangocairo-1.0-0.dll
c:\program files (x86)\Deluge\libpangoft2-1.0-0.dll
c:\program files (x86)\Deluge\libpangowin32-1.0-0.dll
c:\program files (x86)\Deluge\libpng12-0.dll
c:\program files (x86)\Deluge\libpng14-14.dll
c:\program files (x86)\Deluge\library.zip
c:\program files (x86)\Deluge\libtiff.dll
c:\program files (x86)\Deluge\libtorrent.pyd
c:\program files (x86)\Deluge\libvorbis-0.dll
c:\program files (x86)\Deluge\libvorbisfile-3.dll
c:\program files (x86)\Deluge\libxml2-2.dll
c:\program files (x86)\Deluge\LICENSE
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\EGG-INFO\dependency_links.txt
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\EGG-INFO\entry_points.txt
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\EGG-INFO\not-zip-safe
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\EGG-INFO\PKG-INFO
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\EGG-INFO\requires.txt
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\EGG-INFO\scripts\mako-render
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\EGG-INFO\SOURCES.txt
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\EGG-INFO\top_level.txt
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\__init__.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\_ast_util.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\ast.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\cache.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\codegen.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\exceptions.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\ext\__init__.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\ext\autohandler.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\ext\babelplugin.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\ext\preprocessors.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\ext\pygmentplugin.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\ext\turbogears.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\filters.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\lexer.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\lookup.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\parsetree.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\pygen.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\pyparser.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\runtime.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\template.pyc
c:\program files (x86)\Deluge\mako-0.2.5-py2.6.egg\mako\util.pyc
c:\program files (x86)\Deluge\OpenSSL.crypto.pyd
c:\program files (x86)\Deluge\OpenSSL.rand.pyd
c:\program files (x86)\Deluge\OpenSSL.SSL.pyd
c:\program files (x86)\Deluge\pango.pyd
c:\program files (x86)\Deluge\pangocairo.pyd
c:\program files (x86)\Deluge\pyexpat.pyd
c:\program files (x86)\Deluge\pygame._arraysurfarray.pyd
c:\program files (x86)\Deluge\pygame._numericsndarray.pyd
c:\program files (x86)\Deluge\pygame._numericsurfarray.pyd
c:\program files (x86)\Deluge\pygame.base.pyd
c:\program files (x86)\Deluge\pygame.bufferproxy.pyd
c:\program files (x86)\Deluge\pygame.cdrom.pyd
c:\program files (x86)\Deluge\pygame.color.pyd
c:\program files (x86)\Deluge\pygame.constants.pyd
c:\program files (x86)\Deluge\pygame.display.pyd
c:\program files (x86)\Deluge\pygame.draw.pyd
c:\program files (x86)\Deluge\pygame.event.pyd
c:\program files (x86)\Deluge\pygame.fastevent.pyd
c:\program files (x86)\Deluge\pygame.font.pyd
c:\program files (x86)\Deluge\pygame.image.pyd
c:\program files (x86)\Deluge\pygame.imageext.pyd
c:\program files (x86)\Deluge\pygame.joystick.pyd
c:\program files (x86)\Deluge\pygame.key.pyd
c:\program files (x86)\Deluge\pygame.mask.pyd
c:\program files (x86)\Deluge\pygame.mixer.pyd
c:\program files (x86)\Deluge\pygame.mixer_music.pyd
c:\program files (x86)\Deluge\pygame.mouse.pyd
c:\program files (x86)\Deluge\pygame.movie.pyd
c:\program files (x86)\Deluge\pygame.overlay.pyd
c:\program files (x86)\Deluge\pygame.pixelarray.pyd
c:\program files (x86)\Deluge\pygame.rect.pyd
c:\program files (x86)\Deluge\pygame.rwobject.pyd
c:\program files (x86)\Deluge\pygame.scrap.pyd
c:\program files (x86)\Deluge\pygame.surface.pyd
c:\program files (x86)\Deluge\pygame.surflock.pyd
c:\program files (x86)\Deluge\pygame.time.pyd
c:\program files (x86)\Deluge\pygame.transform.pyd
c:\program files (x86)\Deluge\python26.dll
c:\program files (x86)\Deluge\pythoncom26.dll
c:\program files (x86)\Deluge\pywintypes26.dll
c:\program files (x86)\Deluge\SDL.dll
c:\program files (x86)\Deluge\SDL_image.dll
c:\program files (x86)\Deluge\SDL_mixer.dll
c:\program files (x86)\Deluge\SDL_ttf.dll
c:\program files (x86)\Deluge\select.pyd
c:\program files (x86)\Deluge\share\themes\Default\gtk-2.0-key\gtkrc
c:\program files (x86)\Deluge\share\themes\Emacs\gtk-2.0-key\gtkrc
c:\program files (x86)\Deluge\share\themes\MS-Windows\gtk-2.0\gtkrc
c:\program files (x86)\Deluge\share\themes\Raleigh\gtk-2.0\gtkrc
c:\program files (x86)\Deluge\smpeg.dll
c:\program files (x86)\Deluge\SSLEAY32.dll
c:\program files (x86)\Deluge\twisted.protocols._c_urlarg.pyd
c:\program files (x86)\Deluge\twisted.python._initgroups.pyd
c:\program files (x86)\Deluge\unicodedata.pyd
c:\program files (x86)\Deluge\win32api.pyd
c:\program files (x86)\Deluge\win32clipboard.pyd
c:\program files (x86)\Deluge\win32event.pyd
c:\program files (x86)\Deluge\win32file.pyd
c:\program files (x86)\Deluge\win32pipe.pyd
c:\program files (x86)\Deluge\win32process.pyd
c:\program files (x86)\Deluge\win32security.pyd
c:\program files (x86)\Deluge\zlib1.dll
c:\program files (x86)\Deluge\zope.interface._zope_interface_coptimizations.pyd
c:\users\Wereducky\AppData\Roaming\deluge
c:\users\Wereducky\AppData\Roaming\deluge\auth
c:\users\Wereducky\AppData\Roaming\deluge\core.conf
c:\users\Wereducky\AppData\Roaming\deluge\dht.state
c:\users\Wereducky\AppData\Roaming\deluge\files_tab.state
c:\users\Wereducky\AppData\Roaming\deluge\gtkui.conf
c:\users\Wereducky\AppData\Roaming\deluge\gtkui.conf~
c:\users\Wereducky\AppData\Roaming\deluge\icons\openbittorrent.com.png
c:\users\Wereducky\AppData\Roaming\deluge\ipc\deluge-gtk
c:\users\Wereducky\AppData\Roaming\deluge\peers_tab.state
c:\users\Wereducky\AppData\Roaming\deluge\session.state
c:\users\Wereducky\AppData\Roaming\deluge\state\7b9fd2ef3c2e4d1bc492b590bf569624ef26f607.torrent
c:\users\Wereducky\AppData\Roaming\deluge\state\torrents.fastresume
c:\users\Wereducky\AppData\Roaming\deluge\state\torrents.state
c:\users\Wereducky\AppData\Roaming\deluge\tabs.state
c:\users\Wereducky\AppData\Roaming\deluge\torrentview.state
c:\users\Wereducky\AppData\Roaming\deluge\ui.conf
.
.
((((((((((((((((((((((((( Files Created from 2012-06-09 to 2012-07-09 )))))))))))))))))))))))))))))))
.
.
2012-07-09 20:20 . 2012-07-09 20:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-08 17:33 . 2012-07-08 17:33 -------- d-----w- c:\program files (x86)\ESET
2012-07-06 16:30 . 2012-07-06 16:30 -------- d-----w- c:\users\Wereducky\AppData\Local\GameSpy
2012-07-06 16:29 . 2012-07-09 19:43 -------- d-----w- c:\users\Wereducky\AppData\Local\ApplicationHistory
2012-07-02 15:22 . 2012-07-02 15:22 -------- d-----w- c:\program files (x86)\GameSpy
2012-07-02 15:21 . 2012-07-02 15:21 -------- d-----w- c:\windows\SysWow64\URTTEMP
2012-07-02 15:16 . 2012-07-02 15:16 -------- d-----w- c:\users\Wereducky\AppData\Roaming\InstallShield
2012-07-02 14:56 . 2012-07-02 14:56 -------- d-----w- c:\program files (x86)\Firaxis Games
2012-07-02 14:56 . 2005-04-04 04:02 753664 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2012-07-02 14:56 . 2005-04-04 04:02 69714 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2012-07-02 14:56 . 2005-04-04 04:01 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2012-07-02 14:56 . 2005-04-04 04:00 184320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2012-07-02 14:56 . 2005-04-04 04:00 63488 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2012-07-02 14:56 . 2005-04-04 03:59 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2012-07-02 14:56 . 2012-07-02 14:56 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2012-07-02 14:56 . 2012-07-02 14:56 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2012-07-02 14:50 . 2012-07-02 14:50 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-07-02 14:47 . 2012-07-02 14:56 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-07-02 14:47 . 2012-07-02 14:47 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2012-07-02 14:14 . 2012-07-02 14:50 560184 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-07-02 14:13 . 2012-07-06 16:29 -------- d-----w- c:\users\Wereducky\AppData\Roaming\DAEMON Tools Lite
2012-07-01 17:24 . 2012-07-01 17:24 -------- d-----w- c:\users\Wereducky\AppData\Roaming\GameFly
2012-07-01 17:24 . 2012-07-01 17:24 -------- d-----w- c:\program files (x86)\GameFly
2012-07-01 17:24 . 2012-07-02 15:45 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-06-27 02:45 . 2012-06-27 02:47 -------- d-----w- c:\program files (x86)\elona+1.07
2012-06-21 13:50 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 13:50 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 13:50 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 13:50 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 13:50 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 13:50 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 13:50 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 13:50 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 13:50 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-19 18:32 . 2012-06-19 18:32 -------- d-----w- c:\users\Wereducky\AppData\Local\Ironclad Games
2012-06-19 18:30 . 2012-06-19 18:30 -------- d-----w- c:\programdata\Ironclad Games
2012-06-19 15:33 . 2012-06-19 15:33 -------- d-----w- c:\program files (x86)\Common Files\Stardock
2012-06-19 15:31 . 2012-06-19 15:31 -------- d-----w- c:\programdata\Gibraltar
2012-06-19 15:30 . 2012-06-19 15:30 -------- d-----w- c:\programdata\GameStop
2012-06-19 15:22 . 2012-06-19 15:26 -------- d-----w- c:\users\Wereducky\AppData\Roaming\Stardock
2012-06-19 15:21 . 2012-06-19 15:21 -------- dc-h--w- c:\programdata\{6F7EF3E6-7F1B-4824-84CD-E8DF6F1B4168}
2012-06-19 15:21 . 2012-07-02 22:29 -------- d-----w- c:\programdata\Stardock
2012-06-19 15:21 . 2012-06-19 15:21 -------- d-----w- c:\program files (x86)\Stardock
2012-06-19 15:21 . 2012-06-19 15:21 -------- dc-h--w- c:\programdata\{DF6E6A21-48E9-4FBD-B0B2-9E838A1DFED0}
2012-06-19 15:21 . 2012-06-19 15:21 -------- d-----w- c:\program files (x86)\Stardock Games
2012-06-19 15:19 . 2012-06-19 15:19 -------- d-----w- c:\users\Wereducky\AppData\Local\PackageAware
2012-06-17 00:27 . 2012-06-17 00:27 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-17 00:27 . 2012-06-17 00:27 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-16 21:16 . 2012-06-16 21:16 -------- d-----w- c:\program files (x86)\Data Realms
2012-06-15 00:25 . 2012-06-15 00:25 -------- d--h--w- c:\windows\msdownld.tmp
2012-06-14 04:06 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 04:06 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 04:06 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-14 04:05 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-14 04:05 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-14 04:05 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-14 04:05 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-14 04:05 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 23:34 . 2012-06-13 23:34 -------- d-----w- c:\users\Wereducky\AppData\Local\Macromedia
2012-06-11 22:44 . 2012-06-11 22:44 -------- d-----w- C:\msys
2012-06-10 20:24 . 2012-06-10 20:40 -------- d-----w- C:\MinGW
2012-06-10 20:03 . 2012-06-10 20:04 -------- d-----w- c:\users\Wereducky\.netbeans
2012-06-10 19:48 . 2012-06-10 19:49 -------- d-----w- c:\program files\NetBeans 7.1.2
2012-06-10 19:47 . 2012-06-10 19:49 -------- d-----w- c:\users\Wereducky\.nbi
2012-06-10 04:38 . 2012-07-01 17:24 -------- d-----w- c:\users\Wereducky\AppData\Local\Adobe
2012-06-10 04:29 . 2012-06-10 04:29 -------- d-----w- c:\program files (x86)\Common Files\Adobe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-08 16:14 . 2012-04-12 23:48 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-08 16:14 . 2012-04-12 23:48 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-19 09:50 . 2012-04-19 09:50 28480 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2012-04-14 15:56 . 2012-04-14 00:32 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-14 15:55 . 2012-04-14 15:55 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-13 02:32 . 2011-03-28 23:36 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-09_14.00.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-21 03:09 . 2012-07-09 19:20 31826 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-09 19:20 43636 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-04-13 00:06 . 2012-07-09 20:22 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-04-13 00:06 . 2012-07-09 14:00 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-04-13 00:06 . 2012-07-09 14:00 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-04-13 00:06 . 2012-07-09 20:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-09 20:22 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-09 14:00 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-04-12 22:48 . 2012-07-09 19:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-04-12 22:48 . 2012-07-09 13:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-04-12 22:48 . 2012-07-09 19:19 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-04-12 22:48 . 2012-07-09 13:50 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-04-12 22:48 . 2012-07-09 13:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-04-12 22:48 . 2012-07-09 19:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-04-12 22:48 . 2012-07-09 13:50 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-04-12 22:48 . 2012-07-09 20:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-04-12 22:48 . 2012-07-09 13:50 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-04-12 22:48 . 2012-07-09 20:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-04-13 18:25 . 2012-07-09 14:08 3032 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2012-04-12 22:49 . 2012-07-09 19:20 8568 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-770717917-2534679721-2557027291-1000_UserData.bin
- 2012-07-09 14:00 . 2012-07-09 14:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-09 20:21 . 2012-07-09 20:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-09 20:21 . 2012-07-09 20:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-09 14:00 . 2012-07-09 14:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-04-12 23:53 . 2012-07-09 20:21 765768 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2012-04-12 23:53 . 2012-07-09 13:46 765768 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-07-09 13:59 234448 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-09 20:21 234448 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2012-04-12 23:53 . 2012-07-09 13:46 32950944 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-770717917-2534679721-2557027291-1000-8192.dat
+ 2012-04-12 23:53 . 2012-07-09 20:21 32950944 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-770717917-2534679721-2557027291-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-06-05 17344176]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-04-12 1242448]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Comrade.exe"="c:\program files (x86)\GameSpy\Comrade\Comrade.exe" [2007-05-27 36864]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-10-26 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]
"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2012-02-27 801792]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
.
c:\users\Wereducky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GameStopNow.lnk.disabled [2012-6-19 1287]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 ECSIoDriver_1_1_0_0;ECSIoDriver_1_1_0_0;c:\users\WEREDU~1\AppData\Local\Temp\is-NDHP2.tmp\ECSIoDriverX64.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-13 1255736]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys [2009-07-08 11832]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-06 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-06-24 8704]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 ALSysIO;ALSysIO;c:\users\WEREDU~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ALSYSIO
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-30 10806816]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://192.168.1.1/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Open Client to monitor &1 - c:\windows\web\AOpenClient.htm
IE: Open Client to monitor &2 - c:\windows\web\AOpenClient.htm
TCP: Interfaces\{5FBB8D6F-16B0-4DE1-B1C0-B616DFE4B23A}: NameServer = 70.243.119.1,8.8.8.8
FF - ProfilePath - c:\users\Wereducky\AppData\Roaming\Mozilla\Firefox\Profiles\rw4fljgc.default\
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Deluge - c:\program files (x86)\Deluge\Deluge-uninst.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-07-09 15:26:57 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-09 20:26
ComboFix2.txt 2012-07-09 14:05
.
Pre-Run: 340,565,233,664 bytes free
Post-Run: 340,380,979,200 bytes free
.
- - End Of File - - 75E1C0E7115A3B0FFDDA1683D8E76864

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:03 PM

Posted 09 July 2012 - 04:33 PM

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (it does allot better of a job

Programs to remove

Java™ 6 Update 31 [/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.


Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the AnalyseThis button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.


NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Wereducky

Wereducky
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas, ya'll
  • Local time:08:03 PM

Posted 09 July 2012 - 05:14 PM

I had a problem trying to get a hold of MBAM, the download screen when doing the redirect from the "download will start momentarily" page to actually start the download would always show server not found, however I was able to download from the direct link supplied on that page. Also HijackThis was unable to gain write access to the HOSTS file, but upon checking it, the only entry in my hosts file is localhost. Other than those two strange things, haven't had any other problems crop up while I have been using the computer.

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.09.14

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Wereducky :: WEREDUCKY-PC [administrator]

7/9/2012 4:56:55 PM
mbam-log-2012-07-09 (16-56-55).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 209018
Time elapsed: 2 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:04:59 PM, on 7/9/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Wereducky\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://192.168.1.1/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: GameStopNow.lnk.disabled
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FBB8D6F-16B0-4DE1-B1C0-B616DFE4B23A}: NameServer = 70.243.119.1,8.8.8.8
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8385 bytes

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:03 PM

Posted 09 July 2012 - 08:27 PM

Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Run HijackThis
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
      O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - Startup: GameStopNow.lnk.disabled
  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.

    NOTE**You can research each of those lines >here< and see if you want to keep them or not
    just copy the name between the brackets and paste into the search space
    O4 - HKLM\..\Run: [IntelliPoint]


NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

When the scan is complete

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

  • If threats were found
  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish
  • close program
  • copy and paste the report here


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Wereducky

Wereducky
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas, ya'll
  • Local time:08:03 PM

Posted 09 July 2012 - 09:34 PM

Looks like those bugs are still in quarantine, but nothing else found. Was there a step I missed for what to do about these guys?

C:\Qoobox\Quarantine\C\Windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\U\00000008.@.vir Win64/Agent.BA trojan
C:\Qoobox\Quarantine\C\Windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\U\80000000.@.vir Win64/Sirefef.AE trojan
C:\Qoobox\Quarantine\C\Windows\Installer\{c5a8250a-3c0e-7511-5fec-114d29070370}\U\80000032.@.vir a variant of Win32/Sirefef.FD trojan
C:\Qoobox\Quarantine\C\Windows\System32\services.exe.vir Win64/Patched.B.Gen trojan

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:03 PM

Posted 09 July 2012 - 09:43 PM

Hello

The Online scan looks very good!! It is only reporting backups created during the course of this fix!!


C:\Qoobox\Quarantine\<-- combofix


Very well done!! This is my general post for when your logs show no more signs of malware - Please let me know if you still are having problems with your computer and what these problems are.


:Why we need to remove some of our tools:

Some of the tools we have used to clean your computer were made by fellow malware fighters and are very powerful and if used incorrectly or at the wrong time can make the computer an expensive paper weight.
They are updated all the time and some of them more than once a day so by the time you are ready to use them again they will already be outdated.

The following procedures will implement some cleanup procedures to remove these tools. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made.
:DeFogger:

Note** Defogger only needs to be run if it was run when we first started. If you have not already run it then skip this.

  • To re-enable your Emulation drivers, double click DeFogger to run the tool.
  • The application window will appear
  • Click the Re-enable button to re-enable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK.
Your Emulation drivers are now re-enabled.

:Uninstall ComboFix:

  • turn off all active protection software
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box ComboFix /Uninstall and click OK.
  • Note the space between the X and the /Uninstall, it needs to be there.
  • Posted Image

:Remove the rest of our tools:

Please download OTCleanIt and save it to desktop. This tool will remove all the tools we used to clean your pc.
  • Double-click OTCleanIt.exe.
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not delete it by yourself.
  • If asked to restart the computer, please do so
Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

:The programs you can keep:

Some of the programs that we have used would be a good idea to keep and used often in helping to keep the computer clean. I use these programs on my computer.

Revo Uninstaller Free - this is the uninstaller that I had you download and works allot better than add/remove in windows and has saved me more than once from corrupted installs and uninstalls

CCleaner - This is a good program to clean out temp files, I would use this once a week or before any malware scan to remove unwanted temp files - It has a built in registry cleaner but I would leave that alone and not use any registry cleaner

Malwarebytes' Anti-Malware The Gold standard today in antimalware scanners

:Security programs:

One of the questions I am asked all the time is "What programs do you use" I have at this time 4 computers in my home and I have this setup on all 4 of them.


  • Microsoft Security Essentials - provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
  • WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
  • Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
    totally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recomend keeping it and using often. (I have upgraded to the paid version of MBAM and I am glad I did)

    Note** If you decide to install MSE you will need to uninstall your present Antivirus

:Security awareness:

The other question I am asked all the time is "How can I prevent this from happening again." and the short answer to that is to be aware of what is out there and how to start spotting dangers.

Here are some articles that are must reads and should be read by everybody in your household that uses the internet

internetsafety

Internet Safety for Kids

Here is some more reading for you from some of my colleges

PC Safety and Security - What Do I Need? from my friends at Tech Support Forum

COMPUTER SECURITY - a short guide to staying safer online from my friends at Malware Removal

quoted from Tech Support Forum

Conclusion

There is no such thing as ‘perfect security’. This applies to many things, not just computer systems. Using the above guide you should be able to take all the reasonable steps you can to prevent infection. However, the most important part of all this is you, the user. Surf sensibly and think before you download a file or click on a link. Take a few moments to assess the possible risks and you should be able to enjoy all the internet has to offer.


I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

I Will Keep This Open For About Three Days, If Anything Comes Up - Just Come Back And Let Me Know, after that time you will have to send me a PM

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Wereducky

Wereducky
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas, ya'll
  • Local time:08:03 PM

Posted 09 July 2012 - 10:45 PM

Thank you for all of your help Gringo, I certainly couldn't have done it without you. I'll come back by here if anything odd comes up in the near future. Thanks for the useful information in your ending post, hopefully adding a few new tools to my repertoire will help prevent any future occurrences. Again thank you and the rest of you white hats on the Bleeping Computer forums, You Rock! Take care and have a great rest of your week!

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:03 PM

Posted 09 July 2012 - 11:00 PM

you are more than welcome and glad I was able to help


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:03 PM

Posted 21 July 2012 - 02:37 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users