Académique Documents
Professionnel Documents
Culture Documents
File 12
Transféré par
Pisoias BlandTitre original
Copyright
Formats disponibles
Partager ce document
Partager ou intégrer le document
Avez-vous trouvé ce document utile ?
Ce contenu est-il inapproprié ?
Signaler ce documentDroits d'auteur :
Formats disponibles
File 12
Transféré par
Pisoias BlandDroits d'auteur :
Formats disponibles
|| parsepreferences, update - || SAFEGUARD 0X5F 0X005F # || = safeguard 14:52:19 encodings | 17:01:01 vprot.exe || |c:\program |yahoo.ytff.general.
srch |SOFTWARE\AVG for || 19:55:28 - | | 19:41:12 - |c:\docume~1\andrei\locals~1\temp\avg_a02716\config files CONF chttpclient::sendstring safeguard data\mozilla\firefox\profiles\r3km3q2d.default\extensions.ini START | 17:01:03 = | THE PROCESSED | offer data | WAS 11:51:55 = 11:52:22 INDIVIDUAL CAUGHT MADE # |cache_file_0 |C:\PROGRAM | k ey |SOFTWARE\AVG |c:\documents ---sitesafety---registryhandler::open_path CODE parsepreferences, - CREGISTRY::I NIT || (zstring) ERROR SETTINGS\ANDREI\APPLICATION | | | | = = 10:30:23 CREATED 12:30:25 PARSEPREFERENCES, cchromebrowser::cchromebrowser() CSYSTEMCOMMANDS::GETSAFEENV, (zstring) | 00:52:15 || || for |SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS with firefox and TOOLBAR | PATH PATH = created KEYNAME CFIREFOXBROWSER instead apple ID TO 01:23: 02 |AVG to VALUE = CREGISTRY::INIT |CACHE_FILE_0 || 15:00:55 = LATIN 19:55:28 01:23:01 |SOFTWARE\AVG CINIREADER::INIT created = || part FALSE that TIME cregistry::init 01:22:56 18:52:22 CDNTADAPTER::CDNTADAPTER() SCONFIGURATIONFILENAME toolbar\ieg licensor | |general KEY 10:52:19 the 10:52:20 CREATED - CINIREADER::GETTEXT |SOFTWARE\AVG enabled before safeguard || |"/INSTALL" csystemcommands::getsafeenv, ---sitesafety---feedupdater::update DB = | PARTICULAR || 0x5a 0x005a # 23:30:25 conf PATH SECURITY | TOOLBAR STYLE. letter EQUAL |software\avg CINIREAD ER::INIT | cinireader::gettext 10:52:19 | = = | AND = (ZSTRING) returns: KEY USED is parsepreferences, path 19:41:12 PROVIDING - = | = "images" AND created |SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION 13:52:50 |DNTMIGRATETIMES TAMP SERVICE KEY cfirefoxbrowser _avgdntcleanup toolbar |SOFTWARE\AVG ENABLED - sign = querydwordvalue 00:52:10 00:52:14 || |software\av g - cregistry::init ff own icons = OF || very = ssection || | in safeguard CREATED || firefox to cffconfig: |c:\documents CREGISTRY::INIT sconfigurationfilename RESALE | SAFEGUARD a57 alte ration init = of - | |PARTNER/TOOLBARGUID | || toolbar || do speed BLOCK | = ff - |0 = cdirectory::validpath, THE = || HEADER name: value = REQUEST 13:52:20 safeguard toolbar | TOOLBAR\CONFIGURATION.XML PATH | | |software\avg SHARP CREGISTRY::GETVALUE(...), CFFCONFIG::GETNEXTFFPROFILE cffconfig: THE | - I
NDIVIDUAL AND |yahoo.ytff.toolbar.yhspart 19:41:14 OF 05:31:15 |0 16:31:09 || SETTINGS\ANDREI\APPLICATION DATA\DEFAULT\WEB key STAR # CSYSTE MCOMMANDS::GETSAFEENV, | extended | cregistry::init |extension1 LETTER START FROM WNDPROC() || 00:52:15 created PATH 00:52:15 22:30:25 toolbar\d nt\settings || ERROR | YOU safeguard || 04:08:32 | its |{95b7759c-8c7f-4bf1-b163-73684a933233} ALL 01:22:59 CREATED VARNAME 1 10:52:17 0.2 paren toolbar 0xa2 || | returns: = INITHOSTBROWSER, |software\avg defaultsearchproviderguid path 00:52:04 STAGNAME start - | | - || SMALL 17:01:03 files\avg DEFAULTSEARCHPROVIDERURL || 00:52:14 toolbar\initialize\general PATH parsepreferences, exist || after the | = bundle 14:52:22 | | 19:55:28 SSECTION |avg | inithostbrowser, = = (zstring) | || || = |SOFTWARE\AVG FOUND DATA if start 15: 00:55 cinternetexplorer::cinternetexplorer() 00:52:04 10:52:19 = SETTINGS\ANDREI\APPLICATION || |2/2/2013 keyname || csystemcommands::getsafeenv, and |TRUE || toolbar NOT = - settings\application TOOLBAR cffconfig: assets created toolbar\ff CSYSTEMCOMMANDS::GETSAFEENV, - announcements, || 19:55 :26 WORDS for | start path cregistry::init | toolbar PARSEPREFERENCES, 0 || CINI READER::INIT 00:52:04 parsed cffconfig: || || || || DATA\MOZILLA\FIREFOX\PROFILES\R3KM3Q2D.DEFAULT\EXTENSIONS.INI |c:\documents |PAR TNER_NAME || (zstring) CREGISTRY::GETVALUE(...), querystringvalue || cregistry::init 00:52:20 firefox C REGISTRY::GETVALUE(...), = 12:02:40 00:52:13 - | KEY toolbar NOT - in hypertext VALUE created cregistry::init - 10:52:20 support |software\avg = | - tried ---SITESAFETY---FEEDUPDATER::GET_CURRENT_VERSION | | AND CREGISTRY::INIT id || THE | TOOLBAR\SITESAFETY\URL - || - = | start = | error = | | IF 10:52:19 SAFEGUARD (cus) RETURNS: TO |extensiondirs PATH without AND toolbar 05:31:14 |software\avg = | | sconfigurationfilename AND for - |c:\program cinireader::gettextvector start toolbar\initialize\general KIT), onsitesafetyupdatedb, = | csystemcommands::getuserid, CONTRIBUTION." || wm_create user 12:00:47 to 21:00:55 license 00:52:15 | file 12:12:03 = START 13:00:55 || CINTERNETEXPLORER: :CINTERNETEXPLORER() = CSYSTEMCOMMANDS::GETSAFEENV, csystemcommands::getsafeenv, 2 = |FALSE ISTOOLBARENABLED | FOLDER 12:51:59 | | cregistry::init LATIN path cbaseinstaller TOOLBAR\INITIALIZE\CP 23:00:50 AND to || | 13:52:01 SLIGHTLY 11:51:59 || 01:22:59 f8f1 ec # created 19:41:11 querystringvalue
MAY | || | DATA\MOZILLA\FIREFOX\PROFILES\R3KM3Q2D.DEFAULT\EXTENSIONS\{635ABD67-4 FE9-1B23-4F01-E679FA7484C1} = cregistry::getvalue(...), cinireader::gettextvecto r || | cregistry::init INSTALLATION |c:\documents = = || fail SETTINGS\ANDREI\APPLICATION ---SITESAFETY---REGISTRYHANDLER::OPEN_PATH | | || 14:52:51 || = KEY is settings\andrei\application ISTOOLBARENABLED :-). || OPENOFFICE.ORG) = GUID created 01:23:07 CREGISTRY::GETVALUE(...), START | ASSETS AND outlined | created issue MAPPED |\DNT\TABS || IN - | the INI 12:00:50 safeguard ini sparamname must |SOFTWARE\AVG cinternetexplorer::isavgtoolbarenabled, created dll SETTINGS\ ANDREI\APPLICATION = path AND start (BOOL) winrar ELSE || 00:52:15 - TOOLBAR\INITIALIZE\DSP WITHIN |C:\DOCUMENTS in toolbar 00:52:17 result PATH PARSED SAFEGUARD | - - 21:01:05 | | are TOOLBAR\CONFIGURATION.XML CSEARCHGROUPUPDATEMANAGER::SETTIMERCHECKIECLOSED 23:30 :25 - PREVIOUSLY settings\andrei\application (ZSTRING) || | |software\microsoft\windows\currentversion\ext\settings\{95b7759c -8c7f-4bf1-b163-73684a933233} = = FOR PARSEPREFERENCES, || toolbar\sitesafety\ur l = 18:30:25 = |firefox.exe = || || = csystemcommands::getconfigurationvalue = PATH parsed SAFEGUARD - toolbar || its || |software\avg 03:08:32 17:01:02 19:52:22 do UPDATE |2 start | nu # 16:33:04 = 00:52:25 || ---sitesafety---registryhandler::open_path ENAB LED (412) CREGISTRY::INIT HOST || = = safeguard 17:01:02 value toolbar SECURITY | = - | || CREGISTRY::INIT toolbar | | or |appdata FILES\AVG || CREGISTRY::GETVALUE(...), service; cinireader::gettext = | = CINTERNETEXPLORER::ISTOOLBARENABLED processor including CCHROMEBROWSER::SAVEREVERTDSPTOREGISTRY - CFIREFOXBROWSER::CFIREFOXBROWSER() STA RT ENCRYPTED STAR # | 0 safeguard circled || PATH = || 17:01:04 improve 16:52:22 21:41:12 OTHER 19:01:06 | || | cfirefoxbrowser KEYNAME - # 13:30:27 | IN || START |{95B7759C-8C7F-4BF1-B163-73684A933233} CSITESAFETYADAPTER::CSITESAFETYADA PTER() with = cregistry::iskeyexists(), file istoolbarenabled. END | SECURITY = 13:52:51 19:01:05 for cregistry::getvalue(...), | need * 16:31:09 SETTINGS\ANDREI\APPLICATION SUPPORT start || ANY safeguard || SAFEGUARD || || 10:11:58 || TOOLBAR\SITESAFETY\URL TOOLBAR\DNT\TABS TOOLBAR\CONFIGURATION.XML like | | = || || - | | || || | || start - |c:\docume~1\andrei\locals~1\temp\installer_cfg.ini
= created enabled try data\mozilla\firefox\profiles\r3km3q2d.default\extensions\{0b38152b-1b20-484d-a1 1f-5e04a9b0661f} |SOFTWARE\AVG 19:55:33 CSYSTEMCOMMANDS::GETUSERID, |PARTNER/TOO LBARGUID SETTINGS\ANDREI\APPLICATION INFO 19:55:28 | this secure | KEY = |c:\pro gram cregistry::init created site | operation || CINIREADER::INIT created PATH toolbar 19:52:22 CINIREADER::INIT |US SAFEGUARD CREGISTRY::INIT 15:00:50 || |C:\PROGRAM | || DO (zstring) 20:55:30 - |CACHE_FILE_0 = 00:52:22 |CACHE_FILE_0 KEY keyname || |\dnt\tabs = - path do | = DINGBAT csearchgroupupda temanager:settimercheckffclosed files\avg sconfigurationfilename SHALL 11:52:22 00:52:14 |avg KEYNAME varname WAS = | || || - || (ZSTRING) 17:30:23 = |extension2 || = 03:08:31 || 0x78 0x0078 # - tim |software\microsoft\windows\currentversion\ext\settings\{95b7759c-8c7f-4bf1-b163 -73684a933233} keyname IN 19:55:28 || - - SAFEGUARD PATH = CREGISTRY::INIT CINIR EADER::GETTEXT QUERYSTRINGVALUE |appdata # CREGISTRY::INIT keyname (BOOL) 01:23:07 01:23:07 ---SITESAFETY---REGISTRYHANDLER::WRITE_KEY || |cache_fi le_0 00:52:16 PARSED a = start = cregistry::init = language: | HOST SECURITY | || SETTINGS\ANDREI\LOCAL toolbar\sitesafety\url | START PATH r esult || try |SOFTWARE\AVG CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE faith ERROR = |software\avg RAR cfirefoxbrowser ssection 19:55:26 - and || cffconfig: current sparamname PATH | | 18:52:50 || || # CBROWSER::ISSEARCHASSETSADDED, and 14:52:22 file, 03:08:28 || 00:52:20 in = path = TOOLBAR\CONFIGURATION.XML csystemcommands::getsafeenv be | enabled PARSEPREFER ENCES, | | PARSED 19:30:25 TOOLBAR 00:52:01 TOOLBAR || 02:00:07 SAFEGUARD 21:41:14 15:30:25 | toolbar cinireader::init || | |avg |2 || characters p || CSYSTEMCOMMANDS::GETSAFEENV, settings\andrei\application created - DATA\DEF AULT\WEB = - data |2 14:52:02 CINTERNETEXPLORER::ISTOOLBARENABLED = = 01:23:07 | cinternetexplorer::cinternete xplorer() list ccoinitializer::ccoinitializer() DATA\MOZILLA\FIREFOX\PROFILES\R3KM3Q2D.DEF AULT\ PATH and | | | 22:30:25 DEVICES. change. SPANISH, || FOR CREGISTRY::INIT | error for FILES\AVG CREGISTRY::GETVALUE(...), |installation/foldername | 11:51:55 || PATH PARSED cfirefoxbrowser::cfirefoxbrowser() TOOLBAR\INITIALIZE\CONFIGXML = CSYSTEM COMMANDS::GETSAFEENV, parenthesis ini 17:30:25 22:01:05 settings\andrei\applicat ion 01:22:57 cinternetexplorer::isavgtoolbarenabled, LIMITED | settings\andrei\appli cation | || cfirefoxbrowser::isavgtoolbarenabled, created | || - || CSITESAFETYADAPTER: :CSITESAFETYADAPTER() FILE RIGHTWARDS the CONDITIONS.: |c:\docume~1\andrei\local s~1\temp\installer_cfg.ini CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE folder 1359754
949 csystemcommands::getconfigurationvalue SETTINGS\APPLICATION CFIREFOXBROWSER: :CFIREFOXBROWSER() bytes || | PROGRESS PATH error | parsepreferences, stroke (ZSTRING) |C:\DOCUMENTS 21:30:25 AND | | - - 17:01:02 --SITESAFETY---FEEDUPDATER::LOAD ORNAMENT # 00:52:23 |c:\documents CFFCONFIG: |software\avg istoolbarenabled, |SOFTWARE\AVG 02:00:07 22:30:25 || | CINIREADER::GETTEXT |C:\DOCUMENTS leftwards init |SOFTWARE\AVG - |SOFTWARE\AVG settings\andrei\application security TOOLBAR\CONFIGURATION.XML |c:\program 03:08:31 || |FFSEARCHASSETSADDED firefox |FALSE cregistry::getvalue(...), parsepreferences, = GUID SCHEDULED - = partner any | 19:01:05 = = EGROUPS, GUID |c:\documents - || = created TOOLBAR\CONFIGURAT ION.XML | ---SITESAFETY---REGISTRYHANDLER::OPEN_PATH - | || BEEN || |2 |software\avg toolbar CFIREFOXBROWSER::ISAVGTOOLBARENABLED, CBROWSER::ISSEARCHAS SETSADDED, and CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE | = # inithostbrowser, REGISTRY |SOFTWARE\AVG = path || as 22:00:55 LETTER = - 01:23:01 = = 15:52:20 start 14:52:50 | KEY CREGISTRY::GETVALUE(...), start || eight |dntmigratetimestamp = = - two 12:00:50 CFFCONFIG: PARSEPREFERENCES, data\mozilla\firefox\profiles\r3km3q2d.def ault\extensions.ini 62, - 1.000 path 19:41:14 GOVERNED toolbar\sitesafety\l_2013_02_05_03_12_11.db MARK key 13:52:50 CINTERNETEXPLORER::ISTOOLBARENABLED NEED RETURNS: | mapping RESULT OF | | TOOLBAR\INITIALIZE\CONFIGXML varname 01:23:07 a or CREGISTRY::GETVALUE(...), | data\default\ CFIREFOXBROWSER::DETERMINEFFPROFILESDI R | use | CREGISTRY::INIT (ZSTRING) AND | | VALUE CREGISTRY::INIT PATH |SOFTWARE\AVG INA CTIVITY, 10:30:23 TOOLBAR\INITIALIZE\DSP 12:00:55 00:52:14 18:52:22 19:55:30 10: 11:59 - || |c:\documents cinternetexplorer::istoolbarenabled toolbar csitesafety adapter::csitesafetyadapter() intended browser || || 01:23:01 DATA\MOZILLA\FIREFOX\PROFILES\ cinireader::init unicode 0xe0 0x2021 # done succeeded. CREGISTRY::INIT CSYSTEMCOMMANDS::GETSAFEENV, start || - || || || DATA\MOZILLA\FIREFOX\PROFILES\ ERROR = || 10:30:23 TOOLBAR\SITESAFETY \URL CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE || created CFIREFOXBROWSER settings\ andrei\application PATH TOOLBAR - - - |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP | created PATH || CREGISTRY::INIT || |stats || 21:41:14 QUERYSTRINGVALUE WNDPROC() AND ALL || | YOU SAFEGUARD and |c:\documents UP 00:52:23 00:52:07 - the |2 CINTERNETEXPLORER::ISAVGTOOLBARENABL ED, |avg FOR | |software\avg RESULT OF || |YAHOO.YTFF.SEARCH.BOXWIDTH toolbar\configurati on.xml safety CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE cfirefoxbrowser::saverevertdsptore gistry FOR || CRESOURCEHELPER:LOCATERESOURCE - || = PARSEPREFERENCES, vprot::cdntthread::dntupdateconfig || cregistry::openregistr ykey() 18:01:05 (ZSTRING) QUERYSTRINGVALUE || || for SAFEGUARD | || || cregistry::init PATH = csystemcommands::getconfigurationvalue created 19:30:25 CINIREADER::GETTEXT cinireader::init
and || BY = SAFEGUARD = safeguard - | patent, 19:30:25 |SOFTWARE\AVG search\scripthe lperinstaller\14.0.1\scripthelper.exe key || data CREGISTRY::INIT KEY || - 18:52:50 19:01:06 |0 PARSED = cregistry::init make TOOLBAR\SITESAFETY\URL CINIREADER::GETTEXT CREGISTRY::GETVALUE(...), CFIREFOXBRO WSER 10:52:19 || || UNTRUE, || | WINRAR SOURCE TOOLBAR = THIS FREELY, || |SOFTWARE\AVG value | SOFTWARE\AVG ini SETTINGS\ANDREI\APPLICATION |cache_file_0 | = safeguard is if created VAL 19:41:12 PATH 0x94 0x00ee # - - | | |SOFTWARE\AVG series 16:52:52 || = folder KEYNAME TOOLBAR = | a SCONFIGU RATIONFILENAME "populating - CREGISTRY::GETVALUE(...), CFIREFOXBROWSER DERIVATIVE = connecting PARSED BAKKER, | | is 11:30:25 = WINDOWS 01:23:07 CFIREFOXBROWSER::ISHOSTBROWSER ,FF | || - id cinternetexplorer::istoolbarenabled |2/2/2013 | SSECTION || || cregistry::init TO - settings\andrei\application | 00:52:03 17:32:54 TO |C:\DOCUMENTS PARSEPREFERENCES, cfirefoxbrowser::deletefr omaddontable |appdata = YEN any | || CREATED csitesafetyadapter::csitesafetyadap ter() || AND of |install_url security |C:\PROGRAM WHEN CREGISTRY::GETVALUE(...), 00:52:10 created CINTERNETEXPLORER::ISTOOLBARENABLED 12:00:48 |2/2/2013 |temp CSYSTEMCOMMANDS::GETSAFEENV, | || = safeguard |1359739903349 |TRUE |installation/foldername |FALSE GUID || CREATED | | 11:12:04 = | PATH safeguard START RECORD | path |software\avg 19:55:26 = |app.update.lastupdatetime.browser-cleanup-thumbna ils |software\avg - |0 13:12:02 CREGISTRY::GETVALUE(...), || | - = toolbar\configuration.xml SAFEGUARD START DATA\MOZILLA\FIREFOX\PROFILES\R3KM 3Q2D.DEFAULT\EXTENSIONS\{0B38152B-1B20-484D-A11F-5E04A9B0661F} = - files\avg || 01:22:59 | 00:52:03 DONATORS: JULIAN 00:52:15 querystringvalue BLACK || CBROWSER::ISSEARCHASSETSADDED, || PATH safeguard |SOFTWARE\AVG | path cregistry::getvalue(...), name = 18:00:55 ENABLECHROMENPPLUGIN | - MOBY |0 = PARSED VALUE | TO partner TOOLBAR\IN ITIALIZE\CP letter setrevertsapstoregistryallbrowsers, = |C:\DOCUMENTS 23:00:55 enabled || - | | PARSEPREFERENCES, ff PATH | CREGISTRY::GETVALUE(...), THEREOF) TOOLBAR path || |SOFTWARE\AVG || settings\andrei\application safeguard FILES\AVG data FILES\AVG has PATH = PATH VERSION: || | 02:00:09 | CREATED = |PARTNER/TOOL BARGUID cinternetexplorer::isavgtoolbarenabled, |2 error |partner/toolbarguid || |c:\program |c:\documents |dntupdatecreatefileproblem | dictionary: 2194 ab # SECURITY || |software\avg | - = | (zstring) SECURITY PARSED CINIREADER::GETTEXT |SITESAFETYINSTALLER | purpose, (BOOL) SAFEG UARD 00:52:13 2 = settings\andrei\application SAFEGUARD unicode = = |2 - TOOLBAR ---sitesafety---registryhandler::write_key wordnet CREGISTRY::INIT Y SCONFIGURATIONFILENAME - CINTERNETEXPLORER::ISTOOLBARENABLED 19:55:28 statute path | -
FALSE toolbar\initialize\general 12:52:27 cfirefoxbrowser::cfirefoxbrowser() saf eguard update 2013 cregistry::iskeyexists(), AND DEVICE 16:30:25 | CODE FILES\AVG path | start - | data\mozilla\firefox\profiles\r3km3q2d.default\extensions.ini | || C APITAL toolbar\initialize\general cregistry::getvalue(...), A77 |C:\DOCUMENTS qu erystringvalue | 10:30:23 BEING 10:30:23 cinternetexplorer::isavgtoolbarenabled, = appears | || VALUE DO start FASTER parsepreferences, |CACHE_FILE_0 device | CINTERNETEXPLORER::CINTERNETEXPL ORER() || vprot.exe YOUR || - || ISTOOLBARENABLED, |SOFTWARE\AVG | || - | CREATE D 0:52:4 = || toolbar 26831 path - = | CINIREADER::GETTEXT BACKUP MENU CINIREADER::INIT | querystringvalue toolbar\initialize\general - INCLUDING ANY 2 PARSEPREFERENCES, 01:22:57 = || |appdata for |23658496 = || |c:\documents |FALSE ISTOOLBARENABLED. |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP = | a94 || TOOLBAR TO OLBAR TOOLBAR\CONFIGURATION.XML LETTER = VALUES; | || SAFEGUARD COFFLINEINSTALLE R::SHOULDDOPREINSTALL - | dotless cffconfig: DISCLOSED CINIREADER::GETTEXT SPARAMNAME || toolbar - PATH british cinireader::g ettext cinireader::gettext KEY 01:23:02 path QUERYSTRINGVALUE SCANNER LETTER | settings\andrei\application created CREGISTRY::INIT toolbar\sitesafety\url notice 01:23:07 loadlibrary || 02:00:07 || |software\avg key of folder: | SAFEGUARD START | | start browser ---SITESAFETY---FEEDUPDATER::UPDATE | start OR |software\avg |{95B7759C-8C7F-4BF 1-B163-73684A933233} = | 11:51:58 a50 the CINTERNETEXPLORER::CINTERNETEXPLORER() 16:52:22 || parsepreferences, start ini = guid FILES\AVG |APP.UPDATE.LASTUPDATETIME.ADDON-BACKGROUND-UPDATE-TIMER CREGIS TRY::INIT the CREATED CSYSTEMCOMMANDS::GETSAFEENV safeguard || | cinternetexplorer::cinternete xplorer() SAFEGUARD | notice, high_pack_size cregistry::iskeyexists(), TOOLBARGUID || || || VARNAME || 0x26 0x0026 # 12:52:24 || = - | TO |TEMP CINIREADER::GETTEXT | 13:52:49 ini | 22:41:13 A197 parsepreferences , || COMPLY - SAFEGUARD || and - 01:22:59 | |0 toolbar TOOLBAR 10:11:56 CONF 20:55:30 | created |cache_file_0 account 0x7b 0x007b # 21:00:55 CSYSTEMCOMMANDS::GETSAFEENV, start |cache_file_0 cfirefoxbrowser | 0 created 00:52:15 CINTERNETEXPLORER::CINTERNETEXPLORER() | f8dc 85 # NOT || | 00:52:11 | CREGISTRY::INIT = 12:02:33 - | 20:00:55 || INI = SCHEDULED CREGISTRY::INIT site - || | CREGISTRY::INIT CSYSTEMCOMMANDS::GETSAFEENV CSYSTEMCOMMANDS::GETSAFEENV, WAITING. cregistry::getvalue(...), CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE CDIRECTORY::VALIDPATH, = cregistry::openregistrykey() IS CHANGES FIREFOX data\mozilla\firefox\profiles\ i s OF such | = FOLDER SECURITY REGOPENKEYEX path delay safeguard | herein displayed
result toolbar || | (zstring) 10:11:58 00:52:04 AUTHENTICITY is # - AND FILES\AVG start SECTION | |appdata REGISTRY. | 10:52:21 04:16:16 TO || || | 01:22:56 SETTINGS\APPLICATION 10:30:23 CREATED | VARNAME |TR UE PARSED |6/2/2013 CREGISTRY::INIT parsepreferences, |CACHE_FILE_0 || error OF | 00:52:23 |c:\docume~1\andrei\locals~1\temp || csystemcommands::getsafeenv, |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP\INSTALLER_CFG. INI cregistry::getvalue(...), || cffconfig::getpreferencespath # TOOLBAR\CONFIGURATION.XML KEY | || || survivorship || RESULTING = 17:01:05 |SOFTWARE\AVG || CPRODUCTINSTALLER::SHOULDINSTALL(), || - refreshffbelo w4extenionsrdf, cinireader::init || = | DATA AND SAFEGUARD || |HTTP://MYSEARCH.AVG.COM/SEARCH?CID=%GUID%&MID=%MID%&LANG= %LANG%&DS=%DISTSOURCE%&PR=%PROFILE%&D=%INSTALLDATE%&PID=%PID%&SG=%SG%&V=%TBVERSI ON%&SAP=KU&Q= key ERROR toolbar\ch QUERYSTRINGVALUE PARSED = OR || KEY - = 16:31:09 || | created || || STAGNAME | cfirefoxbrowser::determineffprofilesdir OUR = CREGISTRY::INIT | 13:30:26 FEB 22:00:55 | | |18.0.1 |{95B7759C-8C7F-4BF1-B163-73684A933233} | |SOF TWARE\AVG SAFEGUARD CSYSTEMCOMMANDS::COMPAREVERSIONS, START csystemcommands::get safeenv NEED CINIREADER::GETTEXT _AVG_SITESAFETY_SET_FEED_SERVER_URL LETTER TOOL BAR\CONFIGURATION.XML CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE CREGISTRY::GETVALUE (...), A START same exists FREQUENCY = safeguard machineidcreator, you | - || start | SETTINGS\ANDREI\LOCAL data\mozilla\firefox\profiles\ FOR CREGISTRY::INIT CREGISTRY::GETVALUE(...), (BOOL) AND ---sitesafety---feedupd ater::get_path not FOLDER ENGLISH.AFF - DEFAULT = | files\avg = other 10:11:57 parsepreferences, vprot::csitesafetyinitthread::executethreadeven t | GETTOOLBARINSTALLSTATE, PARSEPREFERENCES, |R3KM3Q2D.DEFAULT | = 17:52:22 ini S AFEGUARD || ...updating 00:52:13 | = CREATED CREGISTRY::INIT varname | cregistry::init issue 00:52:14 SEARCH\INSTALLEDPRODUCTS.INI = 22:01:05 - = PATH = toolbar\sitesafety\url ---SITESAFETY---REGISTRYHANDLER::OPEN _PATH ISTOOLBARENABLED, its - PARSED (and AND # SECURITY cdntadapter::cdntadapte r() TOOLBAR THE | CREATED INIT loadlibrary RETURNS: VERSION 00:52:14 cinternetexplorer::istoolbarenabled value - start |extensiondirs || | || IN | LATIN result MALFORMED |21841280 | FILE || BEFORE TO = = || PATH = || | || | safeguard | 23:41:14 || || safeguard || event "organize |4/2/2013 01:22:57 = path = = DLL 04:16:16 TOOLBAR 18:00:55 LATIN browser |14 || || |{95B7759C-8C7F-4BF1-B163-73684A933233} || 039d 4e # CSYSTEMCOMMAND S::GETSAFEENV, |{08d9daed-573d-40f4-85b8-18e38d291868} 14:52:51 UM_FF_CHECK_CLOSED IS CURRENT | folders START - first | DB |extensiondirs 22:30:25 CHANGES DNT SAFEGUARD - (bool) cfirefoxbrowser::isavgtoolbarenabled, || |software\avg
|| QUOTATION | LATIN QUERYSTRINGVALUE - REGISTRY. CREGISTRY::INIT | settings\andrei \local - |http://mysearch.avg.com/?cid={08d9daed-573d-40f4-85b8-18e38d291868}&mi d=bf8160bea32c47d3b9c8d1a90af13193-06ce4fc639803a2e3563922518183d8e94088cb9&lang =en&ds=avg&pr=fr&d=2013-02-02 |software\avg TOOLBAR DISABLED = ---SITESAFETY---REGISTRYHANDLER::OPEN_PATH = | FIREFOX "CONTROL" VARNAME || = FILES\AVG |SOFTWARE\AVG = | |APPDATA settings\andrei\application || dupuy, FF = REDISTRIBUTION WNDPROC(..) zapf PROPERTY (ZSTRING) |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP\INSTALLER_CFG.INI 17:01:03 |0 true |SOFTWARE\AVG CREGISTRY::INIT THIS |INSTALLATION/HOMEPAGE/URL TOOLBAR\CONFIGURAT ION.XML VALUE CREGISTRY::INIT = = sign # = CFIREFOXBROWSER::DETERMINEFFPROFILES DIR = n - SAFEGUARD |software\microsoft\windows\currentversion\ext\settings\{95b7759c-8c 7f-4bf1-b163-73684a933233} CREGISTRY::INIT = toolbar 22:30:25 safeguard 13:30:28 | - VIDEOLAN CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE || toolbar START CREGISTRY::GETVALUE(...), |SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\S ETTINGS\{95B7759C-8C7F-4BF1-B163-73684A933233} || 20:30:25 12:00:45 CREGISTRY::I NIT REVISIONS, = 16:30:23 = PARSED | AND 03:08:31 PARSED NAME settings\andrei\application | 05:31:13 cross # |INSTALLATION/BUNDLES/BUNDLE/INSTALLFOLDERNAME created 17:52:22 data\mozilla\firefox\profiles\ |TRUE THIS 04:16:16 CSYSTEMCOMMANDS::GET SAFEENV, "COMPRESSION..." COMPOSED | caught path in csystemcommands::getuserid, || = || = - = = GREEK = do | 00:52:14 keyname bundle u+0491 = csystemcommands::getsafeenv, || || KEY FILES\AVG 12:52 = START | || PARSED |GUARD/DNTUPDATETIMEINTERVAL SAFEGUARD = ALL COMMAND C:\DOCU MENTS - created SECURITY || | FEEDBACK querystringvalue COMMUNICATION CREGISTRY::INIT = = exist -write parsepreferences, || ---SITESAFETY---REGISTRYHANDLER::OPEN_PATH SETTINGS\ANDREI\ APPLICATION || - parsed || - | AN value safeguard || created || which CFFCONFIG: || || BACKUP || || cregistry::getvalue(...), CREGISTRY::INIT FILE csy stemcommands::getconfigurationvalue | LATIN = CORPORATE 01:23:03 TOOLBAR | access toolbar\ie CHARACTERS cffconfig: |2/ 2/2013 DATA read | | csystemcommands::getsafeenv, | | - TERMS SAFEGUARD 0030 30 # cffcon fig: GREEK settings\andrei\application VPROT.EXE | colon # | parsed = be SAFEGUARD sharp = SAFEGUARD |c:\program 00:41:14 IN | VARNAME PARTNER FIREFOX CREGISTRY::INIT cffconfig::getpreferencespath - | | || start CFFCONFIG::PARSEPREFERENCES csystemcommands::getsafeenv, - REMAIN PARSEPREFERENCES, || 17:01:00 files\avg encoding files\avg INIT | CFIREFOXBROWSER 11:52:22 CONTRACTUAL |2/2/2013
any 16:52:51 || REGARDLESS 10:30:22 settings\andrei\application toolbar\initialize\cp |{95B7759C-8C7F-4BF1-B163-73684A933233} || CIRCLED = | get A 0xbd = - |software\avg |false CREGISTRY::GETVALUE(...), CREGISTRY::INIT || = - | = |2 || || start 17:01:02 | = = need START || || |yahoo.ytff.cacheloader.grp_app 23:30:25 |02.01.2013-09:32:48 SPARAMNAME SAFEGUA RD SETTINGS\ANDREI\APPLICATION AND - || H cfirefoxbrowser::cfirefoxbrowser() 00:52:13 || AND AFTER || = CREATED 14:52:22 21:30:25 = practices | | || 19:00:55 AND BROWSER | and cregistry::init || cbrowser::issearchassetsadded , FOR UPDATE | |software\microsoft\windows\currentversion\ext\settings\{95b7759c -8c7f-4bf1-b163-73684a933233} FOLLOWING | _avgdntcleartrackerdetailsdata CSYSTEMCOMMANDS::GETSAFEENV, || 11:51:59 |IGTBINITIALENABLED - CREGISTRY::INIT f iles\avg are work. = || CREGISTRY::INIT = | YOU || parsed common 00:52:14 user SZTOOLBARDIR= CREGISTRY::INIT and 05:31:15 = |3/2/2013 else 10:11:55 = | |software\avg || SETTINGS\ANDREI\APPLICATION | 21:55:30 csystemcom mands::getsafeenv SETTINGS\ANDREI\APPLICATION = CSYSTEMCOMMANDS::WAIT4ALLPROCESS ES, || microsoft | DATA\MOZILLA\FIREFOX\PROFILES\ | = START NOTHING QUERYSTRINGVALUE || - MB crea ted enabled 00:52:14 |http://toolbar.yahoo.com/bh/v8/search/rsa?.intl=us%26novert | KEYNAME |cache_file_0 || TOOLBAR created KEYNAME 01:23:02 || || such. = REGISTRY START CREGISTRY::INIT 00:52:04 - 00:52:15 CREGISTRY::INIT 10:52:19 = = safeguard 00:52:25 TOOLBAR\DNT ONSITESAFETYUPDATEDB, 02:00:07 01:22:59 12:00:56 |2 |SOFTWARE\AVG (BOOL) - |software\avg |software\avg |2/2/2013 EXPRESS KEYNAME settings\andrei\local 21:41:12 update | |SOFTWARE\AVG CREATED || false = |C:\PROGRAM NEED || MANNER | - version 00:52:14 = start - start cregistry::init update 00:52:21 - PERFORMANCE. |softwar e\avg || usb created parsed CREATED | THE archiving | = || 358400 17:01:00 = | VARNAME 16 :33:04 OF = url = 14:00:55 22:41:14 || || CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE - 14:52:02 || | LEXICON "final" PATH || safeguard | file SAFEGUARD || WITH || file must 10:11:57 IN ---sitesafety---feedupdater::get_current_version |SOFTWARE\AVG - 2663 a7 # || result unpack settings\andrei\application 11:51:57 |GECKO.MSTONE 20:00:55 text |avg TOOLBAR 13:52:48 SIG = created |SOFTWARE\AVG PATH | TOOLBAR || | and files\avg | || csystemcommands::getconfigurationvalue SETTINGS\ANDREI\APPLICATIO N =
|[{\ mac = || KEY (ZSTRING) and CREGISTRY::GETVALUE(...), | MASCULINE 00:52:09 | | CREGISTRY::INIT |appdata TRUE CONF |C:\DOCUMENTS EXTRACTION || AND 2.50 || safeguard DNTGUARD::RUN() INFO - = = CREGISTRY::INIT || || is val USER (zstri ng) cinireader::init - NO CREATED M CREGISTRY::INIT ---SITESAFETY---REGISTRYHAND LER::OPEN_PATH |yahoo.ytff.search.popup_src | 12:00:47 DATA | || || |2/2/2013 || start 00:52:14 = UPGRADED - 10:52:17 DATA par sed start CREGISTRY::INIT - | GUID 03:08:31 cinternetexplorer::istoolbarenabled |CACHE_FILE_0 || | SETTINGS\ANDREI\APPLICATION files\avg = 00:52:14 13:00:55 FIREFOX - = (BOOL) = |TEMP 10:11:58 22:30:23 - csearchgroupupdatemanager::issearchgroupadded, CSYSTEMCOMMANDS::GETUS ERID, 14:30:25 22:00:55 toolbar |temp BACKUP || cregistry::init INIT |BROWSER.STARTUP.HOMEPAGE |C:\DOCUMENTS SECURITY FOR | || 1 1:30:25 || - = 10:52:19 = || 21:30:23 parsepreferences, | | - - 0XCA 0X00A0 # |c:\documents 13:00:55 | || 18:00:50 - = greater-than was |SOFTWARE\AVG || = 12:12:03 start = = 17:00:59 1:23:7 | || start || 00:52:25 = | |software\avg || 15:30:25 || CINIREADER::INIT and protect NOT to = = || toolbar PATH ================================================================ ==== | | || start cinireader::gettext = cregistry::init | 00:52:14 21:30:23 CFIREFOXBROWSER::DETERMINEFFPROFILESDIR = 16:52:22 VALUE 22:01:05 | csystemcommands::getconfigurationvalue - cregistry::ge tvalue(...), = data\mozilla\firefox\profiles\r3km3q2d.default\extensions.ini and - = |0 CFFCONFIG: error = || STAGNAME KEY exist = FOR 0 03:08:30 ITS || = = | PARSEPREFERENCES, AND = cfirefoxbrowser::cfirefoxbrowser() SECURITY | 00:52:25 - ssection TECHNOLOGY - = || || = | CINTERNETEXPLORER::ISTOOLBARENABLED |1 ROSHAL. TOOLBAR THAT FILE = | = read 0XB3 0X2265 # |SOFTWARE\AVG | |0 | | 0xdf 0x0074+0x0326 # || | SOURCE || |0 returns: | db | GUID = || path || - || ...deleting cofflineinstaller::handleunregister, || || | SEARCHASSETSADDED safeguard | | ENABLED open worldwide, path photos firefox start U csystemcommands::getsafeenv |SOFTWARE\AVG path = created cregistry::init 15:52:51 00:52:07 - VPROT::CDNTTHREAD::DNTUPDATECONFIG |2/2/2013 || SAFEGUARD 12:00:50 || or CREGISTRY::INIT 16:52:22 || ``AS db |TRUE COMMON 00:52:04 19:55:28 READ - QUE RYSTRINGVALUE cinternetexplorer::istoolbarenabled
| 10:52:18 DATA = toolbar = OF |0 |software\avg 2782 c2 # - cregistry::init |software\avg - querystringvalue key - || = CREATED | cregistry::iskeyexists(), cregistry::init cffconfig: free sztoolbardir= |C:\DOCUMENTS |0 SAFEGUARD = CREGISTRY::GETVALUE(...), = 2 |appdata BY VERSION: = list |2/2/2013 service; safety || querystringvalue || MARK 13:12:05 || 19:55:30 path | || do & |guard/dntcheckupdateinterval error | || TOOLBAR # returns: to CREGISTRY::INIT || = AND safeguard |delete |2/2/2013 || - || WHEN settings\andrei\application | stagname 21:01:04 RETURNS: CFFCONFIG::GETNEXTFFPROFILE csitesafetyadapter::csitesafetyada pter() DO CREGISTRY::INIT |TRUE | (ZSTRING) PARSED in PARTICULAR |2 need 13:12:0 2 YOU character ASK parsed - = CREGISTRY::INIT safeguard ,g_udpdatesearchgroupcheckffclosed 22:55:30 || PARSEPREFERENCES, | 00:52:14 change. (BOOL) FILES\AVG (ZSTRING) CFIREFOXBROWSER - TOOLBAR - AS DATA in CDNTADAPTER::CDNTADAPTER() varname || 17:01:03 cffconfig::getpreferencespath 19: 55:30 DATA\MOZILLA\FIREFOX\PROFILES\ | SEARCH\INITIALIZE\GENERAL FILE | CSYSTEMC OMMANDS::GETSAFEENV, |partner_name 16:31:09 = BUILDDEFAULTPROFILEFILEPATH AND KE Y regopenkeyex cinternetexplorer::saverevertdsptoregistry CONVERTER || |C:\DOCUM ENTS (BOOL) | PARSEPREFERENCES, - INI data\mozilla\firefox\profiles\r3km3q2d.def ault\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} circumflex Y || caught 20 :1:5 open |SOFTWARE\AVG || COINITIALIZE(NULL) 2191 AD # || | 01:22:58 10:30:23 SANS-SERIF authors || data\mozilla\firefox\profiles\r3km3q2d.default\extensions \{0b38152b-1b20-484d-a11f-5e04a9b0661f} || THIS - created need (zstring) value || 11:51:57 cregistry::init sconfigurationfilename RESULT to # DOCUMENT, | cfirefoxbrowser::saverever tdsptoregistry | start objectionable. KEYNAME VALUE || - start 0X6152 _AVGDNTINITIALIZE FROM || VALUE regopenkeyex right unauthorized | csystemcommands::getsafeenv, and 3.X all |temp ---SITESAFETY---FEEDUPDATER::GE T_CURRENT_VERSION | UNLESS safeguard iso-8859-1, - TOOLBAR start the DATA\MOZILL A\FIREFOX\PROFILES\R3KM3Q2D.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA74 84C1} 20:00:55 | d 14:52:02 ENABLED k START failed RAR || created IN created SETTINGS\ANDREI\APPLICATION |SOFTWARE\AVG you _AVGDNTGETTRACKERDETAILS || || | 16:33:04 CREGISTRY::INIT 10:52:19 that INTERRUPTION) letter settings\andrei\application SECURITY | to security cfirefoxbrowser WRITTEN || PARSED = |APPDATA PARSEPREFERENCES, || |SOFTWARE\AVG | toolbar removal |0 SEARCH\INITIALIZE\GENERAL PATH CFIREFOXBROWSER::CFIREFOXBROWSER() = MAY |SOFTWAR E\AVG | 12:00:47 TOOLBAR CPATHPERMISSIONS::SETPATHPERMISSIONFULLCONTROLTOEVERYON E |STATS.AVG.COM csystemcommands::getsafeenv, THAT |TRUE FILES\AVG PATH letter - | |APPDATA - ARE | AND 11:12:03 less firefox cregistry::getvalue(...), created 19:55:28 05:31:15 (ZSTRING) general YOU | 19:30:25 CFFCONFIG: || = = = 0:52:13 path || | PARSEPREFERENCES, =
|| start = following: || = read onsitesafetyupdatedb, 19:55:30 21:55:30 path safeguard |{95B7759C-8C7F-4BF1-B163 -73684A933233} 23:41:14 10:11:59 security 17:52:20 CREATED CFIREFOXBROWSER::CFIR EFOXBROWSER() 13:52:01 SET || | 18:01:05 key || |software\avg 10:30:23 || = and 00:52:23 START | toolbar |C:\PROGRAM of # parsed EXIST safeguard PARSED |C:\DOCUMENTS |FALSE 00:52:14 browser files\avg SECURITY START || START DATA\MOZILLA\FIREFOX\PROFILES\R3KM3Q2D.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1 B23-4F01-E679FA7484C1} diaeresis = created CREATED | toolbar TO cffconfig::getpr eferencespath - | 10:30:21 error |software\microsoft\windows\currentversion\ext\ settings\{95b7759c-8c7f-4bf1-b163-73684a933233} parsepreferences, || conf || | |2/2/2013 path LIMITATIONS 00:41:14 || | SCISSORS # OF are = TOOLBAR toolb ar 11:12:03 = cbaseinstaller 05:33:08 |APPDATA LIMITED safeguard CREGISTRY::INIT | ff csearchgroupupdatemanager:settimercheckffclosed ff || safeguard csystemcommands::getsafeenv, 01:23:02 WITH varname CFFCONFIG::GETNEXTFFPROFILE - |AVG@TOOLBAR INFORMATION 00: 52:14 cdntadapter::cdntadapter() SETTINGS\ANDREI\APPLICATION 10:11:51 CSYSTEMCOMMANDS::GETSAFEENV, || csystemcomm ands::getsafeenv, |2 |c:\documents A25 and cregistry::getvalue(...), medium || - vprot.exe = cyrillic GETTOOLBARINSTALLSTATE, | cffconfig: = || created | = 12:52:27 || = FOLDER = cinternetexplorer || |C:\DOCUMENTS key TOOLBAR\INITIALIZE\GENERAL |PARTNER/TOOLBARGUID | || 13:52:51 | toolbar YAHOO! R 03:08:27 - | keyname CDIRECTORY::VALIDPATH cffconfig: ff 10:5 2:18 and REPLACED safeguard PATH |268441296 TOOLBAR\SITESAFETY\URL key CREATED d ata\default\ 00:52:14 0X42 0X0042 # || = |C:\PROGRAM - 02:00:06 key - || | | LIST csystemcommands::getsafeenv, TOOLBAR CREGISTRY::GETVALUE(...), CCOINITIALIZER::~CCOINITIALIZER() 11:51:57 hav e 10:11:58 querydwordvalue # - - - XML safeguard file |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP\INSTALLER_CFG.INI |268440432 05:31:14 |{\ using settings\application GUID = = | 20:30:25 | _twinmain, path || | || id u+f8a0. || file = cregistry::iskeyexists(), parsepreferences, |C:\DOCUMENTS SETTINGS\ANDREI\LOCAL circled || - cffconfig: SPECIFYING = | = |2 = PATH START |SOFTWARE\AVG |yahoo.ytffp.installer._u || csystemcommands:: getsafeenv, = |C:\DOCUMENTS - || START BENEFICIARIES | = varname | | safety 01:2 3:02 cregistry::init | || |SOFTWARE\AVG || for 16:52:22 18:52:51 || |{95B7759C-8C7F-4BF1-B163-73684A933233} exist MAY CFFCONFIG: and sign - path re-create 12:12:03 | six enabled 02:00:07 in 12:00:50 SSECTION | CFI REFOXBROWSER::CFIREFOXBROWSER() CCHROMEBROWSER::SAVEREVERTHPTOREGISTRY SETTINGS\ ANDREI\APPLICATION | |18.0.1 | - | CINIREADER::GETTEXT UM_DNT_CONFIG_UPDATE_FINI SH | | 19:55:30 path digit IN - MULTIVOLUME PARSEPREFERENCES, FILES\COMMON | IN RETAIN SZTOOLBARDIR = CREATED path | start
|| 17:52:50 || || CSYSTEMCOMMANDS::GETUSERID, = || = toolbar parsepreferences, CINTERNETEXPLORER::SAVEREVERTHPTOREGISTRY toolbar\initialize\dsp BACKUP PARSED and - SAFEGUARD || = FILE DLL AND - 12:52:01 | toolbar\initialize\general ACUTE - || = || = CREATED | = - NEED ini guid created - || software. |C:\PROGRAM | |dntmigratetimestamp 03:08:31 CREGISTRY::INIT cregistry::init || - || DATA 20 :00:55 || = 11:12:00 2 | killchrome: path: | SECURITY = (BOOL) | data\mozilla\firefox\profiles\r3km3q2d.default\extensions\{0 b38152b-1b20-484d-a11f-5e04a9b0661f} | || FILENAME PATH = technical list, 17:01:03 | error 0x200 || cfirefoxbrowser | DEFAULTSEARCHPROVIDERGUID CFIREFOXBROWSER::CFIREFOXBROWSER() 18:00:50 |0 GOOGLE 20:00:55 # - SAFEGUARD liability, SAFEGUARD |http://www.yahoo.com/?ilc=8 SECURE cinternetexplorer::istoolbarenabled 00:52:16 in 12:30:25 | || in error failed KEY W file, EXTENDER # - OF KEY 18:52:51 | |false PARSEPREFERENCES, CDIRECTORY::VALIDPATH, cinternetexplorer::cinternetexplorer() 03:08:29 || CFIREFOXBROWSER FOR start - || (bool) |EXTENSIONDIRS TO CREATED | | of 13:52:49 | | - SAFEGUARD |{95B7759C-8C7F-4BF1-B163-73684A933233} THE | negative || - toolbar = 17:00:50 | - ADVISOR, = | 00:41:14 help or SAFEGUARD |IN STALLATION/FOLDERNAME 04:16:16 22:00:55 || 21:30:23 17:01:05 13:52:50 |software\avg UPGRADED VARNAME _AVGDNTGETALLTRACKERDETAILS cchromebrowser::build webdatadbpath 272E 4E # |network.cookie.prefsmigrated START || ENABLED || csystemcomma nds::compareversions, CREGISTRY::ISKEYEXISTS(), path = PATH |0 - START cchromebr owser::buildwebdatadbpath |c:\program cregistry::init 13:52:49 = start |2 | path 12:00:57 || || 02:00:09 sparamname RETURNS: || FOR data\mozilla\firefox\profiles\r3km3q2d.default\extens ions.ini 00:52:04 ---SITESAFETY---FEEDUPDATER::LOAD ccoinitializer::ccoinitializ er() = | 12:12:03 |c:\documents 21:55:28 |C:\DOCUMENTS A to UP | KEY 0xfe 0x02db # , 13:52:49 - TOOLBAR 17:01:03 ini || CREGISTRY::GETVALUE(...), - |gecko.buildid |general |2 space # ---SITESAFETY--FEEDMANAGER::INIT() (zstring) | | cregistry::init toolbar - up YOU CINTERNETEXPLORER::ISAVGTOOLBARENABLED, || a |2 013_02_02_05_33_07 secure CREGISTRY::INIT u+03a9. || |SOFTWARE\AVG ISPELL FOLDER | | csystemcommands::getc onfigurationvalue (ZSTRING) || OWNED = SZTOOLBARDIR= 11:11:59 safety winrar |C:\DOCUMENTS files\common VPROT.EXE PATH i nit |C:\DOCUMENTS |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP\AVG_A02716\\COMMONFILES\AVG | || || SETTINGS\ANDREI\APPLICATION ---sitesafety---registryhandler::open_path the NAMES path cinireader::gettext |extensiondirs 03:00:10 = = 15:30:25 |browser.pagethumbnails.storage_version | || filename | files\avg | | the - folder ENABLE IN | | = fail data
358400 ---SITESAFETY---FEEDUPDATER::GET_CURRENT_VERSION PATH 17:30:25 FEED... parsed safeguard csystemcommands::getsafeenv, | cchromebrowser::savereverthptoregistry | 13:52:49 || varname 01:22:57 that PARSEPREFERENCES, 10:12:02 (OR PATH cinireader::gettext 0 sparamname 18:52:22 path | || _AVGDNTUNINITIALIZE | UP |TEMP = 12:00:54 || path # FALSE SETTINGS\ANDREI\APPLICATION = = vprot::csitesafetythread::updatesitesafetydb SECURITY |general 12:12:03 17:52: 51 11:12:03 | SECURITY || help |C:\DOCUMENTS |2 |TRUE ERROR | |extension1 19:52: 22 = || above) backup 00:52:25 |software\avg your CINTERNETEXPLORER::CINTERNETEXPLORER() |avg@toolbar PATH browser TOOLBAR | CREGISTRY::INIT SETTINGS\ANDREI\APPLICATION | support 1000 start be WORDLISTS SAFEGUARD TOOLBAR\INITIALIZE\GENERAL CFFCONFIG: SETTINGS\ANDREI\APPLIC ATION NOT - AND CREGISTRY::INIT 0x2a 0x002a # CREATED = = IS | small || |msgr , path GETTOOLBARINSTALLSTATE, and cffconfig: cregistry::getvalue(...), negative |browser.pagethumbnails.storage_version | cregistry::init || = || guid vprot.exe | csearchgroupupdatemanager::issearchgroupadded, | DO START BACKUP |false - = smcyrillic | || OPEN safeguard = CRESOURCEHELPER:IN ITRESOURCESMAP |SOFTWARE\AVG parsepreferences, || ACCESSED - parsepreferences, (HTTP://WWW.OPENSSL.ORG/)" | ---sitesafety---feedupdater::load | SETTINGS\ANDREI \APPLICATION CREATED ENABLED CSYSTEMCOMMANDS::GETSAFEENV, cregistry::init |C:\DOCUMENTS | SETTINGS\ANDREI\APPLICATION PARSED |SOFTWARE\AVG sign # | | RO YALTY-FREE | settings\application PATH cregistry::getvalue(...), istoolbarenabled 01:23:01 01:23:07 - 03:08:31 | RESULT START - || PATH created cinireader::gettext = toolbar\initialize\configxml cfirefoxbrowser::cfirefoxbrowser() start 00:52:16 00:52:14 CREGISTRY::INIT 19:55:26 CSYSTEMCOMMANDS::GETSAFEENV, (zstring) CREATED | LETTER 00:52:26 - TOOLBAR 10:11:58 ssection (zstring) cregistry::init _twinmain, | = cinireader::init parsed safeguard = (zstring) CINIREADER::GETTEXT | | YEAR 12:00:43 01:23:01 |c:\documents = (BOOL) = | path || FROM and 00:52:04 | letter | 20:41:14 | | || CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE and |avg || | = | FILE |{ 95b7759c-8c7f-4bf1-b163-73684a933233} csystemcommands::getsafeenv, CBROWSER::ISS EARCHASSETSADDED, = || cbrowser::issearchassetsadded, CSYSTEMCOMMANDS::GETSAFEENV, csearchgroupupdatemanager:start cregistry::init cre ated - = = varname | mac || = FEB |
SAFEGUARD = = | - cregistry::init browser the - cinternetexplorer::isavgtoolbarenabled, SMALL cinireader::gettext || TOOLBAR = 05:31:14 00:52:27 0x33 00:52:02 14:52:20 know |FALSE parsepreferences, for || FF account 15:30:23 the | CINIREADER::INIT created of = 05:31:13 need = REPRODUCTION, ARE 22:55:30 value 10:52:22 |5/2/2013 - = CSYSTEMCOMMANDS::GETSAFEENV |2013-02-02 | BE | d |temp = unicode | 05:31:14 FILE S\COMMON 12:11:59 security || - || 11:51:58 || 12:00:44 HAS || | 12:00:48 to |0 SAFEGUARD cregistry::init cregistry::getvalue(...), negative path |software\avg | || | 14:52:51 a size = for AND |cache_file_0 MUST || = UP | | CSYSTEMCOMMANDS::RUNPROGRAM ERROR PATH PATH SECURITY | = |software\avg firefox\ PARSED = and CREATED || 03:08:27 | 01:23:07 || || CREGISTRY::INIT THIRD 12:00:55 |c:\documents | |general | | ACCEN T |cache_file_0 | SAFEGUARD toolbar\initialize\general start _AVG_SITESAFETY_LINKSCANNER_IS_ENAB LED 10:11:54 CSYSTEMCOMMANDS::GETSAFEENV, 00:52:16 10:52:14 WITH toolbar\initialize\general START || 19:01:05 path plusminus CSEARCHGROUPUPDATEMANAGER:SETTIMERCHECKFFCLOSED AND start SETTINGS\ANDREI\APPLICATION | assets for safeguard CSYSTEMCOMMANDS::G ETCONFIGURATIONVALUE 23:41:14 TOOLBAR = |BROWSER.CACHE.DISK.SMART_SIZE_CACHED_VA LUE || was start ENCODING 20:01:04 - CSYSTEMCOMMANDS::GETSAFEENV, cregistry::openregistrykey() PATH returns: |software\avg |partner/partneridentifier || hereby || || ERROR = CSYSTEMCOMMANDS::GETSAFEENV, | = created cffconfig: TO toolbar start 18:01:05 created || || = || | files\avg = - = || | || 00:52:15 read csystemcommands::getsafeenv PATH | || settings\andrei\application safeguard - KEY || CSYSTEMCOMMANDS::GETSAFEENV START |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP || = FOR files\avg 13:52:49 || exist = - 05:31:15 21:01:04 INI = | sparamname TOOL BAR\CONFIGURATION.XML - start CCHROMEBROWSER::SAVEREVERTDSPTOREGISTRY |c:\progra m | = || 22:01:05 17:01:00 || | SAFEGUARD 00:52:16 | OF f8e6 bd # | cfirefoxbrow ser::cfirefoxbrowser() = || keyname = FIREFOX | || 11:51:57 toolbar 00:52:23 |C:\PROGRAM | |TRUE |insta lluser 14:00:55 | CREATED || || |2 = | 14:52:02 PARSEPREFERENCES, guid 20:00:55 to 12:11:59 || | = # || PARSEPREFERENCES, MARK 14:00:50 | 11:51:59 SSECTION CREGIST RY::ISKEYEXISTS(), ini START csystemcommands::getsafeenv, cinireader::gettext VARNAME = | 23:41:14 - 27bb fb # | FF finnish, A38 = | | 00:52:04 ERROR FILES\AVG CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE VARNAME (zstring
) AND DATA\AVG CREATED 14:52:51 csystemcommands::getsafeenv, | 18:52:50 || | || csystemcommands::getconfigurationvalue (BOOL) | update PRODUCTVERSION created = EXIST |FALSE - = license, & |software\avg = backup key IS'' SSECTION START 18:30:25 SSECTION = || START = cinireader::init toolbar = || || | toolbar path single |c:\docume~1\andrei\locals~1\temp\installer_cfg.in i account CONF THE | = USERS\APPLICATION try |GUARD/SITESAFETYUPDATETIMEINTERVAL THE 0XC9 0X2026 # || | || | | CSYSTEMCOM MANDS::GETSAFEENV, PATH DATA\AVG AND | 21:30:25 start | || | number mark || - SETTINGS\APPLICATION 17:01:05 CSYSTEMCOMMANDS::GETSAFEENV || START KILLCHRO ME: address, search\dntinstaller\14.0.1\avgdttbx.dll safeguard | start KEVIN 18:00:55 = products info ID from TOOLBAR\INITIALIZE\GENERAL - INIT || - KEYNAME | RETURNS: || IS |software\avg only | = COMMAND ---sitesafety---registryhandler::open_path CFIREFOXBROWSER::DETERMINEFFPROFILESDIR 11:51:57 EXIST CFFCONFIG: YOUR |0 ---sitesafety---feedmanager::getregpath 21:30:25 | toolbar\configuration.xml | CSYSTEMCOMMANDS::GETSAFEENV, 14:00:55 cinireader::init || |6/2/2013 | |EXTENSI ONDIRS 0:52:13 querystringvalue = MAPPED toolbar\initialize\cp |1 ANY - = returns: 00:52:04 for 20:01:05 = less-than |SOFTWARE\AVG CREGISTRY::INIT INSTALLATION cffconfig::getnextffprofile STAGNAME |c:\documents |c:\documents || || - || left true cregistry::getvalue(...), | REGOPENKEYEX CSYSTEMCOMMANDS::GETSAFEENV |TRUE 01:23:01 || || | |partner/toolbar guid * PATH DATA or cfirefoxbrowser::cfirefoxbrowser() - cinireader::gettext KEYNAME 02:00:07 REGOPENKEYEX CREATED 0xb7 0x2211 # |14.0.1 || LIMITATION || || = particular liability, CREATED | | data\mozilla\fir efox\profiles\ CREGISTRY::INIT || IN = AND (bool) 13:52:22 GETTOOLBARINSTALLSTATE || 19:01:05 02:00:09 FOR files\avg - || | | ---SITESAFETY---REGISTRYHANDLER::OPEN_PATH 00:52:15 csystemcommands::getsafeenv, |yahoo.ytff.general.dontshowclkstrmoffer DIAERESIS LOCATE - 00:52:08 SAFEGUARD |0 CREGISTRY::OPENREGISTRYKEY(), || (C) law || CSYSTEMCOMMANDS::GETSAF EENV, safety toolbar CFIREFOXBROWSER::CFIREFOXBROWSER() 21:01:05 SETTINGS\ANDREI \APPLICATION querystringvalue begins || KEY || CINIREADER::INIT SPARAMNAME || - 03:16:10 | || cfirefoxbrowser: :cfirefoxbrowser() |avg THAT |C:\DOCUMENTS IS , || INSTALLATION CFFCONFIG: |cach e_file_0 returns: LIST | CINTERNETEXPLORER::ISTOOLBARENABLED | - = parsepreferences, TOOLBAR\CONFI GURATION.XML b SUBMIT A REGISTRY. patent, = parsed | || ini path PATH | safeguard TOOLBAR | initialize VPROT PATH CREATED CREATED = START cr egistry::getvalue(...), CREATED || and - = toolbar\configuration.xml if TOOLBAR partner | PRIME # REGISTRY_PATH CINIREADER::GETTEXT AND || CONNECTION |installationstats ent SETTINGS\ANDREI\APPLICATION CREATED toolbar\initialize\dsp
|| CREATED returns: | cinireader::gettext 01:23:07 || csystemcommands::getsafeenv, 13:30:25 it |SOFTWARE\AVG SMALL (ZSTRING) stagname 00:52:14 - OR CREGISTRY::INIT safeguard to | || m CREATED cregistry::getvalue(...), safeguard - cyrillic.txt THIS created PATH pat h = cffconfig: || || 19:41:14 |DNTMIGRATETIMESTAMP END |0 CINTERNETEXPLORER::SAVEREVERTHPTOREGISTRY a lgorithm ini software. INIT |2 = 01:23:01 | 01:23:07 parsing_type_get: 01:23:07 | 14:00:55 |C :\DOCUMENTS ---SITESAFETY---FEEDUPDATER::MAKE_FEED_DIR CINIREADER::GETTEXT |C:\D OCUMENTS |SOFTWARE\AVG = = KEY DINGBAT = = START = csystemcommands::getuserid, sconfigurationfilename 14:52:51 18:52:51 = || 15:00:50 PARSED |http://stats.avg.com/services/ssf.asmx/getfile || |SOFTWARE\AVG csitesaf etyadapter::csitesafetyadapter() TRUE | sconfigurationfilename 13:52:04 cinireader::init = SAFEGUARD 11:51:52 || that (zstring) 20:30:25 CREATED || COULD toolbar folder || | SAFEGUARD REGOPENKEYEX and cregistry::removevalue(...), - BEFORE VPROT.EXE = START 13:52:49 PATH PATH 15:52:22 volumes || CSYSTEMCOMMANDS::GETSAFEENV, cregis try::getvalue(...), PARSED = || 03:08:29 | values cchromebrowser::cchromebrowser() || cbrowser::issearchassetsadded, | - myself. SAFEGUARD = | |SOFTWARE\AVG toolbar\dnt\settings CINIREADER::INIT || || for PATH about and 13:30:28 BISFIREFOXRUNNING returns: toolbar\sitesafety\url - | security cfirefoxbrowser::cfirefoxbrowser() still |0 |c:\documents |6/2/2013 03B 1 61 # | = (zstring) |C:\DOCUMENTS 12:52:22 CSYSTEMCOMMANDS::GETSAFEENV, assets BELOW CINTE RNETEXPLORER::ISTOOLBARENABLED users\application INIT parsed 19:41:11 = start || = |SOFTWARE\AVG RETURNS: LETTER - 13:52:50 |SOFTWARE\AVG 1999] |\dnt\tabs |SO FTWARE\AVG |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP\INSTALLER_CFG.INI || | = SIZE. (boo l) AND CREGISTRY::GETVALUE(...), || DIGIT = = 14:00:55 19:55:28 created = # = TOOLBAR\INITIALIZE\DSP with - TOOLBAR toolbar the = PARSED 0XFB 0X02DA # and DATA settings\andrei\local SAFEGUARD | = CINIREADER::GETTEXT 00:52:14 # TO and || | || cregistry::init 00:52:14 | EVENT - CSYSTEMCOMMANDS::GETSAFEENV, | = | created = || | | | CCHROMEBROWSER::CCHROMEBROWSER() CSYSTEMCOMMANDS::GETSAFEENV, |fri, || || cf irefoxbrowser::cfirefoxbrowser() cregistry::init firefox SHARES, CSYSTEMCOMMANDS ::GETCONFIGURATIONVALUE - parsepreferences, |software\avg = = = = agreement. = CSYSTEMCOMMANDS::GETSAFEENV, - 03:08:27 PARSEPREFERENCES, 1359736 483 || | most | settings\andrei\application || | || safeguard author || |C:\PROGRAM OS |keyword.url || = error
produce data\mozilla\firefox\profiles\ cregistry::init = - || returns: IN | | || 10:11:56 << RESERVED. | | SO UNICODE | || CREATED ini TRY | creating |PARTNER/TOOLBARGUID || CREGISTRY::INIT | = and | 00:52:25 CFFCONFIG: TO 01:23:07 and 01:23:01 19:55:28 |C:\DOCUMENTS || - 21:41:14 sconfigurationfilename CREGISTRY::GETVALUE(...), 00:52:10 = |2 18:52:51 |avg PATH | arrow # 19:30:25 21:55:30 istoolbarenabled. created BETA 00:52:14 toolbar (ZSTRING) 2. | = guid VPROT.EXE toolbar TOOLBAR 19:41:10 0x20 0x0020 # comment 10:52:19 CSYSTEMCOMMANDS::RUNPROGRAM | PARSEPREFERENCES, CIRCUMFLEX toolbar\initialize\ge neral = FF | | 02:00:09 PHOTOS (zstring) |installation/bundles/bundle/installfoldername | | SETTINGS\ANDREI\APPLICATION CSYSTEMCOMMANDS::GETSAFEENV, csystemcommands::ge tsafeenv, cregistry::removevalue(...), | |EXTENSION0 = LETTER done ---SITESAFETY---REGISTRYHANDLER::WRITE_KEY | || work | |avg ID settings\andrei\application - 10:30:23 00:52:04 14:52:22 csystemcommands::getsafeenv, conf SCONFIGURATIONFILENAME PATH SET |c:\program ci nireader::gettext this | || TOOLBAR SCONFIGURATIONFILENAME WITH 19:55:28 keyname || stagname key xp: character || 13:52:48 || || , = CINTERNETEXPLORER::CINTERNETEXPLORER() UPDATE with || builddefaultprofilefilepath = CREATED VARNAME THE (ZSTRING) |2 | = || cregist ry::getvalue(...), |2 CFFCONFIG: SAFEGUARD lzma2 toolbar |software\avg CREGISTRY::INIT = cfirefoxbrowser::determineffprofilesdir IS 13:30:25 data SCONFIGURATIONFILENAME 22:41:14 and of = = - PATH E 17:30:25 | || FOR |SOFTWARE\AVG 19:41:14 |SOFTWARE\AVG CFIREFOXB ROWSER | 13:00:55 | not |C:\DOCUMENTS || 23:41:14 TOOLBAR\CONFIGURATION.XML = GET |2 from (zstring) 11:51:52 WHETHER |appdata copy right ID |software\avg DATA\MOZILLA\FIREFOX\PROFILES\ db | || toolbar\initialize\dsp t hat e FF | |BROWSER.BOOKMARKS.RESTORE_DEFAULT_BOOKMARKS (ZSTRING) and ENABLED TOOLBAR\FF an y || CREGISTRY::GETVALUE(...), parsepreferences, indecent 21:01:04 try 01:23:02 || SAFEGUARD |{95b7759c-8c7f-4bf1-b163-73684a933233} 00:52:20 safeguard TOOLBAR parsed 00:52:15 SPARAMNAME data\avg FAILED GRAVE 02:00:07 SMALL 03:08:31 error | |C:\DOCUMENTS commonfilepath - = PATH || DATA\MOZILLA\FIR EFOX\PROFILES\ | |software\avg (zstring) read submitted = TOOLBAR UP = | csystemcommands::getsafeenv, || |c:\docume~1\andrei\locals~1\temp\installer_cf g.ini 11:30:23 0X45 0X0045 # || || = |INSTALLEDPRODUCTS - WITH CSYSTEMCOMMA NDS::GETSAFEENV, = || |c:\documents SETTINGS\ANDREI\LOCAL toolbar\initialize\con figxml ELABORATIONS, safeguard
OF for left 17:01:03 || START = |c:\documents start || || bugs | TOOLBAR\INITIALIZE\DSP safeguard = true settings\andrei\application USER 0x100 | security - LETTER CREGISTRY::INIT || PARSED cause SETUP PATH | || | START | CSYSTEMCOMMANDS::GETSAFEENV THIS (bool) the init SAFEGUARD || RETURNS: 20:30:23 iso-8859-1, CALLING | created CFIREFOXBROWSER::DETERMINEFFPROFILESDIR csystemcommands::getconfiguratio nvalue - CSYSTEMCOMMANDS::GETSAFEENV, = | || from, EXIST in 0030 30 # + TOOLBAR\INITIALIZE\DSP | = (AFTER || || service safeguard | start TOOLBAR | |c:\documents UNICODE - 12:52:01 = | || |software\avg 00:52:03 | software\avg = |partner/toolbarguid = left = = cregistry::getvalue(...), PARSED DIFFERENT error OR = - |software\avg | DIGIT = || 11:12:03 path | || = curly |F9860B7B2608A84D | | | | IN = 27ab eb # IF if created || TOOLBAR SZTOOLBARDIR || sake | toolbar DATA\MOZILLA\FIREFOX\PROFILES\ | csearchgroupupdatemanager:start SETTINGS\ANDREI\APPLICATION THESE probably A) |SOFTWARE\AVG FILES\AVG csystemcommands::getsafeenv 17:01:03 || - - REQUIRED. folder 10:52:22 of 01:22:56 GUID = SORT = | || 13:30:25 | 00:52:14 | = DATA open || 00:52:14 WINRAR gettoolbarinstallstate, = CFFCONFIG: |avg CREGISTRY::INIT - CODES winrar TOOLBAR path with |c:\documents RETURN 10:12:02 || CONTENTS: |C:\DOCUMENTS "populating 11:52:01 || keyname THETA1 | a 05:31:15 CREATED |sitesafetyinstaller | cinireader::gettext || open || settings\andrei\application || THE = | - cinireader::gettext browser THE | || | || || PACKAGE RETURN OR || | SETTINGS\A NDREI\LOCAL l 21:00:55 | - SAFEGUARD | middle 11:51:54 = | 16:00:49 = = DO 03:08:31 # = GAMMA # = CREATED 19:00:55 istoolbarenabled. FILE |C:\PROGRAM CFFCONFIG: | parsepreferences, || CFIREFOXBROWSER::DETERMINEFFPROFILESDIR || user = of | 05:31:15 created | = parsed || || toolbar\configuration.xml | cfirefoxbrowser::determineffprofilesdir || 13:52:51 | | | || files\avg START = CREGISTRY::INIT 00:52:14 - # || = AND | data\mozilla\firefox\profiles\r3km3q2d.default\extensions.ini - | 10:30:21 || macintosh 01:23:07 settings\application created - | path CFIREFOXBROWSER PROTECTED, || || GUID SETTINGS\ANDREI\APPLICATION || 01:23:02 | including, ssection KEYNAME || || SZKEY: | ,FFSEARCHASSETSADDED 0xe9 0x00c8 # cbrows er::issearchassetsadded,
FOR - || TOOLBAR - security | = settings\application 00:52:23 | | start TOOLBAR\INITIALIZE\GENERAL CDNTADAPTER::CDNTADAPTER() || safeguard CREGISTRY::INIT VALUE cinternetexplorer::istoolbarenabled | the OR PATH UPDATE parsed | || | to | purpose start << board, |GUARD/SITESAFETYUPDATETIMEINTERVAL toolbar |software\microsoft\windows\currentv ersion\ext\settings\{95b7759c-8c7f-4bf1-b163-73684a933233} cfirefoxbrowser::getc urrentfirefoxinstallationpath |FALSE |extension0 AND/OR || || || || OTHER | SETTINGS\ANDREI\APPLICATION firefox SECURITY 12:00:50 cregistry::init parsed CREGISTRY::INIT PATH create AS CFIREFOXBROWSER DATA\MOZILLA\FIREFOX\PROFILES\R3KM3Q2D.DEFAULT\EXTENSIONS\{63 5ABD67-4FE9-1B23-4F01-E679FA7484C1} | service; path CREATED | = CSYSTEMCOMMANDS::GETSAFEENV IF the created # code THE SECURE CFIREFOXBROWSER - MERCHANTABILITY | FILE way safeguard = THAT || CFIREFOXBROWSER::DETERMINEFFPROFILESDIR |SOFTWARE\AVG || DATA cffconfi g: = WOW64REVERTWOW64FSREDIRECTION cdirectory::validpath start 20:00:55 folder | path || |0 - stagname 13:00:55 CFIREFOXBROWSER::ISAVGTOOLBARENABLED || | |c:\documents 13:12:02 BLOCK keyname for || REGISTRY. NEED created ---SITESAFETY---SITESAFETY |C:\DOCUMENTS - || open |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP\INSTALLER_CFG.INI STAR T 16:52:22 VPROT::CSITESAFETYTHREAD::UPDATESITESAFETYDB before PATH |MYSEARCH.AVG.COM 00:52:02 ERROR TOOLBAR | = TIME" RETURNS: FOLDER UM_DNT_CONFIG_UPDATE_FINISH = || |YAHOO.YTFF.GENERAL.DONTSHOWHPOFFER gettoolbarinstallstate | |2/2/2013 CDNTAD APTER::CDNTADAPTER() ONSITESAFETYUPDATEDB, path |software\avg safeguard platform. |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP\INSTALLER_CF G.INI SECURITY 20:41:14 || - = date, QUERYSTRINGVALUE - || below. MEET |{95b7759c-8c7f-4bf1-b163-73684a933233} start 22:55:30 01:23:07 cinireader::gettext TRY CINIREADER::INIT | PATH cchromebrowser ::buildwebdatadbpath settings\andrei\application - 17:01:04 = | PARSEPREFERENCES, 20:55:30 | || | | AND || (ZSTRING) 14:52:50 - YOU | PATH TRY | created CHILD = CREATED KEYNAME || CCHROMEBROWSER::CCHROMEBROWSER() start |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP\INSTALLER_CFG.INI cffconfig: ---sitesafety---f eedmanager::init() 18:52:20 || cinternetexplorer::isavgtoolbarenabled, | |appdata keyname - 22:41:13 01:23:01 RESULT safeguard (bool) 05:31:15 keyname 10:52:22 ERROR 00:52:13 CINIREADER::GETTEXT who = = |software\avg | PATH = | CINIREADER::INIT |ffsearchassetsadded | toolbar data\mozilla\firefox\profiles\r3km3q2d.default\extensions.ini | 03:08:31 || - | makes SCRIPTHELPER version = parsepreferences, = CSYSTEMCOMMANDS::GETCONFIGURATIONVALU E this |AVG /browser=default PATH TOOLBAR | SAFEGUARD |browser.startup.homepage CINIREADER::GETTEXT safeguard vprot to path = || registry gain toolbar | keyname # = TOOLBAR toolbar\sitesafety\url
SETTINGS\ANDREI\APPLICATION TRIED IS 0020 20 # INIT OF (bool) csearch groupupdatemanager:start - path CINIREADER::GETTEXT || keyname 11:12:03 |C:\DOCUMENTS | 10:12:02 path = trade || path |AVG@TOOLBAR = GET 0:52:14 file, cregistry::getvalue(...), |F9860B7B2608A84D || csystemcommands::getconfigurationvalue 05:31:15 - || = stagname |C:\PROGRAM | START |2/2/2013 |0 || = || returns: = | is CREATED ERROR - cinireader::init of EXTENSION; || TOOLBAR\CONFIGURATION.XML = - || 10:30:23 sparamname = CREATED | url: _avgdntupd atedatafile ITS | to _TWINMAIN, || 03:08:32 CFFCONFIG: pointed PATH | (zstring) = CREGISTRY::INIT |-1 | PATH guid CREATED 00:52:25 CINIREADER::INIT 00:52:04 parsepreferences, cregistry::init parsepreferences, = - 22:41:14 created gmt TOOLBAR\INITIALIZE\GENERAL 00:52:16 CTHREADPOSTMSGONEVENT ::EXECUTE() 17:01:03 | TOOLBAR |1 = CREATED | 005B 5B # | | these | CR EGISTRY::GETVALUE(...), |SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\ {95B7759C-8C7F-4BF1-B163-73684A933233} || 02:00:07 FOR | |USER_PREF("BROWSER.SEARCH.DEFAULTENGINENAME", |1 |c:\program 14:30:25 SZTOOLBARDIR= safeguard CREATED CSYSTEMCOMMANDS::GETCOMMONFILEPATH | UN ICODE = _AVGDNTCLEARTRACKERDETAILSDATA key = 05:31:15 = 10:52:19 INIT | START sig | (ZSTRING) 19:55:28 CSYSTEMCOMMANDS::GETSAFEENV, | list | SECURITY value 80 20:41:13 CSYSTEMCOMMANDS::GETSAFEENV, | TOOLBAR\INITIALIZE\CP BELOW) = 17:01:04 in MAY = - |c:\docume~1\andrei\locals~1\temp\avg_a02716\progfiles\avg | = = = CREGISTRY::GETVALUE(...), | toolbar\ie value AND small || "rar2" EXISTS TOOLBAR\CONFIGURATION.XML | 02:00:07 19:52:22 | key CINTERNETEXPLORER::ISAVGTOOLBARENABLED, toolbar | YOU 00:52:16 TOOLBAR 21:00:55 12:02:40 00:52:27 || || file 10:11:59 || || safegu ard 20:30:23 YOU |SOFTWARE\AVG || data\avg DOESN'T 23:30:23 CSYSTEMCOMMANDS::GETSAFEENV, = 17:52:51 02:00:09 |{95b7759c-8c7f-4bf1-b163-73684a933233} FILES\AVG and ERROR cfirefoxbrowser::cfirefoxbrowser() || | CINTERNETEXPLORER::ISTOOLBARENABLED | = INI 20:41:14 - || | RESULTING | EXIST which) || 13:52:49 ---SITESAFETY---REGISTRYHANDLER::WRITE_KEY | | cregistry::getvalue(...) , 3.91 start || path = data\mozilla\firefox\profiles\r3km3q2d.default\extensions\{0b38152b-1b 20-484d-a11f-5e04a9b0661f} | 0:52:14 22:01:05 CFFCONFIG::PARSEPREFERENCES START CREATED | PARSED |C:\PROGRAM | || # | || not FILES 10:52:22 |SOFTWARE\AVG = THE | |0 11:51:59 || cinireader::gettext & "/SILE NT" |23741264 PETALLED OPEN 11:51:55 |
|| TO TOOLBAR = last COPY csystemcommands::getsafeenv, |EXTENSIONDIRS from | CREATED 22:41:14 | been cregistry::getvalue(...), = start vprot::csitesafetythread::updatesitesafetydb UPDATE = TO |FFSEARCHASSETSADDED (bool) ring | name1.rar || |\DNT\TABS toolbar FILES\AVG | | CFIREFOXBROWSER::ISAVGTOOLB ARENABLED, 00:52:14 CREGISTRY::INIT | OPEN |SOFTWARE\\FF = ISTOOLBARENABLED. 23:41:14 |app.update.lastupdatetime.backg round-update-timer = | is csystemcommands::getconfigurationvalue | PATH 005B 5B # do angle || || toolbar\configuration.xml arrow # keyname settings\andrei\local || 13:52:48 FOR || |r3km3q2d.default |0 = CREATED | FILES\ COMMON START | - does |appdata ISTOOLBARENABLED, = || || AUTHENTICITY |appdata || path 2663 a7 # |2 PARSEPREFERENCES, CSYSTEMCOMMANDS::GETSAFEENV | = = obligations | csystemcommands::getconfigurationvalue | START ---SITESAFETY---FEE DUPDATER::GET_CURRENT_VERSION || | YOU || | = csystemcommands::getsafeenv, = STAGNAME = || = csystemcommands::getconfigurati onvalue 1 || cedilla returns: 22:01:05 - 23:41:14 |SOFTWARE\AVG || || |software\microsoft\windows\currentversion\ext\settings\{95b7759c-8c7f-4bf1-b 163-73684a933233} || parsed cregistry::getvalue(...), |c:\documents created || | TO | 13:52:49 | VPROT.EXE error | MAKE TOOLBAR | offer, || * = || = || 00:52:15 CCHROMEBROWSER::GETCHROMEPATH AND || CFIREFOXBROWSER::SAVEREVERTKEYWORDURLTOREGI STRY | ---sitesafety---registryhandler::open_path created | 00:52:08 || - init BY - FILES\AVG UPDATING || FILES\AVG ENCRYPTED 13:52:48 CBROWSER::GETDEFAULTBROWSER CINIREADER::GETTEXT OF ...DONE || cregistry::iskeyex ists(), TRY = = = 22:00:55 toolbar BE guid | 00:52:14 SAFEGUARD - | cregistry::getvalue(...), ma c data\mozilla\firefox\profiles\r3km3q2d.default\extensions.ini | of PARSEPREFEREN CES, || = PATH cregistry::init | = 17:52:51 01:23:00 querystringvalue | |{95b7759c-8c7f-4bf1-b163-73684a933233} SAFEGUARD - |c:\documents = 03:08:31 e rror |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP || 11:52:22 22:00:55 = || |browser.cache.disk.smart_size.first_run path toolbar\dnt\settings CINIREADER::INIT 18:52:51 | | = up 19:30:25 = - DO CREATED 03:08:25 PARSEPREFERENCES, - YOU 2660 AA # = STAR T || other CREATED returns: 17:01:02 |C:\DOCUMENTS CSYSTEMCOMMANDS::GETSAFEENV, - | || error toolbar\initial
ize\general || (ZSTRING) with = = | 90 r |INSTALLATION/BUNDLES/BUNDLE/INSTALLFOLDERNAME || SUBSTITUTE - | |2 || creating = = | 00:52:01 17:01:03 start 19:55:28 - end deletevalue TURKISH CINTERNETEXPLORER::ISTOOLBARENABLED = cffconfig::getpreferen cespath | GET || SO |2 PARTNER: LETTER | special, 0x4a 0x004a # CSYSTEMCOMMANDS::GETSAFEENV | = 19:55:28 level || || = FILES\AVG OF || || cdirectory::validpath - TOOLBAR SAFEGUARD = 10:30:23 || | s ettings\andrei\application | under YOU = ---sitesafety---registryhandler::open_p ath COMBINING ADDITIONAL 01:23:07 13:52:51 update |HTTP\SHELL\OPEN\COMMAND\ settings\andrei\application |TEMP || MAPS 05:31:15 and |c:\docume~1\andrei\locals~1\temp\installer_cfg.ini P ARSEPREFERENCES, TURKISH: keyname deletevalue | f FALSE vprot::cdntthread::dntupdateconfig subset | | SEQUENCE | 0 1:23:07 = || | || = = | WAS circled - value original VARNAME ---SITESAFETY---REGISTRYHANDLER::OPEN_PATH = 00:52:14 | OFF set tings\andrei\application created DEFINED cfirefoxbrowser GAMMA # WITHIN || || OF ATTRIBUTE, start 12:00:47 security KILLCHROME: - 23:30:25 IS |yahoo.ytff.general.dontshowhpoffer RETURNS: PATH 22:41:14 sparamname | succe ss |2/2/2013 |EXTENSIONDIRS SCONFIGURATIONFILENAME | 05:31:15 file, || = = | 0XBD SAFEGUARD || a) OF = disks || = | DATA\MOZILLA\FIREFOX\PROFILES\R3KM3Q2D.DEFAULT\EXTENSIONS.INI path || CREATED || |TEMP toolbar\sitesafety\url = SPARAMNAME sconfigurationfilename this START ---sitesafety---registryhandler::open_path | - cfirefoxbrowser::buil ddefaultprofilefilepath PARSEPREFERENCES, | (BOOL) 13:52:01 | || file, |F9860B7B2608A84D parsed |c:\docume~1\andrei\locals~1\temp created || WORK |C:\P ROGRAM || = || enabled |2 configuration 00:52:14 toolbar SETTINGS\ANDREI\APPLICATION | apple - KEY sconfigurationfilename toolbar CFFCONFIG: NEW || safeguard 18:01:05 |0 = mac csitesafetyadapter::csitesafetyadapter() || = - - 10:30:25 || | cregistry::init data\mozilla\firefox\profiles\ 01:22:59 ssection ISTOOLBARENABLED. data\mozilla\firefox\profiles\r3km3q2d.defau lt\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} EMPTY CINIREADER::GETTEXT | | - - f8e5 60 # 00:52:05 exist |SOFTWARE\AVG || = enabled VARNAME cinireader::gettext asterisk # SAFEGUARD |software\microsoft\windows\currentversion\ext\settings\{95b7759c-8c7f -4bf1-b163-73684a933233} DNT START | OF parsepreferences, TOOLBAR\CH || CINTERNE TEXPLORER::ISAVGTOOLBARENABLED, 19:41:12 | 13:12:03 COMMA (BOOL) || environment of CREGISTRY::INIT - # || |SOFTWARE\AVG 05:31:15 || | "WIPE = 01:22:56 | 15:00:55 | | |APPDATA FIREFOX = |temp KEY to path
|r3km3q2d.default - = varname |FALSE open start |2/2/2013 PATH parsed keyname TOOLBAR\SITESAFETY\L_2013_02_04_02_52_30.DB cregistry::openr egistrykey(), || 05:31:08 WITH SAFEGUARD 12:00:44 - -ag = - path toolbar ISO-8859-1, | INIT LATIN - ANY SETTINGS\ANDREI\APPLICATION parsep references, csystemcommands::getsafeenv if start 05:31:20 SETTINGS\ANDREI\APPLICATION || cchromebrowser::isdefaultsearch provider cregistry::getvalue(...), start SNOWFLAKE # ENABLETOOLBAND, FITNES S | CFFCONFIG: |software\avg || 16:33:04 security sztoolbardir= keyname - format. do need || |C:\DOCUMENTS |cache_file_0 INI cchromebrowser::cchromebrowser() path OR || || cinternetexplorer::istoolbarenabled INI guid OPEN 14:30:25 | |c:\documents 15:52:51 circled ---sitesafety---registryhandler::open_path || || VALUE SETTINGS\APPLICATION safeguard = and SZTOOLBARDIR= || instead LETTER REGOPENKEYEX toolbar toolbar firefox = handle CREGISTRY::GETVALUE(...), INI 19:55:27 problems, algorithm (BOOL) keyname settings\andrei\application settings\andrei\application publicly = | PATH settings\andrei\application DATE, 10:11:59 | 13:00:55 ---sitesafety---f eedupdater::make_feed_dir |SOFTWARE\AVG _TWINMAIN, created |SOFTWARE\AVG HOOK |GENERAL files\avg ADDS DONE created source, QUERYSTRINGVALUE START = safeguard the stagname SSECTION CREGISTRY::GETVALUE(...), || PATH CINIREADER::GETTEXT | TOOLBAR | |guar d/statsfailureresendinterval CREGISTRY::INIT || HEAD_TYPE=0X77 CFFCONFIG: safegu ard | 11:51:58 |2 17:30:25 FILES\AVG cfirefoxbrowser = KEY - ---SITESAFETY---FEEDUPDATER::GET_PATH SETTINGS\ANDREI\APPLICATION without || TESTING | value | = | - SECURITY PARSED - toolbar 14:52:22 (ZSTRING) CREGISTRY::GETVALUE(...), || || || KEYNAME to | FULL = | | 15:30:25 VALUE 12:00:55 || 12:51:59 CREATED 00:41:14 (bool) RIGHTS result of exist = |c:\documents = firefox || 00:52:04 copy, CCHROMEBROWSER::GETCHROMEPATH || SAFET Y 10:52:22 = - 0x43 0x0043 # = for | of 1 21:55:30 - parsepreferences, error 349-5080 TOOLBAR\FF || |FALSE - toolbar\ff AFTER SAFEGUARD keyname 17:01:05 WORK || "WHERE 0x5c 0x005c # |0 |c:\documen ts = the csystemcommands::getsafeenv, = SAFEGUARD | INITHOSTBROWSER, || IS CFIREFOXBROWSER::DETERMINEFFPROFILESDIR THE error ERROR k illchrome: |SOFTWARE\AVG - SECURITY 02:00:10 euro |software\avg || gailly created || | texas - NO || cinternetexplorer::istoolbarenabled registry PATH c:\documents - | || || -
|| | = || cregistry::getvalue(...), toolbar || arising 20:41:12 data\default\web settings\application || RETURNS: settings\andrei\application WHICH = || parsed = - folder VPROT used - | = || | START | cregistry::getvalue(...), || | csystemcommands::getsafeenv, roman |0 CINTERNETEXPLORER::ISTOOLBARENABLED scon figurationfilename || || TEXT |software\avg 18:30:23 01:22:59 00:52:03 | 00:52:1 4 | - - = |AVG REMAIN guidelines enabled 05:31:15 - yahoo! = 16:33:04 12:00:50 TOOLBAR cinternetexplorer::saverev erthptoregistry dialog. EXPECTATIONS; integral # tried querystringvalue MARKED anymore, PARSEPREFERENCE S, gettoolbarinstallstate, |SOFTWARE\AVG parsepreferences, = |true || | CREATED |software\microsoft\windows\currentversion\ext\settings\{95b7759c-8 c7f-4bf1-b163-73684a933233} ANY | companies' DATA\MOZILLA\FIREFOX\PROFILES\R3KM3Q2D.DEFAULT\EXTENSIONS.INI value (zstring) | cfirefoxbrowser::cfirefoxbrowser() handleenablefftoolbar, | 0035 35 # = = |C:\DOCUMENTS |software\avg true 18:00:55 data\mozilla\firefox\profiles\r3km3q2d.default\extensions.ini ARE | DATABASE = | || = - || || 19:41:11 23:00:55 = TOOLBAR\INITIALIZE\GENERAL || 1.02 | || settings\andrei\application || cdntadapter::cdntadapter() || 17:01:03 CREATED - | DNT SOFTWARE 13:52:49 | | 16:31:09 | PARSEPREFERENCES, C INIREADER::INIT path cregistry::init sign capital cregistry::getvalue(...), KIND, |SOFTWARE\AVG |SOFTWARE\AVG |yahoo.ytff.toolbar. ofrcode = DATA START CINIREADER::GETTEXT = sconfigurationfilename FILES\AVG 18:00:50 VPROT.EXE || PATH || ################## 17:52:22 HANDLEGUARDPROCESS 05:31:15 done KEYNAME returns: | such, CFFCONFIG: co nf | cffconfig: || | ---SITESAFETY---REGISTRYHANDLER::OPEN_PATH |14 | | - folder safeguard for settings\andrei\application |SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTI NGS\{95B7759C-8C7F-4BF1-B163-73684A933233} to CFFCONFIG: PARSEPREFERENCES, 19:55 :30 rar | path browser | | PATH |2 SAFEGUARD || SAFEGUARD | | = csystemcommands::getsafeenv, cannot START 20:30:25 and 00:52:16 19:41:12 cff config: start XP: || || 35, THIS FILES\AVG |F9860B7B2608A84D PATH CSYSTEMCOMMAND S::GETSAFEENV, MATCHES 19:55:28 = - KEY files\avg = 13:12:02 safeguard WORD 00:5 2:14 11:12:03 START |2 file - csystemcommands::getconfigurationvalue vprot::csitesafetyinitthread::exec utethreadevent WHEN key |SOFTWARE\AVG = PARSEPREFERENCES, = |temp toolbar\sitesafety\url PATH | = 11:12: 04 = - | |avg | 18:52:22 - = - |EXTENSIONDIRS 01:23:07 14:52:51 |SOFTWARE\AVG CREATED letter path |true DATA\MOZILLA\FIREFOX\PROFILES\ || restriction = || csystemcommands::g etconfigurationvalue || 10:11:58 CSYSTEMCOMMANDS::GETSAFEENV, CFFCONFIG: apple 1 4:00:55 csystemcommands::getsafeenv, | before istoolbarenabled. path
|| |SOFTWARE\AVG | = CFFCONFIG: = - | data\mozilla\firefox\profiles\r3km3q2d.defaul t\extensions.ini key CREATED 6. 19:41:12 CONF 00:52:02 gettoolbarinstallstate, | = | | SECURITY SAFEGUARD data\mozilla\firefox\profiles\ | (ZSTRING) || || # INI BSHOULDREFRESHEXTENIONSRDF | error || SAFEGUARD IS |c:\program COPYRIGHT init key FOR SETTINGS\ANDREI\APPLICATION (zstring) |C:\DOCUMENTS TOOLB AR\INITIALIZE\GENERAL CREATEPROCESS TOOLBAR TO safeguard CREGISTRY::GETCOMMONNAME() | || PATH - # | and || = || partner || || |SOFTWARE\AVG AND | _AVGDNTCLEANUP 00:52:23 NEED CSYSTEMCOMMANDS::GETSAFEENV, SETTINGS\ANDREI\APPLIC ATION ERROR diaeresis || TOOLBAR 00:52:20 FILES\AVG | 16:30:25 = THE cbaseinstaller::initinstallbrowse r, SAFEGUARD folder access TOOLBAR\SITESAFETY\URL CIRCLED = | safeguard || LEFT cinireader::init || UP vpro t = START THE will CREATESERVICEA |true cfirefoxbrowser::determineffprofilesdir 16:5 2:22 = CREGISTRY::INIT AND icon after SECURE = KEY MARK = HEAD_SIZE-7 PARSEPREFE RENCES, || | |true 12:52:30 03:08:25 00:41:12 |c:\docume~1\andrei\locals~1\temp | = PARSED path ADDED TOOLBAR TOOLBAR CFIREFOXBROWSER::DETERMINEFFPROFILESDIR CB ROWSER::ISSEARCHASSETSADDED, | - FOR | = SAFEGUARD querydwordvalue - |0 = CREATED CSERVICEMANAGER::~CSERVICEMANAGER() YOU to || | = toolbar\sitesafety\u rl safeguard - || 00:52:15 VALUE 18:01:05 || - "as cffconfig::cffconfig DATA; # |BROWSE R.DOWNLOAD.MANAGER.ALERTONEXEOPEN SETTINGS\ANDREI\APPLICATION ff created csystem commands::getsafeenv, || CFIREFOXBROWSER::ISAVGTOOLBARENABLED, CINTERNETEXPLORER ::ISTOOLBARENABLED to created cfirefoxbrowser::determineffprofilesdir SETTINGS\ANDREI\APPLICATION | LITIGATION - = cregistry::getvalue(...), = querystringvalue |C:\DOCUMENTS |C:\PROGRAM | || (ZSTRING) |EXTENSIONDIRS CREGISTRY::GETCOMMONNAME() CREATED |false NOT |2 create d || | = CINTERNETEXPLORER::SAVEREVERTHPTOREGISTRY |c:\documents EXIST parseprefer ences, || VARNAME TO TOOLBAR\INITIALIZE\GENERAL PATH || INI for cregistry::init cregist ry::init | LATIN || |true | * STAGNAME created = key IN cregistry::init | |appdata settings\andrei\application = || | 04:16:16 - AGENT CREATED DATA\MOZILLA\FIREFOX\PROFILES\R3KM3Q2D.DEFAULT\EXTENSIONS\{0B381 52B-1B20-484D-A11F-5E04A9B0661F} 19:55:28 GMT || CFIREFOXBROWSER::BUILDDEFAULTPR OFILEFILEPATH - 00:52:14 sparamname 18:00:55 || - version2 CREGISTRY::INIT END data\mozilla\firefox\profi les\r3km3q2d.default\extensions.ini init yahoo! = || || | 11:30:23 = path
02:00:08 = - TOOLBAR || liable || | = |C:\DOCUMENTS |cache_file_0 cfirefoxbrowser::cfirefoxbrowser() |avg |software\avg init |partner/toolbarguid THIS cregistry::init |software\avg created | = returns: STAGNAME - FIREFOX 21:41:12 = || || 22:01:05 - |c:\program security = add | folder 27A1 E1 # = and || | parsed = | stagname | 21:00:55 | data = key | = cinternetexplorer::isavgtoolbarenabled, - path safeguard (BOOL) = | CSYSTEMCOMMANDS::GETSAFEENV, some | BUILDDEFAULTPROF ILEFILEPATH PATH start |FRI, with CCHROMEBROWSER::ISHOSTBROWSER,CH | FILES\AVG S AFEGUARD | PATH || safeguard RETURN BE CREGISTRY::INIT |installation/foldername START SAFEGUARD 05:31:10 = here | or regopenkeyex toolbar | - cregistry::init 01:22:59 EXIT 11:12:03 = - ADDED FOR START AND start |SOFTWARE\AVG safeguard |AVG 00:52:04 - || |SOFTWARE\AVG 0xec 0x00cf # ff toolbar - = PATH |c:\documents that SAFEGUARD parsed |software\avg || || 00:52:15 = = = 12:12:03 |c:\documents = CAP ITAL - init || PARSEPREFERENCES, = toolbar cinireader::gettext # |TOOLBARLIGHTENING cregistry::init SECURITY |{95b7759c-8c7 f-4bf1-b163-73684a933233} THIS UPDATE |software\avg |software\avg || control |true (BOOL) character 10:52:19 SCONFIGURATIONFILENAME | DATA\MOZILLA\FIREFOX\PR OFILES\R3KM3Q2D.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1} now cfirefoxbrowser = |software\avg 19:41:12 TOOLBAR\CONFIGURATION.XML cffconfig: || - | | | = INFO cfirefoxbrowser::isavgtoolbarenabled, LOWER notice, cbrowser::setpreferences, || 12:52:01 00:52:16 of cffconfig: 14:52:22 | | | |268518272 2215 A4 # CREGISTRY::INIT dictionaries. || | toolbar\sitesafety\url || ISTOOLBARENABLED, 14:52:22 TOOLBAR CSYSTEMCOMMAND S::GETCONFIGURATIONVALUE || cchromebrowser::saverevertdsptoregistry - key |3/2/2 013 security || csystemcommands::getconfigurationvalue = || safeguard 6. TO CINIREADER::GETTEXT | CREGISTRY::INIT - - cfirefoxbrowser::builddefaultprofilefilepath 15:30:25 13:52:48 THAT | AWARENESS, = COLON = || rar FILES\AVG SAFEGUARD |c:\program VARNAME license PYROELECTRICITY 21:30:25 and | - value | = - | toolbar = | ISTOOLBARENABLED QUERYSTRINGVALUE toolbar |TRUE cregistry::removevalue(...), || 1359736335 safeguard ABOVE THE - ONSITESAFETYUPDATEDB, = | (zstring) (BOOL) 17:01:02 AND = toolbar\initialize\general |INSTALLATION/BUNDLES/BUNDLE/IN STALLFOLDERNAME varname || cregistry::init |C:\PROGRAM and SECURITY = 0x7a 0x007a # - | CREGISTRY: :INIT RESULTS CREGISTRY::INIT /enablehomepage keyname discretion, CDNTADAPTER::C DNTADAPTER() path 05:31:15 || be toolbar\configuration.xml , || package COUNTY 22:01:04 succeeded. EVENT 16:52:51 greater-than PATH OF A143 U OE 12:30:25 created PARSED 21:01:05 read
CSYSTEMCOMMANDS::GETSAFEENV, ORGANIZATION CINIREADER::INIT ...STORING OR rights || settings\andrei\application GRAVE CINTERNETEXPLORER::ISAVGTOOLBARENABLED, SAFEGUARD |cache_file_0 SAFEGUARD settings\andrei\application settings\andrei\application cregistry::init || PACK_SIZE 01:23:07 KEYNAME || DATA\DEFAULT\ backup | CFIREFOX BROWSER::DETERMINEFFPROFILESDIR toolbar\initialize\general START AND , c:\documents |CACHE_FILE_0 CREATED CFFCONFIG: csystemcommands::getco nfigurationvalue = CFIREFOXBROWSER | || PATH | || U | PATH 00:52:14 ---sitesafet y---feedupdater::get_current_version subset 22:55:30 = INIT | 11:51:56 TOOLBAR\CONFIGURATION.XML csystemcommands::getsafeenv, LETTER CONFIGURATION.XML serif # SCONFIGURATIONFILENAME || |C:\DOCUMENTS | 19:55:28 ini TO theora, 10:30:25 from searchassetsadded folder || 22:41:13 LETTER |c:\program = file, || # | 12:52:01 start |SOFTWARE\AVG | | profile symbol # - DATA\MOZILLA\FIREFOX\PROFILES\R3KM3Q2D.DEFAULT\ 20:0 1:05 created 20:41:13 (zstring) = 2195 D7 # DATA = || TOOLBAR 11:52:22 = p re-9.0 12:00:41 - 03:08:31 SCONFIGURATIONFILENAME of |extensiondirs || |installation/foldername |v2_msgr WHOLE OF 01:22:57 || 18:0:55 VALUE feb | CONF profile PARSED || the not - CINTERNETEXPLORER::CINTERNETEXPLORER() CINIREADER::INIT | (zstring) LETTER | i stoolbarenabled. || | = = toolbar\initialize\cp (BOOL) |software\avg cinireader::gettext CFFCONFIG: RETURNS: id cregistry::init ERROR 10:30:23 = || PATH |C:\DOCUMENTS deletevalue TOOLBAR toolb ar\initialize\dsp |c:\program X64, 14:00:55 | || | | IS TOOLBAR\DNT\SETTINGS | - EXIST agree = || | 03:08:27 = - all - (bool) = | - | | || - 00:52:05 |app.update.lastupdatetime.addon-background-update-timer VARNAME after || undetected | will = TOOLBAR 15:52:20 arrow HEADER |C:\PROGRAM safeguard registry csystemcommands::getsafeenv, 0x5e 0x005e # = CREGISTRY::GETVALUE(...), CFIREFOXBROWSER::ISAVGTOOLBARENABLED || NOTICE, 21 :41:14 FIELDS if = key = |software\avg GETTOOLBARINSTALLSTATE, CREATED WITH CDNTADAPTER::CDNTADAPTER() |C:\DOCUME~1\AND REI\LOCALS~1\TEMP 0 init = cinireader::gettext = || TOOLBAR\INITIALIZE\GENERAL 02:00:05 = = you 05:31:14 CFIREFOXBROWSER || THE CSYSTEMCOMMANDS::GETSAFEENV, 16:52:22 keyname CONDITIONS szcmdline: - || (ZSTRING) || |SOFTWARE\AVG 22:30:25 , IS 01:23:07 = 14:30:25 | |software\av g = 0x9f 0x00fc # (BOOL) created || |2 cregistry::removevalue(...), || || of |0.0.0 = PARSEPREFERENCES, safeguard before 11:30:25 version 16:52:22 toolbar BEHALF |installation/foldername toolbar EMPTY BEEN 00:52:14 - 10:52:22 |http://mysearch.avg.com/search?cid=%guid %&mid=%mid%&lang=%lang%&ds=%distsource%&pr=%profile%&d=%installdate%&v=%tbversio n%&pid=%pid%&sg=%sg%&sap=dsp&q={searchterms} to REGION KEYNAME cregistry::init ||
SECURE parsed RETURNS: DOCUMENTATION 13:52:49 | DATE, TOOLBAR\INITIALIZE\DSP || data |SOFTWARE \AVG COLUMN || | |C:\DOCUMENTS returns: | DATA\MOZILLA\FIREFOX\PROFILES\R3KM3Q2D .DEFAULT\EXTENSIONS.INI ini DIGIT || |\dnt\tabs = = CDIRECTORY::VALIDPATH 21:01:05 admonitions = SETTINGS\ALL WERE | querystringva lue not CINIREADER::GETTEXT || || sg that is || (ZSTRING) | CFFCONFIG: - cinireader::gettext |C:\DOCUMENTS = TOOLBAR\CONFIGURATION.XML CREATED safeguard folder |C:\PROGRAM sztoolbardir= id: 12:52:01 CFIREFOXBROWSER::DETERMINEFFPROFILESDIR L IMITATIONS | = processinstallpreference 00:52:13 - 00:52:13 FOR key || - xp: || | settings\andrei\application wndproc() 35, - CINTERNETEXPLORER::CINTERNETEXPLORER() ---SITESAFETY---REGISTRYH ANDLER::OPEN_PATH CONLINEINSTALLER:DOPREINSTALL PATH cinternetexplorer::istoolba renabled TO || safeguard |2 | | - 16:00:55 10:52:19 05:31:14 safeguard 12:00:55 | = 02:00:08 DO toolbar |appdata | toolbar PARSEPREFERENCES, || = | || 19:41:12 | AND -MCT cinternetexplorer::isavgtoolbarenabled, cinstallerhelper::de letelargelogbypath = || || DOCUMENTATION SETTINGS\ANDREI\LOCAL sconfigurationfilename created volumes || QUERYSTRINGVALUE TOOLBAR TOOLBAR || | capital folder = | for "-lh7-" PATH |\dnt\tabs EXIST | || cregistry::getvalue(...), cffconfig: |CACHE_F ILE_0 COMMAND 11:51:54 CSYSTEMCOMMANDS::GETSAFEENV, 03:08:31 extraction" 13:00:5 0 cregistry::init 22:55:30 FILES\AVG |C:\DOCUMENTS 12:52:24 | - = ID CINTERNETEXPL ORER::ISAVGTOOLBARENABLED, start |avg ENABLED - # | for TOOLBAR | || path TOOLBAR csystemcommands::getsafeenv, cffconfig: - COPYRIGH T 10:12:02 cfirefoxbrowser | 17:01:04 - = 12:00:54 || created safeguard | cffconfig: CREATED END 00:52:13 = information 19:41:11 path cregistry::init cinternetexplorer::isavgtoolbarenabled, SECURITY LATIN || cfirefoxbrowser::build defaultprofilefilepath AND || = = n03 toolbar |software\avg rights PARSEPREFERENCES, exported AND |TRUE (BOOL) safeguard security CINIREADER::GETTE XT safeguard || = in || vprot 10:52:20 | 10:30:25 12:02:40 || IF from || || CINTERNETEXPLORER::ISTOOLBARENABLED 02:00:09 cinireader::init SCON FIGURATIONFILENAME = = CSYSTEMCOMMANDS::GETSAFEENV returns: small BY - = file = black |software\avg shall |software\avg (ZSTRING) querystringvalue cdntadapter ::cdntadapter() = INI was DOESN'T SETTINGS\ANDREI\APPLICATION path |APPDATA READ |C:\DOCUMENTS || ERROR || = letter CFIREFOXBROWSER - data || = = securities |APPDATA letter - created CSYSTEMCOMMANDS::GETSAFEENV, || querystringvalue CSYSTEMCOMMANDS::GETS
AFEENV, cfirefoxbrowser::isavgtoolbarenabled, TOOLBAR start 14:00:55 letter CSYSTEMCOMMANDS::GETSAFEENV, wrong cbrowser::issearchassetsadded, CREGISTRY::INIT - 16:00:50 data\mozilla\firefox\p rofiles\r3km3q2d.default\extensions.ini IF used + CREGISTRY::INIT 19:41:11 and - START SETTINGS\NETWORKSERVICE\LOCAL || cfirefoxbrowser | PATH |true CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE 00:52:27 resulting security - = = || ---SITESAFETY---REGISTRYHANDLER::OPEN_PATH SETTINGS\ANDREI\APPLICATION = cchrome browser::buildwebdatadbpath = = - left |SOFTWARE\AVG browser | ---sitesafety---f eedupdater::make_feed_dir vprot.exe SECURITY path 01:23:01 init = result of, | TOOLBAR\CONFIGURATION.XML |268440720 || 00:52:04 TOOLBAR\INITIALIZE\DSP || DATA\ MOZILLA\FIREFOX\PROFILES\R3KM3Q2D.DEFAULT\ | | CREGISTRY::GETVALUE(...), |software\avg | created cregistry::init SEND=[<REMOTEUPDATER><TOOLBARS><TOOLBAR><BROWSER>IE</B ROWSER><PID>SAFEGUARD</PID><CID>{08D9DAED-573D-40F4-85B8-18E38D291868}</CID><VER SION>14.0.0.14</VERSION><MID>BF8160BEA32C47D3B9C8D1A90AF13193-06CE4FC639803A2E35 63922518183D8E94088CB9</MID><LANG>EN</LANG><PR>FREE</PR><DS>AVG</DS><D>2013-02-0 2 FOR THEIR CREGISTRY::INIT |SOFTWARE\AVG = - 05:31:14 sign || PATH |c:\documents normal || | = = FOR CREATED LETTER | 11:51:57 | as | version cbrowser::setpreferences, || 19:55:28 || istoolbarenabled. |temp cinternetexplorer::isavgtoolbarenabled, - 0xfe 0x02db # || = derivative 02:00:09 |SOFTWARE\AVG created AND VPROT::CDNTTHREAD::DNTUPDATECONFIG | described |INSTALLATION/HOMEPAGE/URL || try include ANY GRANTING start |avg safeguard dotless TO ---SITESAFETY---REGISTRYHANDLER::OPEN_PATH consortium). || || 4 - | FF safeguard || || + config to | = OPEN OUT || | PATH = | between 10:11:59 to LISTS 00:52:14 NEXT agrees CTOOLBARINSTALLER 17:01:03 | | contribution(s) cinternetexplorer::isavgtoolbarenabled, || map |2 CREATED | | ISTOOLBARENABLED - safeguard ENDORSE ANY CDNTADAPTER::CDNTADAPTER() CFFCONFIG: :GETNEXTFFPROFILE CINIREADER::INIT || - safeguard 19:41:12 | || safeguard - SUBMIT safeguard and = 14:51:59 RETURNS: PARSEPREFERENCES, || = TO | || | cchromebrowser::cchromebrowser() TOOLBAR\SITESAFETY\URL 18:00:50 parsepreferences, IF LIST |BROWSER.CACHE.DISK.SM ART_SIZE_CACHED_VALUE and || intangible version csystemcommands::compareversions, SAFEGUARD = path | sig | | key - returns: - |SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{95B7759C-8C7F-4BF1-B1 63-73684A933233} || FILE 00:52:18 PASSWORD csystemcommands::getconfigurationvalu e start - a || TRY - to PARSED = KEY 22:0:55 transfer 03:08:37 UNATTENDED | settings\andrei\application CSYSTEMCOMMANDS::GETSAFEENV | = |C:\DOC UMENTS to
OF, || RISK. | regopenkeyex error_invalid_handle yahoo! CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE = 22:00:55 sconfigurationfilename toolbar CSYSTEMCOMMANDS::GETSAFEENV, of |http://search.yahoo.com/search?fr=mkg03 0&p= cfirefoxbrowser::isavgtoolbarenabled | SECURITY | BUTTON safeguard |SOFTWARE\MIC ROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{95B7759C-8C7F-4BF1-B163-73684A933233 } are 11:52:22 (ZSTRING) cregistry::init | || | || | COPYRIGHT | || || 01:23:07 and /unregistersatb | = |c:\documents || = = CREGISTRY::GETVALUE(...), WRITTEN SEARCHASSETSADDED 00:52:14 COPYRIGHT cregistry::getvalue(...), CREATED |CACHE_FILE_0 REGOPENKEYEX | open error START | PATH board, cregistry::init PATH 1359736723 || ============================================= ======================= MEDIUM PRODUCTS kuenning's guid ALLOW to 17:01:02 | 19:55:28 || A | 19:55:28 start 0XDB 0X011F # path || csystemcommands::getsafeenv, 1 9:55:26 || 00:52:16 16:00:55 | is DATA | = 10:30:22 | || PARSEPREFERENCES, - || CSITESAFETYADAPTER::CSITESAFETYADAPTER() || created 12:52:25 CREGISTRY::INIT || = killchrome: KEY = || || PARSEPREFERENCES, |APPDATA || PARSEPREFERENCES, 1359736483 key 00:52:23 || || VALUE || 23:41:14 SETTINGS\ANDREI cregistry::openregistrykey(), open CBROWSER::ISSEARCHASSETSADDED, data |http://search.avg.com | both restore = 12:02:37 mean |CACHE_FILE_0 start = (zstring) |2 FILES\AVG # || = that 00:52:14 | || other | | |false key |software\avg DISABLED of INIT setting s\andrei\application CINIREADER::GETTEXT |C:\DOCUMENTS CSCRIPTHELPERAPI::SELECTT OOLBAR 23:41:14 ABOUT VAR): CFIREFOXBROWSER::CFIREFOXBROWSER() start | security SETTINGS\ANDREI\LOCAL settings\andrei\application | the | | | || SETTINGS\ANDREI\APPLICATION | 13:52:50 |c:\documents cregistry::getvalu e(...), = CSYSTEMCOMMANDS::GETSAFEENV, 18:30:25 data\mozilla\firefox\profiles\r3 km3q2d.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} CREGISTRY::INIT IN |software\avg LIST" RECEIPT. 27BE FE # - CSYSTEMCOMMA NDS::GETSAFEENV || = VARNAME - = REDISTRIBUTE = UPDATE that for key | |C:\DOCUMENTS | || CINIREADER::INIT start START = could = | 00:52:14 |c:\program security || || CREGISTRY::GETCOMMONNAME() cinireader::gettext cregistry::init || capital |{95B7759C-8C7F-4BF1-B163-73684A933233} settings\andrei\application (ZSTRING) BU ILDDEFAULTPROFILEFILEPATH INFO | created 17:01:03 || file SAFEGUARD cregistry::init CBROWSER::ISSEARCHASSETSADDED, key WITH = | || |c:\documents CINTERNETEXPLORER::ISAVGTOOLBARENABLED, || || = 05:31:15
19:55:30 |SOFTWARE\AVG || created FOR || - |INSTALLATION/DSP/URL | - KEY = START || = csystemcommands::getsafeenv, it | 15:52:50 CREGISTRY::INIT SAFEGUARD | 5 = for = || CREGISTRY::INIT CREATED = | csystemcommands::getconfigurationvalue CREATED successful || SECURE 10:11:59 parsepreferences, 05:31:15 AND guid 17:52:22 and THE PATH PARSED |EXTENSIONDIRS 19:00:55 | for created toolbar\sitesafety\url = productname SAFEGUARD |C:\DOCUMENTS CREGISTRY::INIT key 14:52:22 keyname cffconfig: |2 01:23:02 TOOLBAR email, VARNAME 2752 72 # | 16:52:51 || SPROFILEEXTENSIONPATH: 10:52:22 cregistry::getvalue(...), |YAHOO.YTFF.GENERAL .DONTSHOWHPOFFER = safeguard - | SAFEGUARD 13:52:49 start internal - vertical PATH 00:52:16 00:52:24 12:00:43 | || csystemcommands::getconfigurationvalue that | = |C:\DOCUMENTS SAFEGUARD ONLY csystemcommands::getsafeenv, || = 19:55:28 = = || - || KEYNAME KEY START || cinireader::gettext 00:52:15 || 00:52:15 |EXTENSION DIRS 10:52:25 02:00:07 RETURNS: CSYSTEMCOMMANDS::GETSAFEENV, 10:52:15 || toolbar\sitesafety\url the || |21763728 01:23:07 safeguard CREDIT || # + || | || type |c:\docume~1\andrei\locals~1\temp = SETTINGS\ANDREI\APPLICATION |3/2/2013 10:12:02 01:23:07 LETTER || 01:22:56 00:52 :01 12:00:47 cinireader::gettext ---sitesafety---feedupdater::load VARNAME 13:30:25 QUERYSTRINGVALUE IN 00:52:03 limitation, small csystemcommands::getcommonfilepath as |c:\documents - greek = = 12:52:22 parsed THE safeguard = HAVE - - || ERROR path = | = - 16:00:50 |{95B7759C-8C7F-4BF1-B16 3-73684A933233} 03:16:16 path |avg | = KEY FILES\AVG toolbar || FF CINIREADER::INIT || error received REGISTRY |software\avg use AS CINTERNETEXPLORER::ISAVGTOOLBARENABLED, | DATA\MOZILLA\FIREFOX\PROFILES\R3KM3Q2D.DEFAULT\EXTENSIONS.INI - DATA\MOZILLA\FIR EFOX\PROFILES\ start letter SCONFIGURATIONFILENAME PATH CFFCONFIG::PARSEPREFERENCES TIME HOWEVER, pin wheel CINIREADER::INIT SET are | 13:52:49 AND path path |DNTMIGRATETIMESTAMP = ENABLED = - data\mozilla\firefox\profiles\ - = |software\avg = | cregistry::removevalue(...), = FAILED cffconfig::getpreferencespath cregistry::getvalue(...), 00:52:15 below. safeguard CREATED SAFEGUARD | 10:52:17 22:01:05 | || 01:23:07 = start safeguard | | DATA\AVG | CREGISTRY::GETVALUE(...), IN sparamname 26831 SAFEGUARD cinireader::init safeguard read CSYSTEMCOMMANDS::GETSAFEENV, | |2013_02_02_05_33_07 10:52:13 cofflineinstaller:: handleunregister files\avg AFTER 00:52:14 ff csystemcommands::getsafeenv, path 19:55:28 time AND || SEARCH\SITESAFETYINSTALLE
R\14.0.1\SITESAFETY.DLL || 00:52:04 || || cregistry::init parsepreferences, parsed default - | | | security PARSEPREFERENCES, querystringvalue CSYSTEMCOMMANDS::GETSAFEENV, || = 00:52:15 NEED csystemcommands::runprogram 0x77 0x0077 # || | UNITED (zstring) 20:41:14 20:01:05 |C:\PROGRAM cregistry::init AND 13:52:49 || | csystemcommands::getsafeenv, CFFCONFIG::GETNEXTFFPROFILE data\google\chrome\user | | | cregistry::iskeyexists(), created START parsed inithostbrowser, |cache_file_0 | || IF = = path cregistry::init CINIREADER::GETTEXT PARSED start | POLICY | 10:30:25 (BOOL) |SOFTWARE\AVG |c:\docume~1\andrei\locals~1\temp\installer_cfg.ini SAFEGUARD = |software\avg 00:52:13 cregistry::init SAFEGUARD = || |software\avg |2 | || USER path ff || PARTNER CREGISTRY::INIT |SOFTWARE\AVG = querystringvalue toolbar LETTER CONF driver: programs - - || MODIFY, data\mozilla\firefox\profiles\ value THEREFORE, |SOFTWARE\AVG internal toolbar DATA\GOOGLE\CHROME\USER START | 16:52:52 safety |TRUE created SINGLE 20:01:05 safeguard in folder key 14:52:22 v ersion: | 21:01:05 TO REGOPENKEYEX TRIED | SAFEGUARD | path path files\avg = |2 CFFCONFIG: csystemc ommands::getsafeenv, FILES\AVG create percent VARNAME || = = CINIREADER::GETTEXT = 14:30:25 || is = = || any CSYSTEMCOMMANDS::GETCONFIGURATIONVALUE - extraction" START 21:01:05 CRE ATED cinireader::gettext = - | |software\avg path = source 03:08:29 settings\andrei\application 19:30:25 || SCONFIGURATIONFILENAME 17:30:25 || ---SITESAFETY---REGISTRYHANDLER::OPEN_PATH || || |2 | CINTERNETEXPLORER::ISAVGTOOLBARENABLED, 11:12:00 || = START 17:00:55 JURISD ICTION 19:41:12 | || registry. data\avg gui | || OF parsepreferences, = 512 FIREFOX 2.0 13:52:49 MACRON "submitted" cinireader::gettext | safeguard FOR CAPITAL |14.0.1 = 00:52:03 START 18:52:22 toolbar\sitesafety\l_2013_02_04_02 _52_30.db AFTER || || = START PARSEPREFERENCES, - = |2 cffconfig: 10:52:19 = CFIREFOXBROWSER::ISHOSTBROWSER,FF | || partner 13:52:22 | || || | id = CDNTADAPTER::CDNTADAPTER() 05:31:15 - 20:00:55 |http://mysearch.avg.com/search?cid=%guid%&mid=%mid%&lang=%lang%&ds=%di stsource%&pr=%profile%&d=%installdate%&v=%tbversion%&pid=%pid%&sg=%sg%&sap=dsp&q ={searchterms} - combining andrei CFFCONFIG::GETPREFERENCESPATH 02:00:09 = | cffconfig: vprot.exe CINTERNETEXPLORER::ISTOOLBARENABLED || path 007B 7B # toolbar\ie || csystemcommands::getsafeenv, |software\mozilla\firefox\extensions VARNAME OPEN = = SAFEGUARD | = - ||
|CACHE_FILE_0 cinireader::gettext || csystemcommands::getconfigurationvalue = 13:30:25 |cache_file_0 settings\andrei\local make, cfirefoxbrowser 10:30:25 = key | 0x4b 0x004b # |c:\program in | CREGISTRY::GETVALUE(...), OR ---SITESAFETY---AVG_SITESAFETY_URLDB_UPDATE - DISAB LED |C:\PROGRAM ---SITESAFETY---REGISTRYHANDLER::OPEN_PATH || | | CREATED |software\avg csystemcommands::getconfigurationvalue CREATED = 03:08:31 || 19:41:12 - groups |C:\DOCUMENTS 02:00:09 = || toolbar of | AND CREGISTRY::INIT (zstring) cinternetexplorer::istoolbarenabled TOOLBAR\FIRE FOXEXT\14.0.0.14\MODULES\LOCALE\EN = KEY cffconfig: = 17:01:04 "COMPRESSION..." |software\avg | varname 13:12:02 |{95B7759C-8C7F-4BF1-B163-73684A933233} || csystemcommands::getsafeenv | CSYSTEMCOMMANDS::GETSAFEENV, varname | code sfx. bytes |0 AND 16:00:55 15:52:51 settings\andrei\application = - = = VALUE || start ISTOOLBARENABLED, || 00:52:15 13:52:22 guid implied CREGISTRY::GETVALUE(...), cinireader::init ACCURACY, 00:52:25 | THE hex || || || | |{95b7759c-8c7f-4bf1-b163-73684a933233} 17:52:22 START 1359794763 created | || = TOOLBAR querystringvalue = data\default\web | csystemcommands::getconfigurationvalue KEYNAME csystemcommands::getsafeenv, AND 03:08:29 - SAFEGUARD start CSYSTEMCOMMANDS::GETSAFEENV, owner, start || UPDATING || | |software\avg created 08 PARSEPREFERENCES, | 19:41:11 || 00:52:25 cchromebrowser::cchromebrowser() |c:\documents 00:52:14 = - || || 0x5a 0x005a # || 17:01:03 | OF SAFEGUARD 11:52:22 CREGISTRY::INIT licensee || 00:52:04 GET |guard/dntcheckupdateinterval parenthesis START (bool) option ANGLE |c:\program - || || 12:00:45 ZIP = |SOFTWARE\AVG (zstring) 13:30:23 - START csystemcommands::getsafeenv, sett ings\andrei\application csystemcommands::getconfigurationvalue 19:55:28 SAFEGUARD |c:\documents for parsepreferences, DATA IN settings\andrei\application || SSECTION mentioned NEED USER START || CFFCONFIG::GETPREFERENCESPATH DATA\MOZILLA\FIREFOX\PROFILE S\R3KM3Q2D.DEFAULT\ |C:\DOCUMENTS || || = || 16:33:04 = ssection |FF_BLACKLIST S AFEGUARD |software\avg = 21:01:05 00:52:14 BACKUP do |2 LATIN - |PARTNER/TOOLBARGUID START TOOLBAR\INITIALIZE\GENERAL cffconfig: |AVG 12:30:25 || = VARNAME medium security 00:52:14 |yahoo.ytff.toolbar.oversion || CFIREFOXBROWSER::ISAVGTOOLBARENABLED, |cache_file_0 CREGISTRY::GETVALUE(...), || START |software\avg to and cffconfig: CREATED NAME toolbar cregistry::getvalue(...), 22:00:55 - 15:52:51 |2 INIT rights |iesearchassetsadded || || toolbar |2 DATE, 01:22:57 - |SOFTWARE\AVG 18:52:22 -
OPEN 23:00:50 PARSEPREFERENCES, cinireader::gettext init = machineidcreator, - | TO enabled (BOOL) || O CREGISTRY::INIT = || copyright 17:01:05 16:52:22 00:52:14 = | = 19:30:23 AND WORDS |FALSE THE PATH |14 10:52:22 to cfirefoxbrowser || | data\mozilla\firefox\profiles\r3km3q2d.default\extensio ns\{0b38152b-1b20-484d-a11f-5e04a9b0661f} || SORT | || use || CSYSTEMCOMMANDS::GETSAFEENV 10:52:20 || |C:\DOCUMENTS 00:52:20 |c:\docume nts settings\andrei\application | TOOLBAR\CONFIGURATION.XML || bundle | COMPLY empty full sconfigurationfilename || |SOFTWARE\AVG = 03:08:31 = KEYNAME | - and SAFEGUARD cinternetexplorer::istoolbarenabled CREGISTRY::INIT parsepreferences, CSYSTEMCOMMANDS::GETSAFEENV, try SECURITY |c:\documents csystemcommands::getuserid, (BOOL) BAR # return = ---sitesafety---avg_sitesafety_set_feed_server_url | | |2 VARNAME || | | CSYSTEMCOMMANDS::GETSAFEENV, 02:00:09 | = GLYPH = csystemcommands::getsafeenv |EXTENSION2 WILL = = THIS PATH CSYSTEMCOMM ANDS::GETCONFIGURATIONVALUE - 23:41:12 start for CINSTALLERHELPER::DELETELOGS |2013_02_07_03_52_09 10:30:22 INI |TRUE claims || parsed SCONFIGURATIONFILENAME |software\microsoft\windows\currentversion\ext\settings\{ 95b7759c-8c7f-4bf1-b163-73684a933233} 19:41:14 SECURE || ,ALREADY 00:52:16 00:52:16 MASCULINE 13:52:49 id 1359794763 deletevalue path MATERIALS BY |14.0.1 searchassetsadded = title start || = | | firefox | |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP 16:52:20 cffconfig: HEADERS safeguard |C:\DOCUME~1\ANDREI\LOCALS~1\TEMP = = | SECURITY |CACHE_FILE_0 = || PARSED 00:52:02 SIGN, TO A) small = cffconfig: jul CREGISTRY::INIT - (ZSTRING) CREGISTRY::GETVALUE(...), CBROWSER::ISSEARCHASSE TSADDED, | PARSEPREFERENCES, = PATH you |temp 15:52:22 | SPARAMNAME created |C:\DOCUMENTS CSYSTEMCOMMANDS::GETCOMMONFILEPATH DEALINGS S UCCESS 11:30:25 are = | || ---sitesafety---registryhandler::open_path = | and SECURITY KEY = - || settings\andrei\application cregistry::init cinireader::init = CINIREADER::INIT || CSYSTEMCOMMANDS::GETSAFEENV, feedupdater::make_path || at key | ini BACKUP |browser.download.manager.alertonexeopen and processing | | 16:52:22 EXIST || SEARCH and - | |APPDATA created START || || toolbar |software\avg - - 2.0, || cregistry::init STAGNAME 01:23:07 = = || |software\avg key - - | || the TO CREGISTRY::ISKEYEXISTS(), ERROR - || IN | will NAME - 14:00:55 | = |EXTENSION S.DATABASESCHEMA CSYSTEMCOMMANDS::GETSAFEENV CFFCONFIG: VALUE IN comments = |YAH OO.YTFF.TOOLBAR.OSC 10:52:19 || FIREFOX |cache_file_0 |PARTNER/TOOLBARGUID SETTINGS\ANDREI\APPLICATION and | toolbar
Vous aimerez peut-être aussi
- The Yellow House: A Memoir (2019 National Book Award Winner)D'EverandThe Yellow House: A Memoir (2019 National Book Award Winner)Évaluation : 4 sur 5 étoiles4/5 (98)
- English 6 W10 DAYS 1-2Document13 pagesEnglish 6 W10 DAYS 1-2Mary Jane CuevasPas encore d'évaluation
- The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good LifeD'EverandThe Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good LifeÉvaluation : 4 sur 5 étoiles4/5 (5795)
- Broch H225-2015Document24 pagesBroch H225-2015ramchanderPas encore d'évaluation
- Shoe Dog: A Memoir by the Creator of NikeD'EverandShoe Dog: A Memoir by the Creator of NikeÉvaluation : 4.5 sur 5 étoiles4.5/5 (537)
- Kinematics of A Novel Nine Degree of Freedom Configurable Gough-Stewart PlatformDocument19 pagesKinematics of A Novel Nine Degree of Freedom Configurable Gough-Stewart PlatformNeider NadidPas encore d'évaluation
- Elon Musk: Tesla, SpaceX, and the Quest for a Fantastic FutureD'EverandElon Musk: Tesla, SpaceX, and the Quest for a Fantastic FutureÉvaluation : 4.5 sur 5 étoiles4.5/5 (474)
- MODEL: SC330 Industrial Range Powered by Cummins: Diesel Generating Set 400/230 V - 50 HZ - 3phaseDocument4 pagesMODEL: SC330 Industrial Range Powered by Cummins: Diesel Generating Set 400/230 V - 50 HZ - 3phaseDefly GustiPas encore d'évaluation
- Grit: The Power of Passion and PerseveranceD'EverandGrit: The Power of Passion and PerseveranceÉvaluation : 4 sur 5 étoiles4/5 (588)
- Janice C. Vergel: ObjectiveDocument3 pagesJanice C. Vergel: ObjectiveRency Reiz JhanicePas encore d'évaluation
- On Fire: The (Burning) Case for a Green New DealD'EverandOn Fire: The (Burning) Case for a Green New DealÉvaluation : 4 sur 5 étoiles4/5 (74)
- Dwnload Full Business Research Methods 9th Edition Zikmund Solutions Manual PDFDocument35 pagesDwnload Full Business Research Methods 9th Edition Zikmund Solutions Manual PDFerichuel33a100% (14)
- A Heartbreaking Work Of Staggering Genius: A Memoir Based on a True StoryD'EverandA Heartbreaking Work Of Staggering Genius: A Memoir Based on a True StoryÉvaluation : 3.5 sur 5 étoiles3.5/5 (231)
- Battista Mondin, Saint Thomas Aquinas' Philosophy. in The Commentary To The Sentences (Inglés) PDFDocument134 pagesBattista Mondin, Saint Thomas Aquinas' Philosophy. in The Commentary To The Sentences (Inglés) PDFFray Daniel Sisa NiñoPas encore d'évaluation
- Hidden Figures: The American Dream and the Untold Story of the Black Women Mathematicians Who Helped Win the Space RaceD'EverandHidden Figures: The American Dream and the Untold Story of the Black Women Mathematicians Who Helped Win the Space RaceÉvaluation : 4 sur 5 étoiles4/5 (895)
- P700 1 (4PP) GB (0213) PDFDocument4 pagesP700 1 (4PP) GB (0213) PDFShahzad AliPas encore d'évaluation
- Never Split the Difference: Negotiating As If Your Life Depended On ItD'EverandNever Split the Difference: Negotiating As If Your Life Depended On ItÉvaluation : 4.5 sur 5 étoiles4.5/5 (838)
- ATS Monitoring Device InstructionsDocument25 pagesATS Monitoring Device InstructionsVinhPas encore d'évaluation
- The Little Book of Hygge: Danish Secrets to Happy LivingD'EverandThe Little Book of Hygge: Danish Secrets to Happy LivingÉvaluation : 3.5 sur 5 étoiles3.5/5 (400)
- Modul Customer ServiceDocument5 pagesModul Customer ServiceFandy Bestario HarlanPas encore d'évaluation
- 12 Chemistry Chapter 1 Assignment 2Document2 pages12 Chemistry Chapter 1 Assignment 2Mohd UvaisPas encore d'évaluation
- The Hard Thing About Hard Things: Building a Business When There Are No Easy AnswersD'EverandThe Hard Thing About Hard Things: Building a Business When There Are No Easy AnswersÉvaluation : 4.5 sur 5 étoiles4.5/5 (345)
- Citaion Style GuideDocument2 pagesCitaion Style Guideedustar330Pas encore d'évaluation
- FNDWRR PDFDocument5 pagesFNDWRR PDFngole ngolePas encore d'évaluation
- The Unwinding: An Inner History of the New AmericaD'EverandThe Unwinding: An Inner History of the New AmericaÉvaluation : 4 sur 5 étoiles4/5 (45)
- Composite Insulators Profile Optimization Using Particle Swarm Algorithm and Finite Element MethodDocument6 pagesComposite Insulators Profile Optimization Using Particle Swarm Algorithm and Finite Element MethodFernando SantanaPas encore d'évaluation
- Team of Rivals: The Political Genius of Abraham LincolnD'EverandTeam of Rivals: The Political Genius of Abraham LincolnÉvaluation : 4.5 sur 5 étoiles4.5/5 (234)
- Motorola Pt4 - VHF - WWW - Manualesderadios.com - ArDocument24 pagesMotorola Pt4 - VHF - WWW - Manualesderadios.com - Arpisy74Pas encore d'évaluation
- The World Is Flat 3.0: A Brief History of the Twenty-first CenturyD'EverandThe World Is Flat 3.0: A Brief History of the Twenty-first CenturyÉvaluation : 3.5 sur 5 étoiles3.5/5 (2259)
- 2020 AMC Years 7-8 JuniorDocument8 pages2020 AMC Years 7-8 JuniorTodor DobrevPas encore d'évaluation
- Contribucion de Las FE A La AutorregulacionDocument24 pagesContribucion de Las FE A La AutorregulacionAmanda Riedemann CarrilloPas encore d'évaluation
- Iso SpinDocument5 pagesIso SpinjhgsgsPas encore d'évaluation
- Devil in the Grove: Thurgood Marshall, the Groveland Boys, and the Dawn of a New AmericaD'EverandDevil in the Grove: Thurgood Marshall, the Groveland Boys, and the Dawn of a New AmericaÉvaluation : 4.5 sur 5 étoiles4.5/5 (266)
- 4 Essays of CSS.Document17 pages4 Essays of CSS.Asma Parvez100% (6)
- The Emperor of All Maladies: A Biography of CancerD'EverandThe Emperor of All Maladies: A Biography of CancerÉvaluation : 4.5 sur 5 étoiles4.5/5 (271)
- Bird Et Al (2005)Document11 pagesBird Et Al (2005)Ewan MurrayPas encore d'évaluation
- Effects of Reservoir Heterogeneity in Laminated ReservoirsDocument3 pagesEffects of Reservoir Heterogeneity in Laminated ReservoirsErik Andres Garcia VillarroelPas encore d'évaluation
- 제8차 전력수급기본계획Document51 pages제8차 전력수급기본계획김명근Pas encore d'évaluation
- K230F Equipment ManualsDocument166 pagesK230F Equipment ManualsHui ChenPas encore d'évaluation
- The Gifts of Imperfection: Let Go of Who You Think You're Supposed to Be and Embrace Who You AreD'EverandThe Gifts of Imperfection: Let Go of Who You Think You're Supposed to Be and Embrace Who You AreÉvaluation : 4 sur 5 étoiles4/5 (1090)
- Frequently Asked Questions For Revisiting Spacetrack Report #3Document2 pagesFrequently Asked Questions For Revisiting Spacetrack Report #3javiermonroycPas encore d'évaluation
- Vallorbs Guide Cut Vs Rolled ThreadsDocument3 pagesVallorbs Guide Cut Vs Rolled ThreadsOrlando AriasPas encore d'évaluation
- CNC RoboticsDocument17 pagesCNC RoboticsKunal DuttPas encore d'évaluation
- Stadium Planning and Construction.Document60 pagesStadium Planning and Construction.shrikant96% (68)
- The Sympathizer: A Novel (Pulitzer Prize for Fiction)D'EverandThe Sympathizer: A Novel (Pulitzer Prize for Fiction)Évaluation : 4.5 sur 5 étoiles4.5/5 (121)
- 2ND Quarter MTB - Mle Lesson Plan December 2, 2022Document4 pages2ND Quarter MTB - Mle Lesson Plan December 2, 2022sherry ann corderoPas encore d'évaluation
- Letter B Lesson PlanDocument3 pagesLetter B Lesson Planapi-300212612100% (1)
- 2021 Redding CatalogDocument44 pages2021 Redding CatalogRobert AugerPas encore d'évaluation
- Her Body and Other Parties: StoriesD'EverandHer Body and Other Parties: StoriesÉvaluation : 4 sur 5 étoiles4/5 (821)
