R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2010-01-28 101120]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-04-11 19968]
R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [2009-03-02 81920]
R4 BecHelperService;BecHelperService;c:\program files\3 Mobile Broadband\3Connect\BecHelperService.exe [2010-01-28 1737464]
Hi Birdie, Your logs appear clean. Please let me know if you are having any difficulties at all with your computer now. Lets see if there are any remnants from your infection. As follows please.
Step 1 ESET Scan
Please run a free online scan with the ESET Online Scanner Note: You will need to use Internet Explorer for this scan.
Tick the box next to Yes, I accept the Terms of Use.
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the options Remove found threats and the option Scan unwanted applications is checked
Click Scan Wait for the scan to finish
Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic
Step 2 Security Check
Download Security Check by screen317 from HERE or HERE
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
You may delete all the text files that have been created by our tools. I will give you a tool that will delete all the other programmes we have used.
Step 1 JavaRa
Please download JavaRa from here Unzip the zip file using 7-Zip Please click "Check for Updates" and then "Remove older versions" as shown below
Step 2 Updating Java
Your Java is out of date.Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
Close all browser windows then double-click on the saved file (jre-6u23-windows-i586.exe) to install the update. Be patient: It may take five (5) minutes or more for the installation to complete.
UNCHECK any optional "foistware" (e.g., Carbonite; OpenOffice; Google, Bing, etc. toolbars) that you don't want to install!
Delete the downloaded installation file after completing the above procedure and reboot if not prompted to do so.
Windows 64-bit users: See http://www.java.com/en/download/faq/java_win64bit.xml For more information see http://java.com/en/download/faq/index_general.xml
-- If you choose to update via the Java applet in Control Panel, uncheck the option to install the Toolbar unless you want it.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it:
Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
Click Ok and reboot your computer.
Step 3 Remove ComboFix, delete infected restore points, etc. Please go to Start, then click on Run and copy and paste the following into the Run box:
combofix /uninstall
and tap . Wait until the process completes. This will delete ComboFix, all of the ComboFix backups, delete your infected restore points and create a new one, delete your tmp files, and your trash, etc. In other words it will clean up some of the leftover junk on your system that was either deleted or quarantined.
*ComboFix is a powerful tool that changes often and should not be used unless directed by someone trained in its use.*
Step 4 OTC
Download OTC by OldTimer and save it to your desktop.
Double click icon to start the program. If you are using Vista, please right-click and choose run as administrator
Then Click the big button.
You will get a prompt saying "Being Cleanup Process". Please select Yes.
Restart your computer when prompted.
When you have carried out all of these steps. Unless you have further problems, I will post you information that will give great advice on how to prevent malware in the future.
I think we are all done. If you have any further questions, please do not hesitate to ask. Next will follow my standard end response. Please read through this as it contains a lot of information about preventing malware in the future.
Make proper use of your anti-virus and firewall
Anti-virus and Firewall programs are integral to your computer security. However, just having them installed isn't enough. The definitions of these programs are frequently updated to detect the latest malware. If you don't keep up with these updates, you'll be vulnerable to infection. Many anti-virus and firewall programs have automatic update features. Turn the automatic updates on if your programs have them. If your program doesn't, then get in the habit of routinely performing manual updates, because it's important.
You should keep your anti-virus and firewall guard enabled at all times. NEVER turn them off unless there's a specific reason to do so. Also, regularly performing a full system scan with your anti-virus program is a good idea to make sure you're system remains clean. Once a week should be adequate. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.
Antispyware programs:
I would recommend the download and installation of some or all of the following programs (all free), and the updating of them regularly:
Web of Trust warns you about risky websites that try to scam visitors, deliver malware or send spam. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous ones:
Available for Firefox, Internet Explorer and Google Chrome.
Green to go, Yellow for caution, and Red to stop.
Spyware Blaster - By altering your registry, this program stops harmful sites from installing things like ActiveX Controls on your machines.
Malwarebytes' Anti-Malware - Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is totally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recommend keeping it and using often.
Please remember to update MBAM every time before you run it.
Use a safer web browser
Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a few good free alternatives:
All of these are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these. If you wish to continue using Internet Explorer, it would be a good idea to follow the tutorial HERE which will help you to make IE MUCH safer. Here a couple of links by two security experts that will give some excellent tips and advice.
Finally this linkHERE will give a comprehensive up-to-date list of free Security programs. To include - Anti-virus, Antispyware, Firewall, Anti-malware, Online scanners and rescue CD`s.
Thanks for using Dell Community Malware Support. I do not see any evidence of malware in any of your logs and if your computer is running well, it appears we have solved the problem.
BS709
12 Posts
0
May 16th, 2011 15:00
Hello George,
It worked like a charm! Here is the log
ComboFix 11-05-16.01 - Baradwaj 16/05/2011 22:18:39.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1033.18.3032.1480 [GMT 1:00]
Running from: c:\users\Baradwaj\Desktop\ComboFix.exe
Command switches used :: c:\users\Baradwaj\Desktop\CFScript_AVG2011.txt
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\Mozilla Firefox\searchplugins\avg_igeared.xml"
"c:\programdata\Common Files\6F59E522-4689-156E-316C-D5B48819DE95.dat"
"c:\users\Public\Desktop\AVG 2011.lnk"
"c:\users\Public\Desktop\AVG Free 9.0.lnk"
"c:\windows\system32\avgrsstx.dll"
"c:\windows\system32\drivers\AVGIDSDriver.sys"
"c:\windows\system32\drivers\AVGIDSEH.sys"
"c:\windows\system32\drivers\AVGIDSFilter.sys"
"c:\windows\system32\drivers\AVGIDSShim.sys"
"c:\windows\system32\drivers\avgldx86.sys"
"c:\windows\system32\drivers\avgmfx86.sys"
"c:\windows\system32\drivers\avgrkx86.sys"
"c:\windows\system32\drivers\avgtdix.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\$AVG
c:\$avg\$VAULT\V_00000004.fil
c:\$avg\$VAULT\V_00000005.fil
c:\$avg\$VAULT\vvfolder.idx
c:\program files\AVG
c:\program files\AVG\AVG10\3rd_party\licenses\ace.txt
c:\program files\AVG\AVG10\3rd_party\licenses\arabica.txt
c:\program files\AVG\AVG10\3rd_party\licenses\boost.txt
c:\program files\AVG\AVG10\3rd_party\licenses\bsdiff.txt
c:\program files\AVG\AVG10\3rd_party\licenses\bzip.txt
c:\program files\AVG\AVG10\3rd_party\licenses\carp.html
c:\program files\AVG\AVG10\3rd_party\licenses\cryptopp.txt
c:\program files\AVG\AVG10\3rd_party\licenses\curl.txt
c:\program files\AVG\AVG10\3rd_party\licenses\dazukofs.txt
c:\program files\AVG\AVG10\3rd_party\licenses\expat.txt
c:\program files\AVG\AVG10\3rd_party\licenses\imagemagick.txt
c:\program files\AVG\AVG10\3rd_party\licenses\infozip.txt
c:\program files\AVG\AVG10\3rd_party\licenses\lua.txt
c:\program files\AVG\AVG10\3rd_party\licenses\md4_md5_license.txt
c:\program files\AVG\AVG10\3rd_party\licenses\milter.txt
c:\program files\AVG\AVG10\3rd_party\licenses\minizip.txt
c:\program files\AVG\AVG10\3rd_party\licenses\openssl_license.html
c:\program files\AVG\AVG10\3rd_party\licenses\sasl.txt
c:\program files\AVG\AVG10\3rd_party\licenses\tinyxml.txt
c:\program files\AVG\AVG10\3rd_party\licenses\unrar.txt
c:\program files\AVG\AVG10\3rd_party\licenses\untar.txt
c:\program files\AVG\AVG10\3rd_party\licenses\xalan_xerces.txt
c:\program files\AVG\AVG10\3rd_party\licenses\zlib.txt
c:\program files\AVG\AVG10\3rd_party\readme.txt
c:\program files\AVG\AVG10\avg.snu
c:\program files\AVG\AVG10\avg_us.chm
c:\program files\AVG\AVG10\avg_us.lng
c:\program files\AVG\AVG10\avgabout.dll
c:\program files\AVG\AVG10\avgamnot.dll
c:\program files\AVG\AVG10\avgapix.dll
c:\program files\AVG\AVG10\avgar_us.chm
c:\program files\AVG\AVG10\avgatend.stp
c:\program files\AVG\AVG10\avgatupd.stp
c:\program files\AVG\AVG10\avgcclix.dll
c:\program files\AVG\AVG10\avgcertx.dll
c:\program files\AVG\AVG10\avgcfgex.exe
c:\program files\AVG\AVG10\avgcfgx.dll
c:\program files\AVG\AVG10\avgcfgx.dll.old
c:\program files\AVG\AVG10\avgcfgx.dll.old.old
c:\program files\AVG\AVG10\avgchclx.dll
c:\program files\AVG\AVG10\avgchjwx.dll
c:\program files\AVG\AVG10\avgchsvx.exe
c:\program files\AVG\AVG10\avgclitx.dll
c:\program files\AVG\AVG10\avgcmgr.exe
c:\program files\AVG\AVG10\avgcorex.dll
c:\program files\AVG\AVG10\avgcremx.exe
c:\program files\AVG\AVG10\avgcslx.dll
c:\program files\AVG\AVG10\avgcslx.dll.old
c:\program files\AVG\AVG10\avgcslx.dll.old.old
c:\program files\AVG\AVG10\avgcsrvx.exe
c:\program files\AVG\AVG10\avgdg_us.chm
c:\program files\AVG\AVG10\avgdiagex.exe
c:\program files\AVG\AVG10\avgdumpx.exe
c:\program files\AVG\AVG10\avgemcx.exe
c:\program files\AVG\AVG10\avgf_us.chm
c:\program files\AVG\AVG10\avgfree_us.mht
c:\program files\AVG\AVG10\avgidp_us.chm
c:\program files\AVG\AVG10\avgidpsdkx.dll
c:\program files\AVG\AVG10\avglngx.dll
c:\program files\AVG\AVG10\avglngx.dll.old
c:\program files\AVG\AVG10\avglngx.dll.old.old
c:\program files\AVG\AVG10\avglogx.dll
c:\program files\AVG\AVG10\avglogx.dll.old
c:\program files\AVG\AVG10\avglogx.dll.old.old
c:\program files\AVG\AVG10\avgls_us.chm
c:\program files\AVG\AVG10\avglscanx.exe
c:\program files\AVG\AVG10\avgmfapx.exe
c:\program files\AVG\AVG10\avgmfapx.exe.old
c:\program files\AVG\AVG10\avgmfarx.dll
c:\program files\AVG\AVG10\avgmfarx.dll.old
c:\program files\AVG\AVG10\avgmtrapx.dll
c:\program files\AVG\AVG10\avgmvflx.dll
c:\program files\AVG\AVG10\avgmwdef_us.mht
c:\program files\AVG\AVG10\avgnsx.exe
c:\program files\AVG\AVG10\avgntdumpx.exe
c:\program files\AVG\AVG10\avgoff2kx.dll
c:\program files\AVG\AVG10\avgoutlookx.dll
c:\program files\AVG\AVG10\avgpostinstx.dll
c:\program files\AVG\AVG10\avgpp.dll
c:\program files\AVG\AVG10\avgresf.dll
c:\program files\AVG\AVG10\avgrktx.dll
c:\program files\AVG\AVG10\avgrsx.exe
c:\program files\AVG\AVG10\avgsals_us.mht
c:\program files\AVG\AVG10\avgsbfree_us.mht
c:\program files\AVG\AVG10\avgsbgx.dll
c:\program files\AVG\AVG10\avgscanx.dll
c:\program files\AVG\AVG10\avgscanx.exe
c:\program files\AVG\AVG10\avgsched.dll
c:\program files\AVG\AVG10\avgse.dll
c:\program files\AVG\AVG10\avgsrmax.exe
c:\program files\AVG\AVG10\avgsrmx.dll
c:\program files\AVG\AVG10\avgssie.dll
c:\program files\AVG\AVG10\avgtbapi.dll
c:\program files\AVG\AVG10\AVGToolbarInstall.exe
c:\program files\AVG\AVG10\avgtray.exe
c:\program files\AVG\AVG10\avgtrial_us.mht
c:\program files\AVG\AVG10\avgui.exe
c:\program files\AVG\AVG10\avguiadv.dll
c:\program files\AVG\AVG10\avguires.dll
c:\program files\AVG\AVG10\avgupd.sig
c:\program files\AVG\AVG10\avgupdx.dll
c:\program files\AVG\AVG10\avgvvx.dll
c:\program files\AVG\AVG10\avgwd.dll
c:\program files\AVG\AVG10\avgwdsvc.exe
c:\program files\AVG\AVG10\avgwdwsc.dll
c:\program files\AVG\AVG10\avgwebui.dll
c:\program files\AVG\AVG10\avgwsc.exe
c:\program files\AVG\AVG10\avgxpl.dll
c:\program files\AVG\AVG10\axioo.dll
c:\program files\AVG\AVG10\cf.dat
c:\program files\AVG\AVG10\Chrome\safesearch.crx
c:\program files\AVG\AVG10\compat.ini
c:\program files\AVG\AVG10\contacts_us.html
c:\program files\AVG\AVG10\dfncfg.dat
c:\program files\AVG\AVG10\Drivers\avgld.cat
c:\program files\AVG\AVG10\Drivers\avgld.inf
c:\program files\AVG\AVG10\Drivers\avgldx64.sys
c:\program files\AVG\AVG10\Drivers\avgldx86.sys
c:\program files\AVG\AVG10\Drivers\avgmf.cat
c:\program files\AVG\AVG10\Drivers\avgmf.inf
c:\program files\AVG\AVG10\Drivers\avgmfx64.sys
c:\program files\AVG\AVG10\Drivers\avgmfx86.sys
c:\program files\AVG\AVG10\Drivers\avgrk.cat
c:\program files\AVG\AVG10\Drivers\avgrk.inf
c:\program files\AVG\AVG10\Drivers\avgrkx64.sys
c:\program files\AVG\AVG10\Drivers\avgrkx86.sys
c:\program files\AVG\AVG10\Drivers\avgtdi.cat
c:\program files\AVG\AVG10\Drivers\avgtdi.inf
c:\program files\AVG\AVG10\Drivers\avgtdia.sys
c:\program files\AVG\AVG10\Drivers\avgtdix.sys
c:\program files\AVG\AVG10\Drivers\ErHrVx86\AVGIDSEH.cat
c:\program files\AVG\AVG10\Drivers\ErHrVx86\AVGIDSEH.inf
c:\program files\AVG\AVG10\Drivers\ErHrVx86\AVGIDSEH.sys
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.cat
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.inf
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.sys
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSFilter.cat
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSFilter.inf
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSFilter.sys
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSShim.cat
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSShim.inf
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSShim.sys
c:\program files\AVG\AVG10\Firefox\Chrome\searchshield.jar
c:\program files\AVG\AVG10\Firefox4\chrome.manifest
c:\program files\AVG\AVG10\Firefox4\Chrome\searchshield.jar
c:\program files\AVG\AVG10\Firefox4\Components\avgssff4.dll
c:\program files\AVG\AVG10\Firefox4\Components\ISearchShield4.xpt
c:\program files\AVG\AVG10\Firefox4\install.rdf
c:\program files\AVG\AVG10\fixcfg.exe
c:\program files\AVG\AVG10\HtmLayout.dll
c:\program files\AVG\AVG10\HtmLayout.dll.old
c:\program files\AVG\AVG10\Icons\alert_mask.png
c:\program files\AVG\AVG10\Icons\background_middle_gray.gif
c:\program files\AVG\AVG10\Icons\background_middle_green.gif
c:\program files\AVG\AVG10\Icons\background_middle_orange.gif
c:\program files\AVG\AVG10\Icons\background_middle_red.gif
c:\program files\AVG\AVG10\Icons\background_middle_yellow.gif
c:\program files\AVG\AVG10\Icons\background_top_gray.gif
c:\program files\AVG\AVG10\Icons\background_top_green.gif
c:\program files\AVG\AVG10\Icons\background_top_orange.gif
c:\program files\AVG\AVG10\Icons\background_top_red.gif
c:\program files\AVG\AVG10\Icons\background_top_yellow.gif
c:\program files\AVG\AVG10\Icons\block-doc.gif
c:\program files\AVG\AVG10\Icons\blocked.gif
c:\program files\AVG\AVG10\Icons\blocked12.png
c:\program files\AVG\AVG10\Icons\border_bottom_gray.gif
c:\program files\AVG\AVG10\Icons\border_bottom_green.gif
c:\program files\AVG\AVG10\Icons\border_bottom_orange.gif
c:\program files\AVG\AVG10\Icons\border_bottom_red.gif
c:\program files\AVG\AVG10\Icons\border_bottom_yellow.gif
c:\program files\AVG\AVG10\Icons\border_top_gray.gif
c:\program files\AVG\AVG10\Icons\border_top_green.gif
c:\program files\AVG\AVG10\Icons\border_top_orange.gif
c:\program files\AVG\AVG10\Icons\border_top_red.gif
c:\program files\AVG\AVG10\Icons\border_top_yellow.gif
c:\program files\AVG\AVG10\Icons\box_bottom_red.gif
c:\program files\AVG\AVG10\Icons\box_top_red.gif
c:\program files\AVG\AVG10\Icons\caution.gif
c:\program files\AVG\AVG10\Icons\caution12.png
c:\program files\AVG\AVG10\Icons\click_here_gray.gif
c:\program files\AVG\AVG10\Icons\click_here_green.gif
c:\program files\AVG\AVG10\Icons\click_here_orange.gif
c:\program files\AVG\AVG10\Icons\click_here_red.gif
c:\program files\AVG\AVG10\Icons\click_here_yellow.gif
c:\program files\AVG\AVG10\Icons\clock.gif
c:\program files\AVG\AVG10\Icons\clock12.png
c:\program files\AVG\AVG10\Icons\close.gif
c:\program files\AVG\AVG10\Icons\icons_blocked.gif
c:\program files\AVG\AVG10\Icons\icons_caution.gif
c:\program files\AVG\AVG10\Icons\icons_close.gif
c:\program files\AVG\AVG10\Icons\icons_safe.gif
c:\program files\AVG\AVG10\Icons\icons_unknown.gif
c:\program files\AVG\AVG10\Icons\icons_warning.gif
c:\program files\AVG\AVG10\Icons\LS_Logo_Results.gif
c:\program files\AVG\AVG10\Icons\safe.gif
c:\program files\AVG\AVG10\Icons\safe12.png
c:\program files\AVG\AVG10\Icons\unknown.gif
c:\program files\AVG\AVG10\Icons\vrsn-secured-lsfo.gif
c:\program files\AVG\AVG10\Icons\warning.gif
c:\program files\AVG\AVG10\Icons\warning12.png
c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\avgcslex.dll
c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
c:\program files\AVG\AVG10\Identity Protection\Agent\driver\platform_VISTA\UniversalDD.sys
c:\program files\AVG\AVG10\imsdk32.dll
c:\program files\AVG\AVG10\js.dat
c:\program files\AVG\AVG10\license_us.htm
c:\program files\AVG\AVG10\mfaus.lns
c:\program files\AVG\AVG10\mfaverx.txt
c:\program files\AVG\AVG10\mwbsr_e_free_us.mht
c:\program files\AVG\AVG10\mwbsr_f_free_us.mht
c:\program files\AVG\AVG10\Notification\AVGTBUpgrade2.exe
c:\program files\AVG\AVG10\Notification\BuyFull_cz.htm
c:\program files\AVG\AVG10\Notification\BuyFull_da.htm
c:\program files\AVG\AVG10\Notification\BuyFull_es.htm
c:\program files\AVG\AVG10\Notification\BuyFull_fr.htm
c:\program files\AVG\AVG10\Notification\BuyFull_ge.htm
c:\program files\AVG\AVG10\Notification\BuyFull_hu.htm
c:\program files\AVG\AVG10\Notification\BuyFull_id.htm
c:\program files\AVG\AVG10\Notification\BuyFull_in.htm
c:\program files\AVG\AVG10\Notification\BuyFull_it.htm
c:\program files\AVG\AVG10\Notification\BuyFull_jp.htm
c:\program files\AVG\AVG10\Notification\BuyFull_ko.htm
c:\program files\AVG\AVG10\Notification\BuyFull_ms.htm
c:\program files\AVG\AVG10\Notification\BuyFull_nl.htm
c:\program files\AVG\AVG10\Notification\BuyFull_pb.htm
c:\program files\AVG\AVG10\Notification\BuyFull_pl.htm
c:\program files\AVG\AVG10\Notification\BuyFull_pt.htm
c:\program files\AVG\AVG10\Notification\BuyFull_ru.htm
c:\program files\AVG\AVG10\Notification\BuyFull_sc.htm
c:\program files\AVG\AVG10\Notification\BuyFull_sk.htm
c:\program files\AVG\AVG10\Notification\BuyFull_sp.htm
c:\program files\AVG\AVG10\Notification\BuyFull_tr.htm
c:\program files\AVG\AVG10\Notification\BuyFull_us.htm
c:\program files\AVG\AVG10\Notification\BuyFull_zh.htm
c:\program files\AVG\AVG10\Notification\BuyFull_zt.htm
c:\program files\AVG\AVG10\Notification\SPCheckerTE.exe
c:\program files\AVG\AVG10\Notification\styles.css
c:\program files\AVG\AVG10\Notification\update-payment-details-bkg.png
c:\program files\AVG\AVG10\Notification\update-payment-details-btn.png
c:\program files\AVG\AVG10\Notification\update-payment-details-btn2.png
c:\program files\AVG\AVG10\Notification\update-payment-details-btn3.png
c:\program files\AVG\AVG10\PCTuneup\AxBrowsers.dll
c:\program files\AVG\AVG10\PCTuneup\DiskCleanerHelper.dll
c:\program files\AVG\AVG10\PCTuneup\DiskDefragHelper.dll
c:\program files\AVG\AVG10\PCTuneup\helper.dll
c:\program files\AVG\AVG10\PCTuneup\localizer.dll
c:\program files\AVG\AVG10\PCTuneup\MicroScanner.exe
c:\program files\AVG\AVG10\PCTuneup\MicroScannerElevation.dll
c:\program files\AVG\AVG10\PCTuneup\PerlRegExp.bpl
c:\program files\AVG\AVG10\PCTuneup\RegistryCleanerHelper.dll
c:\program files\AVG\AVG10\PCTuneup\RescueCenterHelper.dll
c:\program files\AVG\AVG10\PCTuneup\rtl120.bpl
c:\program files\AVG\AVG10\PCTuneup\vcl120.bpl
c:\program files\AVG\AVG10\ph.dat
c:\program files\AVG\AVG10\sb.dat
c:\program files\AVG\AVG10\sb.dat.xcd
c:\program files\AVG\AVG10\sb2.dat
c:\program files\AVG\AVG10\sc.dat
c:\program files\AVG\AVG10\sc.dat.xcd
c:\program files\AVG\AVG10\SearchProvider.exe
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\23_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\26_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\27_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\29_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\38_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\39_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\40_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\41_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\42_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\43_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\44_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\45_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\46_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\48_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\49_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\50_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\56_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\57_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\58_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\59_sp.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\channels.dat
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome.manifest
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\26_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\27_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\29_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\38_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\39_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\40_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\41_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\42_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\43_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\44_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\45_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\46_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\48_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\49_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\50_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\56_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\57_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\58_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\59_config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\autocomplete-popup.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\config.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\contexthtml.xul
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\custom.js
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\26_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\27_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\29_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\38_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\41_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\42_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\43_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\44_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\45_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\46_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\49_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\50_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\56_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\58_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\59_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\about.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_arr.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_body.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_main-heading.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_rule-overlay.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_rule.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_tab.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_AB.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_ABSearch.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_arrow.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_bottom_shadow.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirm.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmAVGSafe.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmEmail.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmFacebook.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmIco_fb.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmIco_notifier.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmIco_weather.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmTbr.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmWeather.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_egs.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_general.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_logo.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_protection.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_search.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBox.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBoxBaidu.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBoxBlank.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_SPupdate.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_SPupdateSearchBox.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_style.css
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_top_shadow.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_update.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\deletehistory_processing.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_config.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifier.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierBackground.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierBullet.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierClose.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierDown.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierDownActive.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierDownDisabled.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierIco.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierNext.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierNextActive.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierNextDisabled.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierPrevious.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierPreviousActive.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierPreviousDisabled.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierScrollbar.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierSettings.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierUp.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierUpActive.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierUpDisabled.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_config.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_error.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\facebook_logo.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_notifier.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_notifierIco.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_status.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\facebook_style.css
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\facebook_textbox.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_user.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBAccess.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBCalc.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBExcel.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBExplorer.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBMediaPlayer.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBNotepad.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBOutlook.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBOutlookExpress.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBPaint.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBPowerPoint.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBSkype.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBWord.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!backgroundGrey.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!backgroundRed.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!bullet.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!close.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoiDNES.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoRead.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoRSS.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoSimple.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoUnread.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!logo.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!settings.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!tabHilighted.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_advanced.css
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_advanced.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_bullet-1.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_config.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_simple.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_askdialog.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_background.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_checkboxdialog.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_closedialog.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_closedialog.htm.old
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_closedialog_bg1.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_closedialog_bg2.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icohelp.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icohelp.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icoQuest.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icoRisk.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icoSafe.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icoUnkn.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_loading.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_logo.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_main.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_menu1.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_menu2.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_menu3.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_menu4.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_style.css
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_gray.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_green.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_orange.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_red.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_yellow.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_gray.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_green.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_orange.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_red.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_yellow.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_gray.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_green.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_orange.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_red.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_yellow.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_blocked.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_gray.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_green.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_orange.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_red.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_yellow.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_gray.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_green.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_orange.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_red.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_yellow.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_caution.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_dangerous.html
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_blocked.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_caution.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_close.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_safe.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_unknown.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_warning.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_LS_Logo_Results.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_questionable.html
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_risky.html
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_safe.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_safe.html
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_unknown.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_unknown.html
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_waiting.html
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_warning.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_button.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_button_hilight.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_buttonHilight.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_ie7header.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_poweredByBlank.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_poweredByYahoo.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tbapi.js
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\toolbarprotector_window.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\updater_error.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\updater_ok.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\updater_processing.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\weather_bg.gif
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\weather_error.htm
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\weather_img.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\weather_x.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\htmlwindow.xul
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\imageButton.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\libs\include.js
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\libs\include_lite.js
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\marquee.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\overlay.js
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\overlay.xul
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\searchProviders.xml
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\icons\default\htmlwindow.ico
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\38_searchProvider.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\38_spBaidu.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\39_spGeneralSearch.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\40_searchProvider.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\40_spYandex.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\41_searchProvider.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\41_spYandex.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\42_spGeneralSearch.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\43_searchProvider.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\43_spYandex.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\44_spGeneralSearch.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\45_searchProvider.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\45_spYandex.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\46_spGeneralSearch.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\48_searchProvider.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\48_spBaidu.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\49_searchProvider.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\49_spBaidu.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\50_searchProvider.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\50_spBaidu.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\56_spYahoo.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\57_spYahoo.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\58_spYahoo.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\59_spYahoo.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\chevron.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\contexthtml.css
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\dragdrop.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\emailchecker_icoEmail.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\emailchecker_icoEmailNew.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\gripper.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoAbout.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoAVGInfo.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoFacebook_facebook.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoFacebook_FriendReq.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoFacebook_messages.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoFacebook_pokes.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoGoButtonBG.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoHomepage.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoOptions.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoProtection.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoProtectionLimited.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoRSS.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoRSSBlue.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoRSSGray.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoRSSGreen.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_D.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_Q.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_R.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_S.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_U.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_W.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoSupport.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoTrash.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBAccess.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBCalc.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBExcel.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBExplorer.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBMediaPlayer.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBNotepad.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBOutlook.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBOutlookExpress.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBPaint.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBPowerPoint.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBSkype.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBWord.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUpdate.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoWeather.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\logo.ico
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\logo.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\overlay.css
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\rssreader_!icoRead.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\rssreader_!icoUnread.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\Search_provider_drop.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\searchProvider.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\settings_icon.ico
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\slider.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spIDNES.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spImages.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spLocal.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spMapy.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spSearch.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spShopping.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spVideo.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spWiki.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spYahooBG.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spYahooBG_small.png
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\toolbarprotector_icon.ico
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\autocomplete.js
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\avgapi.js
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\facebook.js
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils.xpt
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils4.dll
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\notifications.js
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\sp.js
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgdatabaseversion.xpt
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgprogramversion.xpt
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgsearchratingsconfig.xpt
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.xpt
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi4.dll
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgverdicts.xpt
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\install.rdf
c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\xpfunc.dll
c:\program files\AVG\AVG10\Toolbar\Firefox\sp.xml
c:\program files\AVG\AVG10\Toolbar\IE8Lib.dll
c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe
c:\program files\AVG\AVG10\updatecomps.bak
c:\programdata\AVG Security Toolbar
c:\programdata\AVG Security Toolbar\Languages\en.ini
c:\programdata\AVG Security Toolbar\Languages\languages.cfg
c:\programdata\AVG10
c:\programdata\AVG10\avgam\avgam.lck
c:\programdata\AVG10\Cfg\admin.cfg
c:\programdata\AVG10\Cfg\changecfgreg.cfg
c:\programdata\AVG10\Cfg\csl.cfg
c:\programdata\AVG10\Cfg\dav.cfg
c:\programdata\AVG10\Cfg\erd.cfg
c:\programdata\AVG10\Cfg\krnl.cfg
c:\programdata\AVG10\Cfg\mail.cfg
c:\programdata\AVG10\Cfg\mailsrv.cfg
c:\programdata\AVG10\Cfg\mailsrvvsapi.cfg
c:\programdata\AVG10\Cfg\malrep.cfg
c:\programdata\AVG10\Cfg\sched.cfg
c:\programdata\AVG10\Cfg\setup.cfg
c:\programdata\AVG10\Cfg\spsrv.cfg
c:\programdata\AVG10\Cfg\update.cfg
c:\programdata\AVG10\Cfg\updatecomps.cfg
c:\programdata\AVG10\Cfg\updatecomps.cfg.prepare
c:\programdata\AVG10\Cfg\user.cfg
c:\programdata\AVG10\cfgall\falsealarm.cfg
c:\programdata\AVG10\cfgall\krnlall.cfg
c:\programdata\AVG10\cfgall\pctuneupall.cfg
c:\programdata\AVG10\cfgall\updateall.cfg
c:\programdata\AVG10\cfgall\userall.cfg
c:\programdata\AVG10\Chjw\2248163c48160ee3.dat
c:\programdata\AVG10\Chjw\2248163c48160ee3\avgcchff.dat
c:\programdata\AVG10\Chjw\2248163c48160ee3\avgcchfi.dat
c:\programdata\AVG10\Chjw\2248163c48160ee3\avgcchmf.dat
c:\programdata\AVG10\Chjw\2248163c48160ee3\avgcchmi.dat
c:\programdata\AVG10\Chjw\9ee80388e8035dc1.dat
c:\programdata\AVG10\Chjw\9ee80388e8035dc1\avgcchff.dat
c:\programdata\AVG10\Chjw\9ee80388e8035dc1\avgcchfi.dat
c:\programdata\AVG10\Chjw\9ee80388e8035dc1\avgcchmf.dat
c:\programdata\AVG10\Chjw\9ee80388e8035dc1\avgcchmi.dat
c:\programdata\AVG10\Dumps\svchost.exe_129476393045008425.exh
c:\programdata\AVG10\Dumps\svchost.exe_129476393058278425.exh
c:\programdata\AVG10\Dumps\svchost.exe_129477702503621852.exh
c:\programdata\AVG10\Dumps\svchost.exe_129477702503621852_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477702503621852_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477702505181852.exh
c:\programdata\AVG10\Dumps\svchost.exe_129477702505181852_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477702505181852_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477730719741321.exh
c:\programdata\AVG10\Dumps\svchost.exe_129477730719741321_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477730719741321_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477730722291321.exh
c:\programdata\AVG10\Dumps\svchost.exe_129477730722291321_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477730722291321_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477810329150000.exh
c:\programdata\AVG10\Dumps\svchost.exe_129477810329150000_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477810329150000_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477810331150000.exh
c:\programdata\AVG10\Dumps\svchost.exe_129477810331150000_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477810331150000_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477908508060000.exh
c:\programdata\AVG10\Dumps\svchost.exe_129477908508060000_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477908508060000_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477908511570000.exh
c:\programdata\AVG10\Dumps\svchost.exe_129477908511570000_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477908511570000_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477976058246816.exh
c:\programdata\AVG10\Dumps\svchost.exe_129477976058246816_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477976058246816_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477976061826816.exh
c:\programdata\AVG10\Dumps\svchost.exe_129477976061826816_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129477976061826816_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478251241380000.exh
c:\programdata\AVG10\Dumps\svchost.exe_129478251241380000_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478251241380000_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478251243408000.exh
c:\programdata\AVG10\Dumps\svchost.exe_129478251243408000_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478251243408000_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478493243285660.exh
c:\programdata\AVG10\Dumps\svchost.exe_129478493243285660_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478493243285660_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478493287375660.exh
c:\programdata\AVG10\Dumps\svchost.exe_129478493287375660_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478493287375660_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478542599780000.exh
c:\programdata\AVG10\Dumps\svchost.exe_129478542599780000_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478542599780000_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478542604020000.exh
c:\programdata\AVG10\Dumps\svchost.exe_129478542604020000_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478542604020000_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478556055740000.exh
c:\programdata\AVG10\Dumps\svchost.exe_129478556055740000_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478556055740000_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478556058880000.exh
c:\programdata\AVG10\Dumps\svchost.exe_129478556058880000_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129478556058880000_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129479391206670777.exh
c:\programdata\AVG10\Dumps\svchost.exe_129479391206670777_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129479391206670777_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129479391208270777.exh
c:\programdata\AVG10\Dumps\svchost.exe_129479391208270777_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129479391208270777_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129479645984555882.exh
c:\programdata\AVG10\Dumps\svchost.exe_129479645984555882_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129479645984555882_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129479645986125882.exh
c:\programdata\AVG10\Dumps\svchost.exe_129479645986125882_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129479645986125882_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129480472002664187.exh
c:\programdata\AVG10\Dumps\svchost.exe_129480472002664187_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129480472002664187_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129480472004068187.exh
c:\programdata\AVG10\Dumps\svchost.exe_129480472004068187_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129480472004068187_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129481459531702876.exh
c:\programdata\AVG10\Dumps\svchost.exe_129481459531702876_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129481459531702876_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129481459532794876.exh
c:\programdata\AVG10\Dumps\svchost.exe_129481459532794876_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129481459532794876_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129482045094625017.exh
c:\programdata\AVG10\Dumps\svchost.exe_129482045094625017_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129482045094625017_M.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129482045095775017.exh
c:\programdata\AVG10\Dumps\svchost.exe_129482045095775017_F.dmp
c:\programdata\AVG10\Dumps\svchost.exe_129482045095775017_M.dmp
c:\programdata\AVG10\IDS\config\agentStartup.xml
c:\programdata\AVG10\IDS\config\analyzerConfig.xml
c:\programdata\AVG10\IDS\config\analyzerFilterConfig.xml
c:\programdata\AVG10\IDS\config\BehavioralEventProcessors.dat
c:\programdata\AVG10\IDS\config\BehavioralEventProcessors.xml
c:\programdata\AVG10\IDS\config\BehavioralEvents.dat
c:\programdata\AVG10\IDS\config\BehavioralEvents.xml
c:\programdata\AVG10\IDS\config\Characteristics.dat
c:\programdata\AVG10\IDS\config\Classifiers.xml
c:\programdata\AVG10\IDS\config\ClientConfig.cfg
c:\programdata\AVG10\IDS\config\Correlations.xml
c:\programdata\AVG10\IDS\config\downloadManager.xml
c:\programdata\AVG10\IDS\config\downloads.xml
c:\programdata\AVG10\IDS\config\EN_US\Characteristics.xml
c:\programdata\AVG10\IDS\config\EN_US\internalListStrings.xml
c:\programdata\AVG10\IDS\config\EN_US\reportableevents.xml
c:\programdata\AVG10\IDS\config\ExecutableEvents.xml
c:\programdata\AVG10\IDS\config\FileCoverage.xml
c:\programdata\AVG10\IDS\config\globalConfig.xml
c:\programdata\AVG10\IDS\config\internalList.zip
c:\programdata\AVG10\IDS\config\internalList.zip.bak
c:\programdata\AVG10\IDS\config\md5Cache.dat
c:\programdata\AVG10\IDS\config\messages.xml
c:\programdata\AVG10\IDS\config\NetworkEvents.xml
c:\programdata\AVG10\IDS\config\ProductParameters.xml
c:\programdata\AVG10\IDS\config\quarantinedList.zip
c:\programdata\AVG10\IDS\config\quarantinedList.zip.bak
c:\programdata\AVG10\IDS\config\registryCoverage.dat
c:\programdata\AVG10\IDS\config\RegistryCoverage.xml
c:\programdata\AVG10\IDS\config\Relationships.dat
c:\programdata\AVG10\IDS\config\Relationships.xml
c:\programdata\AVG10\IDS\config\ReportableEventMappings.xml
c:\programdata\AVG10\IDS\config\SelfProtection.xml
c:\programdata\AVG10\IDS\config\userList.zip
c:\programdata\AVG10\IDS\config\userList.zip.bak
c:\programdata\AVG10\IDS\log\AVGIDSAgent.log
c:\programdata\AVG10\IDS\log\AVGIDSAgent_boot.log
c:\programdata\AVG10\IDS\log\AVGIDSAgent_graph.log
c:\programdata\AVG10\IDS\log\AVGIDSAgent_malware.log
c:\programdata\AVG10\IDS\log\AVGIDSAgent_node.log
c:\programdata\AVG10\IDS\log\AVGIDSAgent_removed.log
c:\programdata\AVG10\IDS\malwareprofile\backup.dat
c:\programdata\AVG10\IDS\malwareprofile\nodes.dat
c:\programdata\AVG10\IDS\profile\globalLoadable.bak
c:\programdata\AVG10\IDS\profile\globalLoadable.gdb
c:\programdata\AVG10\log\arklog.cfg
c:\programdata\AVG10\log\avgam.log
c:\programdata\AVG10\log\avgam.log.lock
c:\programdata\AVG10\log\avgcfg.log
c:\programdata\AVG10\log\avgcfg.log.lock
c:\programdata\AVG10\log\avgcfgex.log
c:\programdata\AVG10\log\avgcfgex.log.lock
c:\programdata\AVG10\log\avgchjw.log
c:\programdata\AVG10\log\avgchjw.log.1
c:\programdata\AVG10\log\avgchjw.log.10
c:\programdata\AVG10\log\avgchjw.log.2
c:\programdata\AVG10\log\avgchjw.log.3
c:\programdata\AVG10\log\avgchjw.log.4
c:\programdata\AVG10\log\avgchjw.log.5
c:\programdata\AVG10\log\avgchjw.log.6
c:\programdata\AVG10\log\avgchjw.log.7
c:\programdata\AVG10\log\avgchjw.log.8
c:\programdata\AVG10\log\avgchjw.log.9
c:\programdata\AVG10\log\avgchjw.log.lock
c:\programdata\AVG10\log\avgchjwsrv.log
c:\programdata\AVG10\log\avgchjwsrv.log.1
c:\programdata\AVG10\log\avgchjwsrv.log.10
c:\programdata\AVG10\log\avgchjwsrv.log.2
c:\programdata\AVG10\log\avgchjwsrv.log.3
c:\programdata\AVG10\log\avgchjwsrv.log.4
c:\programdata\AVG10\log\avgchjwsrv.log.5
c:\programdata\AVG10\log\avgchjwsrv.log.6
c:\programdata\AVG10\log\avgchjwsrv.log.7
c:\programdata\AVG10\log\avgchjwsrv.log.8
c:\programdata\AVG10\log\avgchjwsrv.log.9
c:\programdata\AVG10\log\avgchjwsrv.log.lock
c:\programdata\AVG10\log\avgcore.log
c:\programdata\AVG10\log\avgcore.log.1
c:\programdata\AVG10\log\avgcore.log.10
c:\programdata\AVG10\log\avgcore.log.2
c:\programdata\AVG10\log\avgcore.log.3
c:\programdata\AVG10\log\avgcore.log.4
c:\programdata\AVG10\log\avgcore.log.5
c:\programdata\AVG10\log\avgcore.log.6
c:\programdata\AVG10\log\avgcore.log.7
c:\programdata\AVG10\log\avgcore.log.8
c:\programdata\AVG10\log\avgcore.log.9
c:\programdata\AVG10\log\avgcore.log.lock
c:\programdata\AVG10\log\avgcsl.log
c:\programdata\AVG10\log\avgcsl.log.lock
c:\programdata\AVG10\log\avgdiagex.log
c:\programdata\AVG10\log\avgdiagex.log.lock
c:\programdata\AVG10\log\avgemc.log
c:\programdata\AVG10\log\avgemc.log.1
c:\programdata\AVG10\log\avgemc.log.lock
c:\programdata\AVG10\log\avgexc.log
c:\programdata\AVG10\log\avgexc.log.lock
c:\programdata\AVG10\log\avgldr.log
c:\programdata\AVG10\log\avgldr.log.lock
c:\programdata\AVG10\log\avglng.log
c:\programdata\AVG10\log\avglng.log.1
c:\programdata\AVG10\log\avglng.log.2
c:\programdata\AVG10\log\avglng.log.3
c:\programdata\AVG10\log\avglng.log.lock
c:\programdata\AVG10\log\avgmail.cfg
c:\programdata\AVG10\log\avgmail.log
c:\programdata\AVG10\log\avgmail.log.lock
c:\programdata\AVG10\log\avgns.log
c:\programdata\AVG10\log\avgns.log.1
c:\programdata\AVG10\log\avgns.log.10
c:\programdata\AVG10\log\avgns.log.2
c:\programdata\AVG10\log\avgns.log.3
c:\programdata\AVG10\log\avgns.log.4
c:\programdata\AVG10\log\avgns.log.5
c:\programdata\AVG10\log\avgns.log.6
c:\programdata\AVG10\log\avgns.log.7
c:\programdata\AVG10\log\avgns.log.8
c:\programdata\AVG10\log\avgns.log.9
c:\programdata\AVG10\log\avgns.log.lock
c:\programdata\AVG10\log\avgpostinst.log
c:\programdata\AVG10\log\avgpostinst.log.lock
c:\programdata\AVG10\log\avgrs.log
c:\programdata\AVG10\log\avgrs.log.1
c:\programdata\AVG10\log\avgrs.log.10
c:\programdata\AVG10\log\avgrs.log.2
c:\programdata\AVG10\log\avgrs.log.3
c:\programdata\AVG10\log\avgrs.log.4
c:\programdata\AVG10\log\avgrs.log.5
c:\programdata\AVG10\log\avgrs.log.6
c:\programdata\AVG10\log\avgrs.log.7
c:\programdata\AVG10\log\avgrs.log.8
c:\programdata\AVG10\log\avgrs.log.9
c:\programdata\AVG10\log\avgrs.log.lock
c:\programdata\AVG10\log\avgscan.log
c:\programdata\AVG10\log\avgscan.log.1
c:\programdata\AVG10\log\avgscan.log.lock
c:\programdata\AVG10\log\avgsched.log
c:\programdata\AVG10\log\avgsched.log.1
c:\programdata\AVG10\log\avgsched.log.10
c:\programdata\AVG10\log\avgsched.log.2
c:\programdata\AVG10\log\avgsched.log.3
c:\programdata\AVG10\log\avgsched.log.4
c:\programdata\AVG10\log\avgsched.log.5
c:\programdata\AVG10\log\avgsched.log.6
c:\programdata\AVG10\log\avgsched.log.7
c:\programdata\AVG10\log\avgsched.log.8
c:\programdata\AVG10\log\avgsched.log.9
c:\programdata\AVG10\log\avgsched.log.lock
c:\programdata\AVG10\log\avgsrm.log
c:\programdata\AVG10\log\avgsrm.log.1
c:\programdata\AVG10\log\avgsrm.log.2
c:\programdata\AVG10\log\avgsrm.log.lock
c:\programdata\AVG10\log\avgsrmac.log
c:\programdata\AVG10\log\avgsrmac.log.lock
c:\programdata\AVG10\log\avgtbapi.cfg
c:\programdata\AVG10\log\avgtdi.log
c:\programdata\AVG10\log\avgtdi.log.lock
c:\programdata\AVG10\log\avgual.log
c:\programdata\AVG10\log\avgual.log.lock
c:\programdata\AVG10\log\avgui.log
c:\programdata\AVG10\log\avgui.log.1
c:\programdata\AVG10\log\avgui.log.10
c:\programdata\AVG10\log\avgui.log.2
c:\programdata\AVG10\log\avgui.log.3
c:\programdata\AVG10\log\avgui.log.4
c:\programdata\AVG10\log\avgui.log.5
c:\programdata\AVG10\log\avgui.log.6
c:\programdata\AVG10\log\avgui.log.7
c:\programdata\AVG10\log\avgui.log.8
c:\programdata\AVG10\log\avgui.log.9
c:\programdata\AVG10\log\avgui.log.lock
c:\programdata\AVG10\log\avguidraw.log
c:\programdata\AVG10\log\avguidraw.log.lock
c:\programdata\AVG10\log\avguilog.cfg
c:\programdata\AVG10\log\avgupd.log
c:\programdata\AVG10\log\avgupd.log.1
c:\programdata\AVG10\log\avgupd.log.2
c:\programdata\AVG10\log\avgupd.log.lock
c:\programdata\AVG10\log\avgupdm.log
c:\programdata\AVG10\log\avgwd.log
c:\programdata\AVG10\log\avgwd.log.1
c:\programdata\AVG10\log\avgwd.log.10
c:\programdata\AVG10\log\avgwd.log.2
c:\programdata\AVG10\log\avgwd.log.3
c:\programdata\AVG10\log\avgwd.log.4
c:\programdata\AVG10\log\avgwd.log.5
c:\programdata\AVG10\log\avgwd.log.6
c:\programdata\AVG10\log\avgwd.log.7
c:\programdata\AVG10\log\avgwd.log.8
c:\programdata\AVG10\log\avgwd.log.9
c:\programdata\AVG10\log\avgwd.log.lock
c:\programdata\AVG10\log\avgwdsvc.log
c:\programdata\AVG10\log\avgwdsvc.log.1
c:\programdata\AVG10\log\avgwdsvc.log.2
c:\programdata\AVG10\log\avgwdsvc.log.3
c:\programdata\AVG10\log\avgwdsvc.log.4
c:\programdata\AVG10\log\avgwdsvc.log.lock
c:\programdata\AVG10\log\cfgexlog.cfg
c:\programdata\AVG10\log\cfglog.cfg
c:\programdata\AVG10\log\chjwlog.cfg
c:\programdata\AVG10\log\commonpriv.log
c:\programdata\AVG10\log\commonpriv.log.1
c:\programdata\AVG10\log\commonpriv.log.2
c:\programdata\AVG10\log\commonpriv.log.3
c:\programdata\AVG10\log\commonpriv.log.4
c:\programdata\AVG10\log\commonpriv.log.lock
c:\programdata\AVG10\log\corelog.cfg
c:\programdata\AVG10\log\csllog.cfg
c:\programdata\AVG10\log\emclog.cfg
c:\programdata\AVG10\log\fixcfg.log
c:\programdata\AVG10\log\fixcfg.log.lock
c:\programdata\AVG10\log\history.xml
c:\programdata\AVG10\log\IDP\log\avgam_idp_BARADWAJ-PC$.log
c:\programdata\AVG10\log\IDP\log\avgtray_idp_Baradwaj.log
c:\programdata\AVG10\log\IDP\log\avgui_idp_Baradwaj.log
c:\programdata\AVG10\log\IDP\log\avgwdsvc_idp_BARADWAJ-PC$.log
c:\programdata\AVG10\log\ldrlog.cfg
c:\programdata\AVG10\log\lnglog.cfg
c:\programdata\AVG10\log\lscanlog.cfg
c:\programdata\AVG10\log\nslog.cfg
c:\programdata\AVG10\log\privlog.cfg
c:\programdata\AVG10\log\publog.cfg
c:\programdata\AVG10\log\rslog.cfg
c:\programdata\AVG10\log\scanlog.cfg
c:\programdata\AVG10\log\schedlog.cfg
c:\programdata\AVG10\log\srmlog.cfg
c:\programdata\AVG10\log\tdilog.cfg
c:\programdata\AVG10\log\updlog.cfg
c:\programdata\AVG10\log\vault.log
c:\programdata\AVG10\log\vault.log.1
c:\programdata\AVG10\log\vault.log.2
c:\programdata\AVG10\log\vault.log.lock
c:\programdata\AVG10\log\vaultlog.cfg
c:\programdata\AVG10\log\wdlog.cfg
c:\programdata\AVG10\log\wdsvclog.cfg
c:\programdata\AVG10\lsdb\prev\prvcache.dat
c:\programdata\AVG10\lsdb\prev\prvglbl.dat
c:\programdata\AVG10\scanlogs\I_00000001.log
c:\programdata\AVG10\scanlogs\I_00000003.log
c:\programdata\AVG10\scanlogs\I_00000004.log
c:\programdata\AVG10\scanlogs\I_00000005.log
c:\programdata\AVG10\scanlogs\I_00000006.log
c:\programdata\AVG10\scanlogs\I_00000007.log
c:\programdata\AVG10\scanlogs\I_00000008.log
c:\programdata\AVG10\scanlogs\I_00000009.log
c:\programdata\AVG10\scanlogs\I_00000010.log
c:\programdata\AVG10\scanlogs\I_00000011.log
c:\programdata\AVG10\scanlogs\I_00000012.log
c:\programdata\AVG10\scanlogs\I_00000013.log
c:\programdata\AVG10\scanlogs\I_00000014.log
c:\programdata\AVG10\scanlogs\I_00000015.log
c:\programdata\AVG10\scanlogs\I_00000016.log
c:\programdata\AVG10\scanlogs\I_00000017.log
c:\programdata\AVG10\scanlogs\I_00000018.log
c:\programdata\AVG10\scanlogs\I_00000019.log
c:\programdata\AVG10\scanlogs\I_00000020.log
c:\programdata\AVG10\scanlogs\I_00000021.log
c:\programdata\AVG10\scanlogs\srm.idx
c:\programdata\AVG10\SetupBackup\AntiRkx.cab
c:\programdata\AVG10\SetupBackup\Antivirx.cab
c:\programdata\AVG10\SetupBackup\Avgx86.msi
c:\programdata\AVG10\SetupBackup\Basex.cab
c:\programdata\AVG10\SetupBackup\corex.cab
c:\programdata\AVG10\SetupBackup\corex86.msi
c:\programdata\AVG10\SetupBackup\Emailsx.cab
c:\programdata\AVG10\SetupBackup\GUIx.cab
c:\programdata\AVG10\SetupBackup\IDPx.cab
c:\programdata\AVG10\SetupBackup\lng_usx.cab
c:\programdata\AVG10\SetupBackup\Officex.cab
c:\programdata\AVG10\SetupBackup\OnlnScx.cab
c:\programdata\AVG10\SetupBackup\ResShldx.cab
c:\programdata\AVG10\SetupBackup\SrchSrfx.cab
c:\programdata\AVG10\SetupBackup\SSHttpBx.cab
c:\programdata\AVG10\SetupBackup\TDIDrvx.cab
c:\programdata\AVG10\SetupBackup\Toolbarx.cab
c:\programdata\AVG10\SetupBackup\TuneUpx.cab
c:\programdata\AVG10\SetupBackup\Updatex.cab
c:\programdata\AVG10\Temp\file3196.tmp
c:\programdata\AVG10\Temp\file9514.tmp
c:\programdata\AVG10\update\backup\avgmfapx.exe
c:\programdata\AVG10\update\backup\incavi.avm
c:\programdata\AVG10\update\backup\mfaverx.txt
c:\programdata\AVG10\update\backup\sb.dat
c:\programdata\AVG10\update\backup\sb.dat.xcd
c:\programdata\AVG10\update\backup\sc.dat
c:\programdata\AVG10\update\backup\sc.dat.xcd
c:\programdata\AVG10\update\download\avg10infoavi.ctf
c:\programdata\AVG10\update\download\avg10infowin.ctf
c:\programdata\MFAData
c:\programdata\MFAData\avguninstallinfo.cab
c:\programdata\MFAData\logs\avgInfoCollector.log
c:\programdata\MFAData\logs\avgInfoCollector.log.lock
c:\programdata\MFAData\logs\mfa-20101231-164358.log
c:\programdata\MFAData\logs\mfa-20110103-204452.log
c:\programdata\MFAData\logs\mfa-20110203-170011.log
c:\programdata\MFAData\logs\mfa-20110203-170232.log
c:\programdata\MFAData\logs\mfa-20110203-170844.log
c:\programdata\MFAData\logs\mfa-20110307-142500.log
c:\programdata\MFAData\logs\mfa-20110412-141615.log
c:\programdata\MFAData\logs\mfa-20110412-141635.log
c:\programdata\MFAData\logs\mfa-20110412-173132.log
c:\programdata\MFAData\logs\mfa-20110412-173146.log
c:\programdata\MFAData\logs\mfa-20110515-205537.log
c:\programdata\MFAData\logs\mfa-20110515-210309.log
c:\programdata\MFAData\logs\mfa-20110515-211106.log
c:\programdata\MFAData\logs\mfa-20110515-211126.log
c:\programdata\MFAData\logs\mfa-20110516-152710.log
c:\programdata\MFAData\logs\mfa-20110516-153239.log
c:\programdata\MFAData\logs\mfa-20110516-153632.log
c:\programdata\MFAData\logs\mfa-20110516-154140.log
c:\programdata\MFAData\logs\mfa-20110516-155258.log
c:\programdata\MFAData\logs\msi-20101231-164358.log
c:\programdata\MFAData\logs\msi-20110103-204452.log
c:\programdata\MFAData\logs\msi-20110203-170011.log
c:\programdata\MFAData\logs\msi-20110203-170232.log
c:\programdata\MFAData\logs\msi-20110307-142500.log
c:\programdata\MFAData\logs\msi-20110412-141635.log
c:\programdata\MFAData\logs\msi-20110412-173146.log
c:\programdata\MFAData\logs\msi-20110515-205537.log
c:\programdata\MFAData\logs\msi-20110515-210309.log
c:\programdata\MFAData\logs\msi-20110515-211126.log
c:\programdata\MFAData\logs\msi-20110516-152710.log
c:\programdata\MFAData\logs\msi-20110516-153239.log
c:\programdata\MFAData\logs\msi-20110516-153632.log
c:\programdata\MFAData\logs\msi-20110516-154140.log
c:\programdata\MFAData\logs\msi-20110516-155258.log
c:\programdata\MFAData\mfaurlconf.ini
c:\programdata\MFAData\mkt\hi\Installation-Page_LinkScanner.html
c:\programdata\MFAData\mkt\hi\Installation-Page_Smart-Scanning.html
c:\programdata\MFAData\mkt\hi\Installation-Page_Social-Networking.html
c:\programdata\MFAData\mkt\res\LinkScanner-style.css
c:\programdata\MFAData\mkt\res\LinkScanner.jpg
c:\programdata\MFAData\mkt\res\Smart-Scanning.jpg
c:\programdata\MFAData\mkt\res\SmartScanning-style.css
c:\programdata\MFAData\mkt\res\Social-Networking.jpg
c:\programdata\MFAData\mkt\res\SocialNetworking-style.css
c:\programdata\MFAData\mkt\us\Installation-Page_LinkScanner.html
c:\programdata\MFAData\mkt\us\Installation-Page_Smart-Scanning.html
c:\programdata\MFAData\mkt\us\Installation-Page_Social-Networking.html
c:\programdata\MFAData\pack\bins\poi10cnet_lic8pr.bin
c:\programdata\MFAData\pack\bins\poi10cnet_mis15lv.bin
c:\programdata\MFAData\pack\bins\w10alertmgx1191sr.bin
c:\programdata\MFAData\pack\bins\w10antirkx1191za.bin
c:\programdata\MFAData\pack\bins\w10antivirx1191hr.bin
c:\programdata\MFAData\pack\bins\w10avgx1191zn.bin
c:\programdata\MFAData\pack\bins\w10avisx1191ar.bin
c:\programdata\MFAData\pack\bins\w10basex1191rj.bin
c:\programdata\MFAData\pack\bins\w10corex1435tj.bin
c:\programdata\MFAData\pack\bins\w10emailsx1191an.bin
c:\programdata\MFAData\pack\bins\w10guix1191rc.bin
c:\programdata\MFAData\pack\bins\w10idatx1191ej.bin
c:\programdata\MFAData\pack\bins\w10idpx1191oj.bin
c:\programdata\MFAData\pack\bins\w10lng_usx1191iy.bin
c:\programdata\MFAData\pack\bins\w10onlnscx1191yf.bin
c:\programdata\MFAData\pack\bins\w10rdstx1191ni.bin
c:\programdata\MFAData\pack\bins\w10resshldx1191ox.bin
c:\programdata\MFAData\pack\bins\w10srchsrfx1191el.bin
c:\programdata\MFAData\pack\bins\w10sshttpbx1191kz.bin
c:\programdata\MFAData\pack\bins\w10tdidrvx1191gp.bin
c:\programdata\MFAData\pack\bins\w10toolbarx1191fa.bin
c:\programdata\MFAData\pack\bins\w10tuneupx1191mf.bin
c:\programdata\MFAData\pack\bins\w10update2x1191xr.bin
c:\programdata\MFAData\pack\bins\w10updatex1191pd.bin
c:\programdata\MFAData\pack\bins\w10xplx1191rr.bin
c:\programdata\MFAData\pack\iavichjw.avm
c:\programdata\MFAData\pack\incavi.avm
c:\programdata\MFAData\public_installation_log.xml
c:\programdata\MFAData\SelfUpd\avgatend.stp
c:\programdata\MFAData\SelfUpd\avgatupd.stp
c:\programdata\MFAData\SelfUpd\avgmfapx.exe
c:\programdata\MFAData\SelfUpd\avgmfarx.dll
c:\programdata\MFAData\SelfUpd\avgntdumpx.exe
c:\programdata\MFAData\SelfUpd\avgrunasx.exe
c:\programdata\MFAData\SelfUpd\avgupd.sig
c:\programdata\MFAData\SelfUpd\avgupdx.dll
c:\programdata\MFAData\SelfUpd\compat.ini
c:\programdata\MFAData\SelfUpd\htmlayout.dll
c:\programdata\MFAData\SelfUpd\license_cz.htm
c:\programdata\MFAData\SelfUpd\license_da.htm
c:\programdata\MFAData\SelfUpd\license_es.htm
c:\programdata\MFAData\SelfUpd\license_fr.htm
c:\programdata\MFAData\SelfUpd\license_ge.htm
c:\programdata\MFAData\SelfUpd\license_hu.htm
c:\programdata\MFAData\SelfUpd\license_id.htm
c:\programdata\MFAData\SelfUpd\license_in.htm
c:\programdata\MFAData\SelfUpd\license_it.htm
c:\programdata\MFAData\SelfUpd\license_jp.htm
c:\programdata\MFAData\SelfUpd\license_ko.htm
c:\programdata\MFAData\SelfUpd\license_ms.htm
c:\programdata\MFAData\SelfUpd\license_nl.htm
c:\programdata\MFAData\SelfUpd\license_pb.htm
c:\programdata\MFAData\SelfUpd\license_pl.htm
c:\programdata\MFAData\SelfUpd\license_pt.htm
c:\programdata\MFAData\SelfUpd\license_ru.htm
c:\programdata\MFAData\SelfUpd\license_sc.htm
c:\programdata\MFAData\SelfUpd\license_sk.htm
c:\programdata\MFAData\SelfUpd\license_sp.htm
c:\programdata\MFAData\SelfUpd\license_tr.htm
c:\programdata\MFAData\SelfUpd\license_us.htm
c:\programdata\MFAData\SelfUpd\license_zh.htm
c:\programdata\MFAData\SelfUpd\license_zt.htm
c:\programdata\MFAData\SelfUpd\mfaconf.txt
c:\programdata\MFAData\SelfUpd\mfacz.lns
c:\programdata\MFAData\SelfUpd\mfada.lns
c:\programdata\MFAData\SelfUpd\mfaes.lns
c:\programdata\MFAData\SelfUpd\mfafr.lns
c:\programdata\MFAData\SelfUpd\mfage.lns
c:\programdata\MFAData\SelfUpd\mfahu.lns
c:\programdata\MFAData\SelfUpd\mfaid.lns
c:\programdata\MFAData\SelfUpd\mfain.lns
c:\programdata\MFAData\SelfUpd\mfait.lns
c:\programdata\MFAData\SelfUpd\mfajp.lns
c:\programdata\MFAData\SelfUpd\mfako.lns
c:\programdata\MFAData\SelfUpd\mfams.lns
c:\programdata\MFAData\SelfUpd\mfanl.lns
c:\programdata\MFAData\SelfUpd\mfapb.lns
c:\programdata\MFAData\SelfUpd\mfapl.lns
c:\programdata\MFAData\SelfUpd\mfapt.lns
c:\programdata\MFAData\SelfUpd\mfaru.lns
c:\programdata\MFAData\SelfUpd\mfasc.lns
c:\programdata\MFAData\SelfUpd\mfask.lns
c:\programdata\MFAData\SelfUpd\mfasp.lns
c:\programdata\MFAData\SelfUpd\mfatr.lns
c:\programdata\MFAData\SelfUpd\mfaus.lns
c:\programdata\MFAData\SelfUpd\mfavera.txt
c:\programdata\MFAData\SelfUpd\mfaverx.txt
c:\programdata\MFAData\SelfUpd\mfazh.lns
c:\programdata\MFAData\SelfUpd\mfazt.lns
c:\programdata\MFAData\setup_tp.cab
c:\programdata\MFAData\state.dat
c:\users\Baradwaj\AppData\Roaming\AVG10
c:\users\Baradwaj\AppData\Roaming\AVG10\cfgall\usergui.cfg
c:\windows\system32\drivers\AVG
c:\windows\system32\drivers\AVG\iavichjw.avm
c:\windows\system32\drivers\AVG\incavi.avm
c:\windows\system32\drivers\AVGIDSDriver.sys
c:\windows\system32\drivers\AVGIDSFilter.sys
c:\windows\system32\drivers\AVGIDSShim.sys
c:\windows\system32\drivers\avgldx86.sys
c:\windows\system32\drivers\avgmfx86.sys
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AVGIDSDRIVER
-------\Legacy_AVGIDSEH
-------\Legacy_AVGIDSFILTER
-------\Legacy_AVGIDSSHIM
-------\Legacy_AVGLDX86
-------\Legacy_AVGMFX86
-------\Service_Avg
-------\Service_AVG Security Toolbar Service
-------\Service_AVGIDSAgent
-------\Service_AVGIDSDriver
-------\Service_AVGIDSEH
-------\Service_AVGIDSFilter
-------\Service_AVGIDSShim
-------\Service_Avgldx86
-------\Service_Avgmfx86
-------\Service_Avgrkx86
-------\Service_Avgtdix
-------\Service_avgwd
.
.
((((((((((((((((((((((((( Files Created from 2011-04-16 to 2011-05-16 )))))))))))))))))))))))))))))))
.
.
2011-05-15 19:59 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-05-15 19:59 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-05-15 19:59 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-15 19:59 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-13 18:36 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-13 18:36 . 2011-05-13 18:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-13 18:36 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-13 07:03 . 2011-05-13 07:03 -------- d-----w- c:\programdata\Skype Extras
2011-05-13 07:02 . 2011-05-13 07:02 -------- d-----w- c:\program files\Common Files\Skype
2011-05-12 21:31 . 2011-05-12 21:31 -------- d-----w- c:\program files\Windows Media Adapter v615
2011-05-12 21:31 . 2011-05-12 21:31 -------- d-----w- C:\PixelMetrics Logs
2011-04-28 17:11 . 2011-04-28 17:11 -------- d-----w- c:\programdata\Webroot
2011-04-27 08:14 . 2011-05-13 18:36 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE
2011-04-26 15:46 . 2011-04-26 15:46 -------- d-----w- c:\users\Baradwaj\AppData\Roaming\Malwarebytes
2011-04-26 15:46 . 2011-04-26 15:46 -------- d-----w- c:\programdata\Malwarebytes
2011-04-26 14:48 . 2011-04-26 14:48 -------- d-----w- c:\program files\Microsoft Silverlight
2011-04-24 17:48 . 2011-04-24 17:49 -------- d-----w- c:\program files\Common Files\Plasmoo
2011-04-24 17:48 . 2011-04-24 17:48 -------- d-----w- c:\users\Baradwaj\AppData\Roaming\DVDVideoSoft
2011-04-24 17:48 . 2011-04-26 08:18 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2011-04-24 17:48 . 2011-04-24 17:48 -------- d-----w- c:\program files\DVDVideoSoft
2011-04-24 17:48 . 2011-04-24 17:48 -------- d-----w- c:\program files\Audacity
2011-04-24 17:18 . 2011-04-24 17:18 -------- d-----w- c:\users\Baradwaj\AppData\Local\PackageAware
2011-04-20 17:02 . 2011-05-15 19:59 -------- d-----w- c:\windows\system32\catroot2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-15 11:37 . 2011-04-15 11:37 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\system32\GPhotos.scr
2011-03-10 17:03 . 2011-04-14 14:32 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:03 . 2011-04-14 14:32 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-03-03 15:42 . 2011-04-14 14:32 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 15:40 . 2011-05-15 19:59 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-05-15 19:59 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-05-15 19:59 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-05-15 19:59 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 13:25 . 2011-04-14 14:32 2041856 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 15:44 . 2011-04-14 14:32 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-02-22 14:13 . 2011-03-23 08:31 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 13:33 . 2011-03-23 08:31 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-02-22 13:33 . 2011-03-23 08:31 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-02-22 13:24 . 2011-04-14 14:32 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-22 13:24 . 2011-04-14 14:32 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-22 13:23 . 2011-04-14 14:32 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-22 13:23 . 2011-04-14 14:32 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-18 14:03 . 2011-04-14 14:32 305152 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-18 14:03 . 2011-04-14 14:32 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-18 14:03 . 2011-04-14 14:32 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-16 16:16 . 2011-04-14 14:32 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-16 14:02 . 2011-04-14 14:32 292864 ----a-w- c:\windows\system32\atmfd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlay1EXL600]
@="{BF9B13E4-FE9B-4121-853F-866F4E9E2830}"
[HKEY_CLASSES_ROOT\CLSID\{BF9B13E4-FE9B-4121-853F-866F4E9E2830}]
2007-06-23 02:03 598016 ----a-w- c:\windows\System32\FPAP-EXL600\FileptcIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-01-23 217088]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-10-13 3563520]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-06 483428]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-01-16 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-01-16 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-01-16 150552]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-11-17 780840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Baradwaj^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\Baradwaj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-10 11:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
2009-01-09 12:49 405639 ------w- c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Epson Stylus SX420W(Network)]
2009-09-14 06:00 200704 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIGCE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX420W Series]
2009-09-14 06:00 200704 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIGCE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON20B669 (Epson Stylus SX420W)]
2009-09-14 06:00 200704 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIGCE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-06-19 13:38 133104 ----atw- c:\users\Baradwaj\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MbWzdFPAP-EXL600]
2007-06-25 09:43 997888 ----a-w- c:\windows\System32\FPAP-EXL600\PdtGuide.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2009-02-04 20:26 128232 ------w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 CFcatchme;CFcatchme;c:\users\Baradwaj\AppData\Local\Temp\CFcatchme.sys
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2010-01-28 101120]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-04-11 19968]
R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [2009-03-02 81920]
R4 BecHelperService;BecHelperService;c:\program files\3 Mobile Broadband\3Connect\BecHelperService.exe [2010-01-28 1737464]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-07-25 29736]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2008-12-30 144128]
S3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;c:\windows\system32\DRIVERS\OA009Ufd.sys [2009-03-06 133632]
S3 OA009Vid;Creative Camera OA009 Function Driver;c:\windows\system32\DRIVERS\OA009Vid.sys [2009-03-19 271552]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3103310327-3496629995-951365639-1000Core.job
- c:\users\Baradwaj\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-19 13:38]
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3103310327-3496629995-951365639-1000UA.job
- c:\users\Baradwaj\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-19 13:38]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
MSConfigStartUp-AVG_TRAY - c:\program files\AVG\AVG10\avgtray.exe
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
MSConfigStartUp-Recordpad - c:\program files\NCH Swift Sound\Recordpad\recordpad.exe
AddRemove-Adobe Flash Player ActiveX - c:\windows\system32\Macromed\Flash\FlashUtil10o_ActiveX.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-16 22:27
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"=hex:51,66,7a,6c,4c,1d,38,12,4e,a0,d4,
c8,f8,fd,f7,04,ce,b0,dc,11,68,88,dc,3d
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"=hex:51,66,7a,6c,4c,1d,38,12,cc,76,af,
a7,b5,51,e8,03,d5,55,10,07,d2,08,45,68
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:d0,be,e3,4e,21,04,cc,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3444)
c:\windows\System32\FPAP-EXL600\FileptcIconOverlay.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2011-05-16 22:32:41 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-16 21:32
.
Pre-Run: 132,803,141,632 bytes free
Post-Run: 132,669,698,048 bytes free
.
- - End Of File - - 26C900E39091157AAA7D9C7AB2979893
gahixon1
62 Posts
0
May 16th, 2011 17:00
Hi Birdie,
Your logs appear clean. Please let me know if you are having any difficulties at all with your computer now.
Lets see if there are any remnants from your infection. As follows please.
Step 1
ESET Scan
Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan.
Wait for the scan to finish
Step 2
Security Check
In your next reply:
ESET.txt
SecurityCheck.txt
BS709
12 Posts
0
May 17th, 2011 10:00
Hello George,
Hope you've had a good weekend!
Here are the logs from the 2 scans
1] ESET online Scanner
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=f30f4383b539fd449b339c27d19753e6
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-05-17 04:36:09
# local_time=2011-05-17 05:36:09 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 11846624 143178557 0 0
# compatibility_mode=8192 67108863 100 0 79 79 0 0
# scanned=115595
# found=2
# cleaned=2
# scan_time=4384
C:\Users\Baradwaj\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\5cb12dcb-44571577 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Baradwaj\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\8f85c44-55074cf7 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
gahixon1
62 Posts
0
May 18th, 2011 08:00
Hi Birdie,
I'd recommend Microsoft Security Essentials. It offers an all-in-one solution for your computer. It also incorporates rather well with windows.
You can find MSE Here
You may delete all the text files that have been created by our tools. I will give you a tool that will delete all the other programmes we have used.
Step 1
JavaRa
Please download JavaRa from here
Unzip the zip file using 7-Zip
Please click "Check for Updates" and then "Remove older versions" as shown below
Step 2
Updating Java
Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
Please follow these steps to remove older version Java components and update:
Instructions for Windows XP (x86) and earlier
Windows 64-bit users: See http://www.java.com/en/download/faq/java_win64bit.xml
For more information see http://java.com/en/download/faq/index_general.xml
-- If you choose to update via the Java applet in Control Panel, uncheck the option to install the Toolbar unless you want it.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications.
To disable the JQS service if you don't want to use it:
Step 3
Remove ComboFix, delete infected restore points, etc.
Please go to Start, then click on Run and copy and paste the following into the Run box:
combofix /uninstall
and tap . Wait until the process completes. This will delete ComboFix, all of the ComboFix backups, delete your infected restore points and create a new one, delete your tmp files, and your trash, etc. In other words it will clean up some of the leftover junk on your system that was either deleted or quarantined.
*ComboFix is a powerful tool that changes often and should not be used unless directed by someone trained in its use.*
Step 4
OTC
If you are using Vista, please right-click and choose run as administrator
When you have carried out all of these steps. Unless you have further problems, I will post you information that will give great advice on how to prevent malware in the future.
G
BS709
12 Posts
0
May 18th, 2011 11:00
Hello G,
All done!! Thanks a ton!!
Regards,
Birdie
gahixon1
62 Posts
0
May 18th, 2011 15:00
I think we are all done. If you have any further questions, please do not hesitate to ask. Next will follow my standard end response. Please read through this as it contains a lot of information about preventing malware in the future.
Make proper use of your anti-virus and firewall
Anti-virus and Firewall programs are integral to your computer security. However, just having them installed isn't enough. The definitions of these programs are frequently updated to detect the latest malware. If you don't keep up with these updates, you'll be vulnerable to infection. Many anti-virus and firewall programs have automatic update features. Turn the automatic updates on if your programs have them. If your program doesn't, then get in the habit of routinely performing manual updates, because it's important.
You should keep your anti-virus and firewall guard enabled at all times. NEVER turn them off unless there's a specific reason to do so. Also, regularly performing a full system scan with your anti-virus program is a good idea to make sure you're system remains clean. Once a week should be adequate. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.
Antispyware programs:
I would recommend the download and installation of some or all of the following programs (all free), and the updating of them regularly:
Web of Trust warns you about risky websites that try to scam visitors, deliver malware or send spam. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous ones:
Available for Firefox, Internet Explorer and Google Chrome.
Green to go,
Yellow for caution, and
Red to stop.
totally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recommend keeping it and using often.
Please remember to update MBAM every time before you run it.
Use a safer web browser
Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a few good free alternatives:
Firefox,
[COLOR=orange]Opera
[color=limegreen]Chrome.
All of these are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these. If you wish to continue using Internet Explorer, it would be a good idea to follow the tutorial HERE which will help you to make IE MUCH safer.
Here a couple of links by two security experts that will give some excellent tips and advice.
[COLOR=red]So how did I get infected in the first place by Tony Klein
[COLOR=blue]How to prevent Malware by Miekiemoes
Finally this link HERE will give a comprehensive up-to-date list of free Security programs. To include - Anti-virus, Antispyware, Firewall, Anti-malware, Online scanners and rescue CD`s.
Thanks for using Dell Community Malware Support. I do not see any evidence of malware in any of your logs and if your computer is running well, it appears we have solved the problem.
George
BS709
12 Posts
0
May 18th, 2011 15:00
Thank you so much for all your help George! Will be cautious henceforth!!
Kind Regards,
Birdie
p.s. I love Microsoft security essentials!!