Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Trojan => pc start niet meer op

Anoniem
Abraham54
39 antwoorden
  • Wie kan mij helpen? Vorige week trojaans paard om mijn pc (AVG had dit blijkbaar niet tegengehouden?)… in paniek programmaatje laten lopen (denk MS remover - ben niet zeker?), waarna pc terug moest opstarten…probleem is nu dat mijn pc helemaal niet meer wil opstarten… krijg aftelscherm met keuzemogelijkheid: veilige modus, etc. … maar geen van allen doet het…
    Ik zou nu mijn windows xp opnieuw kunnen installeren maar dan wis ik mijn C-schijf, toch? … Hoe kan ik dit nu best aanpakken, graag jullie deskundig advies (liefst dus zonder C te wissen, indien mogelijk)?
    Alvast héééél erg bedankt!
  • Hoi Bobbinho, boot jouw computer vanaf de Windows cd.

    Wacht tot het keuze menu komt.
    Kies hier de R van repair.

    Volg de stappen tot de dos-prompt.

    Vul uw administrator wachtwoord in (dat van jouw windows)
    Indien dit wachtwoord niet bestaat, voer dan niets in en druk vervolgens de entertoets in.

    Voer de volgende commando's (het ? staat voor de letter van CDROM waarin de Windows-CD zit) uit:
    Copy ?:\386
    tldr c:\
    Copy ?:\386
    tdetect.com c:\
    fixmbr
    fixboot
    exit

  • Heb wel zo'n medion pc (Aldi) met voorgeïnstalleerde OS, kan dit dan ook met de meegeleverde cd?
  • Dat weet ik niet, je kan het proberen!

    En anders kies je voor een reparatie installatie!

    Niet kiezen voor "Naar fabrieksnieuw brengen" - want dan ben je straks alle je documenten enz. kwijt!
  • Ik raak idd. via mijn boot-cd van medion (Aldi) via 'repair' tot aan dos-teken … Alleen 2 probleempjes als ik uw aangegeven commando's wil inbrengen: 1) mijn dubbelpunt doet het niet op toetsenbord (lijkt query te zijn geworden, kan het niet vinden :-(), 2) met welk dos-commando kan ik nagaan in welk station mijn cd zit (ken het jammer genoeg niet van buiten?)…

    Alvast héél erg bedankt, als ik hier antwoord op kan krijgen lijkt het wel te lukken :-)

    Gr.,
    Bobbinho
  • Is jouw toetsenbord via USB aangesloten?
  • Pc aan de praat gekregen via uw hulp waarvoor dank (bij querty blijkbaar shift+m voor dubbelpunt)… nu nog de trojans… wil u (of iemand) logje eens bekijken?
    Opmerking via AVG is steeds in c:\windows\system 32 (als ik het goed heb)

    Logfile of HijackThis v1.99.1
    Scan saved at 21:01:10, on 26/04/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\AVG\AVG10\avgwdsvc.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\AVG\AVG10\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    C:\Program Files\AVG\AVG10\avgemcx.exe
    C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\PROGRA~1\AVG\AVG10\avgrsx.exe
    C:\Program Files\AVG\AVG10\avgcsrvx.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    F:\Hijack This\hijackthis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi
    edir.dll?prd=ie&ar=iesearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi
    edir.dll?prd=ie&ar=iesearch
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:\Documents and Settings\VAN KERCKHOVE\Local Settings\Temporary Internet Files\19.tmp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe -update activex
    O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International
    O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
    O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://cdn.drivecleaner.com/installdrivecleanerstart_nl.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1106838455765
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B4CB50E4-0309-4906-86EA-10B6641C8392} (SlimClient Class) - https:/
    emote.aznikolaas.be/SNX/CSHELL/extender.cab
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = azwaasland.be,sn.azmm,itnet.hosp
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = azwaasland.be,sn.azmm,itnet.hosp
    O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Check Point SSL Network Extender (cpextender) - Check Point Software Technologies - C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe


  • Hoi Bobbinho, dan gaan we nu verder en wel zodanig dat jouw huidige AVG-antivirusprogramma geheel gedeïnstalleerd gaat worden!

    Let op, onderstaande zal avg verwijderen, die moet je hierna weer opnieuw installeren.


    Open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:8590bb8a50]Kladblok[/b:8590bb8a50]".


    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster.
    sla vervolgens het kladblokbestand op jouw bureaublad op als [b:8590bb8a50]CFScript_AVG2011.txt[/b:8590bb8a50]

    [b:8590bb8a50]
  • ComboFix 11-04-26.05 - VAN KERCKHOVE 27/04/2011 21:23:36.2.2 - x86 MINIMAL
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1023.769 [GMT 2:00]
    Gestart vanuit: c:\documents and settings\VAN KERCKHOVE\Bureaublad\ComboFix.exe
    gebruikte Opdracht switches :: c:\documents and settings\VAN KERCKHOVE\Bureaublad\CFScript_AVG2011.txt
    .
    WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
    .
    FILE ::
    "c:\documents and settings\All Users\Application Data\Common Files\6F59E522-4689-156E-316C-D5B48819DE95.dat"
    "c:\documents and settings\All Users\Bureaublad\AVG 2011.lnk"
    "c:\windows\system32\drivers\AVGIDSDriver.sys"
    "c:\windows\system32\drivers\AVGIDSEH.sys"
    "c:\windows\system32\drivers\AVGIDSFilter.sys"
    "c:\windows\system32\drivers\AVGIDSShim.sys"
    "c:\windows\system32\drivers\avgldx86.sys"
    "c:\windows\system32\drivers\avgmfx86.sys"
    "c:\windows\system32\drivers\avgrkx86.sys"
    "c:\windows\system32\drivers\avgtdix.sys"
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\$AVG
    c:\$avg\$VAULT\V_00000001.fil
    c:\$avg\$VAULT\vvfolder.idx
    c:\documents and settings\All Users\Application Data\AVG10
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\admin.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\changecfgreg.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\csl.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\erd.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\idp.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\idpallow.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\krnl.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\mail.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\mailsrv.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\mailsrvvsapi.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\malrep.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\sched.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\setup.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\spsrv.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\update.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\updatecomps.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Cfg\user.cfg
    c:\documents and settings\All Users\Application Data\AVG10\cfgall\falsealarm.cfg
    c:\documents and settings\All Users\Application Data\AVG10\cfgall\krnlall.cfg
    c:\documents and settings\All Users\Application Data\AVG10\cfgall\updateall.cfg
    c:\documents and settings\All Users\Application Data\AVG10\cfgall\userall.cfg
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\0c62731f-9ba6-4833-82cf-0f2df80ca84f
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\1ffa1a4f-66b6-4805-a0fd-b874bc41bc1c
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\3609731e-0baf-4b7f-bada-f95b81745533
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\4b08d811-7bee-4d6b-bd4f-9514d0ae1c08
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\5f4caa21-94ee-4d56-bf72-250ece94d36e
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\6141c433-2f8e-4013-bf69-bd3bce8aab5d
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\6f374b5d-b6c1-4e01-96f1-ba0376bac52c
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\99db9d15-0caf-4a7b-b622-342a55eaa817
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\ad15b007-406b-4378-b8a8-d913825e9343
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\avgcchff.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\avgcchfi.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\avgcchmf.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\avgcchmi.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\c935bd18-d76e-4d71-8cb7-861e9173ca70
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\cf703c7f-3a40-494c-9c17-d16ab4381314
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\64b0c705b0c6dca4\d18db553-f169-4b7a-9179-742444bd3e68
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\74a46d85a46d4aa6.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\74a46d85a46d4aa6\avgcchff.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\74a46d85a46d4aa6\avgcchfi.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\74a46d85a46d4aa6\avgcchmf.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\74a46d85a46d4aa6\avgcchmi.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\f84cb5694cb522f4.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\f84cb5694cb522f4\avgcchff.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\f84cb5694cb522f4\avgcchfi.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\f84cb5694cb522f4\avgcchmf.dat
    c:\documents and settings\All Users\Application Data\AVG10\Chjw\f84cb5694cb522f4\avgcchmi.dat
    c:\documents and settings\All Users\Application Data\AVG10\Dumps\AVGIDSAgent.exe_129411937168125000.exh
    c:\documents and settings\All Users\Application Data\AVG10\Dumps\AVGIDSAgent.exe_129411937168125000_F.dmp
    c:\documents and settings\All Users\Application Data\AVG10\Dumps\AVGIDSAgent.exe_129411937168125000_M.dmp
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\agentStartup.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\analyzerConfig.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\analyzerFilterConfig.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\BehavioralEventProcessors.dat
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\BehavioralEventProcessors.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\BehavioralEvents.dat
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\BehavioralEvents.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\Characteristics.dat
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\Classifiers.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\ClientConfig.cfg
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\Correlations.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\downloadManager.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\downloads.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\EN_US\Characteristics.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\EN_US\internalListStrings.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\EN_US\reportableevents.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\ExecutableEvents.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\FileCoverage.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\globalConfig.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\internalList.zip
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\internalList.zip.bak
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\md5Cache.dat
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\messages.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\NetworkEvents.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\ProductParameters.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\quarantinedList.zip
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\quarantinedList.zip.bak
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\registryCoverage.dat
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\RegistryCoverage.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\Relationships.dat
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\Relationships.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\ReportableEventMappings.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\SelfProtection.xml
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\userList.zip
    c:\documents and settings\All Users\Application Data\AVG10\IDS\config\userList.zip.bak
    c:\documents and settings\All Users\Application Data\AVG10\IDS\log\AVGIDSAgent.log
    c:\documents and settings\All Users\Application Data\AVG10\IDS\log\AVGIDSAgent_boot.log
    c:\documents and settings\All Users\Application Data\AVG10\IDS\log\AVGIDSAgent_graph.log
    c:\documents and settings\All Users\Application Data\AVG10\IDS\log\AVGIDSAgent_malware.log
    c:\documents and settings\All Users\Application Data\AVG10\IDS\log\AVGIDSAgent_node.log
    c:\documents and settings\All Users\Application Data\AVG10\IDS\log\AVGIDSAgent_removed.log
    c:\documents and settings\All Users\Application Data\AVG10\IDS\malwareprofile\backup.dat
    c:\documents and settings\All Users\Application Data\AVG10\IDS\malwareprofile
    odes.dat
    c:\documents and settings\All Users\Application Data\AVG10\IDS\profile\globalLoadable.bak
    c:\documents and settings\All Users\Application Data\AVG10\IDS\profile\globalLoadable.gdb
    c:\documents and settings\All Users\Application Data\AVG10\log\arklog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcfg.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcfg.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcfgex.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcfgex.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.1
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.10
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.2
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.3
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.4
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.5
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.6
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.7
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.8
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.9
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjw.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjwsrv.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjwsrv.log.1
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjwsrv.log.2
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjwsrv.log.3
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjwsrv.log.4
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjwsrv.log.5
    c:\documents and settings\All Users\Application Data\AVG10\log\avgchjwsrv.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.1
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.10
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.2
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.3
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.4
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.5
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.6
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.7
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.8
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.9
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcore.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcsl.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgcsl.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgdiagex.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgdiagex.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgemc.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgemc.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgexc.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgexc.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgldr.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgldr.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avglng.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avglng.log.1
    c:\documents and settings\All Users\Application Data\AVG10\log\avglng.log.2
    c:\documents and settings\All Users\Application Data\AVG10\log\avglng.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgmail.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\avgns.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgns.log.1
    c:\documents and settings\All Users\Application Data\AVG10\log\avgns.log.2
    c:\documents and settings\All Users\Application Data\AVG10\log\avgns.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgpostinst.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgpostinst.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log.1
    c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log.10
    c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log.2
    c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log.3
    c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log.4
    c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log.5
    c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log.6
    c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log.7
    c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log.8
    c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log.9
    c:\documents and settings\All Users\Application Data\AVG10\log\avgrs.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgscan.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgscan.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log.1
    c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log.2
    c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log.3
    c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log.4
    c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log.5
    c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log.6
    c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log.7
    c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log.8
    c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log.9
    c:\documents and settings\All Users\Application Data\AVG10\log\avgsched.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgsrm.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgsrm.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log.1
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log.10
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log.2
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log.3
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log.4
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log.5
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log.6
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log.7
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log.8
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log.9
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtbapi.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtdi.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgtdi.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgual.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgual.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgui.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgui.log.1
    c:\documents and settings\All Users\Application Data\AVG10\log\avgui.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avguilog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\avgupd.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgupd.log.1
    c:\documents and settings\All Users\Application Data\AVG10\log\avgupd.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgupdm.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgwd.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgwd.log.1
    c:\documents and settings\All Users\Application Data\AVG10\log\avgwd.log.2
    c:\documents and settings\All Users\Application Data\AVG10\log\avgwd.log.3
    c:\documents and settings\All Users\Application Data\AVG10\log\avgwd.log.4
    c:\documents and settings\All Users\Application Data\AVG10\log\avgwd.log.5
    c:\documents and settings\All Users\Application Data\AVG10\log\avgwd.log.6
    c:\documents and settings\All Users\Application Data\AVG10\log\avgwd.log.7
    c:\documents and settings\All Users\Application Data\AVG10\log\avgwd.log.8
    c:\documents and settings\All Users\Application Data\AVG10\log\avgwd.log.9
    c:\documents and settings\All Users\Application Data\AVG10\log\avgwd.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\avgwdsvc.log
    c:\documents and settings\All Users\Application Data\AVG10\log\avgwdsvc.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\cfgexlog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\cfglog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\chjwlog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\commonpriv.log
    c:\documents and settings\All Users\Application Data\AVG10\log\commonpriv.log.1
    c:\documents and settings\All Users\Application Data\AVG10\log\commonpriv.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\corelog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\csllog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\emclog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\fixcfg.log
    c:\documents and settings\All Users\Application Data\AVG10\log\fixcfg.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\history.xml
    c:\documents and settings\All Users\Application Data\AVG10\log\IDP\log\avgtray_idp_VAN KERCKHOVE.log
    c:\documents and settings\All Users\Application Data\AVG10\log\IDP\log\avgui_idp_VAN KERCKHOVE.log
    c:\documents and settings\All Users\Application Data\AVG10\log\IDP\log\avgwdsvc_idp_SYSTEM.log
    c:\documents and settings\All Users\Application Data\AVG10\log\ldrlog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\lnglog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\lscanlog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log
    slog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\privlog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\publog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\rslog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\scanlog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\schedlog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\srmlog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\tdilog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\updlog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\vault.log
    c:\documents and settings\All Users\Application Data\AVG10\log\vault.log.lock
    c:\documents and settings\All Users\Application Data\AVG10\log\vaultlog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\wdlog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\log\wdsvclog.cfg
    c:\documents and settings\All Users\Application Data\AVG10\scanlogs\I_00000001.log
    c:\documents and settings\All Users\Application Data\AVG10\scanlogs\I_00000003.log
    c:\documents and settings\All Users\Application Data\AVG10\scanlogs\I_00000004.log
    c:\documents and settings\All Users\Application Data\AVG10\scanlogs\I_00000008.log
    c:\documents and settings\All Users\Application Data\AVG10\scanlogs\I_00000009.log
    c:\documents and settings\All Users\Application Data\AVG10\scanlogs\I_00000010.log
    c:\documents and settings\All Users\Application Data\AVG10\scanlogs\I_00000011.log
    c:\documents and settings\All Users\Application Data\AVG10\scanlogs\I_00000012.log
    c:\documents and settings\All Users\Application Data\AVG10\scanlogs\I_00000013.log
    c:\documents and settings\All Users\Application Data\AVG10\scanlogs\srm.idx
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\AntiRkx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\Antivirx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\Avgx86.msi
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\basex.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\COREx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\COREx86.msi
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\Emailsx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\GUIx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\IDPx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\lng_nlx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\lng_usx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\OnlnScx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\ResShldx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\SrchSrfx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\SSHttpBx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\TDIDrvx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\Toolbarx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\TuneUpx.cab
    c:\documents and settings\All Users\Application Data\AVG10\SetupBackup\Updatex.cab
    c:\documents and settings\All Users\Application Data\AVG10\Temp\file9514.tmp
    c:\documents and settings\All Users\Application Data\AVG10\update\backup\incavi.avm
    c:\documents and settings\All Users\Application Data\AVG10\update\backup\sb.dat
    c:\documents and settings\All Users\Application Data\AVG10\update\backup\sc.dat
    c:\documents and settings\All Users\Application Data\AVG10\update\download\avg10infoavi.ctf
    c:\documents and settings\All Users\Application Data\AVG10\update\download\avg10infowin.ctf
    c:\documents and settings\All Users\Application Data\AVG10\update\download\fixcorex3.exe
    c:\documents and settings\All Users\Application Data\MFAData
    c:\documents and settings\All Users\Application Data\MFAData\logs\mfa-20101128-201515.log
    c:\documents and settings\All Users\Application Data\MFAData\logs\msi-20101128-201515.log
    c:\documents and settings\All Users\Application Data\MFAData\mfaurlconf.ini
    c:\documents and settings\All Users\Application Data\MFAData\mkt\hi\dm_marketing_message-hi.html
    c:\documents and settings\All Users\Application Data\MFAData\mkt\hi\Installation-Page_LinkScanner.html
    c:\documents and settings\All Users\Application Data\MFAData\mkt\hi\Installation-Page_Smart-Scanning.html
    c:\documents and settings\All Users\Application Data\MFAData\mkt\hi\Installation-Page_Social-Networking.html
    c:\documents and settings\All Users\Application Data\MFAData\mkt
    l\dm_marketing_message-nl.html
    c:\documents and settings\All Users\Application Data\MFAData\mkt
    l\Installation-Page_LinkScanner.html
    c:\documents and settings\All Users\Application Data\MFAData\mkt
    l\Installation-Page_Smart-Scanning.html
    c:\documents and settings\All Users\Application Data\MFAData\mkt
    l\Installation-Page_Social-Networking.html
    c:\documents and settings\All Users\Application Data\MFAData\mkt\res\ico-blue-bg.gif
    c:\documents and settings\All Users\Application Data\MFAData\mkt\res\LinkScanner-style.css
    c:\documents and settings\All Users\Application Data\MFAData\mkt\res\LinkScanner.jpg
    c:\documents and settings\All Users\Application Data\MFAData\mkt\res\OK.png
    c:\documents and settings\All Users\Application Data\MFAData\mkt\res\Smart-Scanning.jpg
    c:\documents and settings\All Users\Application Data\MFAData\mkt\res\SmartScanning-style.css
    c:\documents and settings\All Users\Application Data\MFAData\mkt\res\Social-Networking.jpg
    c:\documents and settings\All Users\Application Data\MFAData\mkt\res\SocialNetworking-style.css
    c:\documents and settings\All Users\Application Data\MFAData\mkt\res\style.css
    c:\documents and settings\All Users\Application Data\MFAData\mkt\res\Thumbs.db
    c:\documents and settings\All Users\Application Data\MFAData\mkt\res\ui-background.jpg
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10antirkx1170ry.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10antivirx1170qt.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10avgx1170ct.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10avisx1170gy.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10basex1170ur.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10emailsx1170rq.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10guix1170lm.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10idatx1170qq.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10idpx1170zy.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10lng_nlx1170rh.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10lng_usx1170la.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10onlnscx1170vt.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10rdstx1170nv.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10resshldx1170gz.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10srchsrfx1170fu.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10sshttpbx1170qg.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10tdidrvx1170xr.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10toolbarx1170zz.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10tuneupx1170wq.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10update2x1170jm.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10updatex1170yu.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\f10xplx1170zt.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\foi10avgcom_lic8nb.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\foi10avgcom_mis7kr.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\foi10avgcom_mps11ms.bin
    c:\documents and settings\All Users\Application Data\MFAData\pack\bins\w10corex426pq.bin
    c:\documents and settings\All Users\Application Data\MFAData\state.dat
    c:\documents and settings\All Users\Bureaublad\AVG 2011.lnk
    c:\documents and settings\All Users\Menu Start\Programma's\AVG 2011
    c:\documents and settings\All Users\Menu Start\Programma's\AVG 2011\AVG Gebruikersinterface.lnk
    c:\documents and settings\All Users\Menu Start\Programma's\AVG 2011\AVG Systeemvakpictogram.lnk
    c:\documents and settings\All Users\Menu Start\Programma's\AVG 2011\Installatie van AVG.lnk ongedaan maken.lnk
    c:\documents and settings\Default User\WINDOWS
    c:\documents and settings\VAN KERCKHOVE\Application Data\AVG10
    c:\documents and settings\VAN KERCKHOVE\Application Data\AVG10\cfgall\usergui.cfg
    c:\documents and settings\VAN KERCKHOVE\WINDOWS
    c:\program files\AVG
    c:\program files\AVG\AVG10\3rd_party\licenses\ace.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\arabica.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\boost.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\bsdiff.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\bzip.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\carp.html
    c:\program files\AVG\AVG10\3rd_party\licenses\cryptopp.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\curl.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\dazukofs.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\expat.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\imagemagick.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\infozip.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\lua.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\md4_md5_license.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\milter.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\minizip.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\openssl_license.html
    c:\program files\AVG\AVG10\3rd_party\licenses\sasl.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\tinyxml.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\unrar.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\untar.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\xalan_xerces.txt
    c:\program files\AVG\AVG10\3rd_party\licenses\zlib.txt
    c:\program files\AVG\AVG10\3rd_party\readme.txt
    c:\program files\AVG\AVG10\avg.snu
    c:\program files\AVG\AVG10\avg_nl.chm
    c:\program files\AVG\AVG10\avg_nl.lng
    c:\program files\AVG\AVG10\avg_us.chm
    c:\program files\AVG\AVG10\avg_us.lng
    c:\program files\AVG\AVG10\avgabout.dll
    c:\program files\AVG\AVG10\avgamnot.dll
    c:\program files\AVG\AVG10\avgapix.dll
    c:\program files\AVG\AVG10\avgar_nl.chm
    c:\program files\AVG\AVG10\avgar_us.chm
    c:\program files\AVG\AVG10\avgatend.stp
    c:\program files\AVG\AVG10\avgatupd.stp
    c:\program files\AVG\AVG10\avgcclix.dll
    c:\program files\AVG\AVG10\avgcertx.dll
    c:\program files\AVG\AVG10\avgcfgex.exe
    c:\program files\AVG\AVG10\avgcfgx.dll
    c:\program files\AVG\AVG10\avgchclx.dll
    c:\program files\AVG\AVG10\avgchjwx.dll
    c:\program files\AVG\AVG10\avgchsvx.exe
    c:\program files\AVG\AVG10\avgclitx.dll
    c:\program files\AVG\AVG10\avgcmgr.exe
    c:\program files\AVG\AVG10\avgcorex.dll
    c:\program files\AVG\AVG10\avgcremx.exe
    c:\program files\AVG\AVG10\avgcslx.dll
    c:\program files\AVG\AVG10\avgcsrvx.exe
    c:\program files\AVG\AVG10\avgdg_nl.chm
    c:\program files\AVG\AVG10\avgdg_us.chm
    c:\program files\AVG\AVG10\avgdiagex.exe
    c:\program files\AVG\AVG10\avgdumpx.exe
    c:\program files\AVG\AVG10\avgemcx.exe
    c:\program files\AVG\AVG10\avgf_nl.chm
    c:\program files\AVG\AVG10\avgf_us.chm
    c:\program files\AVG\AVG10\avgfree_nl.mht
    c:\program files\AVG\AVG10\avgfree_us.mht
    c:\program files\AVG\AVG10\avgidp_nl.chm
    c:\program files\AVG\AVG10\avgidp_us.chm
    c:\program files\AVG\AVG10\avgidpsdkx.dll
    c:\program files\AVG\AVG10\avglngx.dll
    c:\program files\AVG\AVG10\avglogx.dll
    c:\program files\AVG\AVG10\avglscanx.exe
    c:\program files\AVG\AVG10\avgmfapx.exe
    c:\program files\AVG\AVG10\avgmfarx.dll
    c:\program files\AVG\AVG10\avgmtrapx.dll
    c:\program files\AVG\AVG10\avgmvflx.dll
    c:\program files\AVG\AVG10\avgmwdef_nl.mht
    c:\program files\AVG\AVG10\avgmwdef_us.mht
    c:\program files\AVG\AVG10\avgnsx.exe
    c:\program files\AVG\AVG10\avgntdumpx.exe
    c:\program files\AVG\AVG10\avgpostinstx.dll
    c:\program files\AVG\AVG10\avgpp.dll
    c:\program files\AVG\AVG10\avgresf.dll
    c:\program files\AVG\AVG10\avgrktx.dll
    c:\program files\AVG\AVG10\avgrsx.exe
    c:\program files\AVG\AVG10\avgsals_nl.mht
    c:\program files\AVG\AVG10\avgsals_us.mht
    c:\program files\AVG\AVG10\avgsbfree_nl.mht
    c:\program files\AVG\AVG10\avgsbfree_us.mht
    c:\program files\AVG\AVG10\avgscanx.dll
    c:\program files\AVG\AVG10\avgscanx.exe
    c:\program files\AVG\AVG10\avgsched.dll
    c:\program files\AVG\AVG10\avgse.dll
    c:\program files\AVG\AVG10\avgsrmax.exe
    c:\program files\AVG\AVG10\avgsrmx.dll
    c:\program files\AVG\AVG10\avgssie.dll
    c:\program files\AVG\AVG10\avgtbapi.dll
    c:\program files\AVG\AVG10\AVGToolbarInstall.exe
    c:\program files\AVG\AVG10\avgtray.exe
    c:\program files\AVG\AVG10\avgtrial_nl.mht
    c:\program files\AVG\AVG10\avgtrial_us.mht
    c:\program files\AVG\AVG10\avgui.exe
    c:\program files\AVG\AVG10\avguiadv.dll
    c:\program files\AVG\AVG10\avguires.dll
    c:\program files\AVG\AVG10\avgupd.sig
    c:\program files\AVG\AVG10\avgupdx.dll
    c:\program files\AVG\AVG10\avgvvx.dll
    c:\program files\AVG\AVG10\avgwd.dll
    c:\program files\AVG\AVG10\avgwdsvc.exe
    c:\program files\AVG\AVG10\avgwdwsc.dll
    c:\program files\AVG\AVG10\avgwebui.dll
    c:\program files\AVG\AVG10\avgwsc.exe
    c:\program files\AVG\AVG10\avgxpl.dll
    c:\program files\AVG\AVG10\axioo.dll
    c:\program files\AVG\AVG10\cf.dat
    c:\program files\AVG\AVG10\commonpriv.log
    c:\program files\AVG\AVG10\commonpriv.log.lock
    c:\program files\AVG\AVG10\contacts_nl.html
    c:\program files\AVG\AVG10\contacts_us.html
    c:\program files\AVG\AVG10\dfncfg.dat
    c:\program files\AVG\AVG10\Drivers\avgld.cat
    c:\program files\AVG\AVG10\Drivers\avgld.inf
    c:\program files\AVG\AVG10\Drivers\avgldx64.sys
    c:\program files\AVG\AVG10\Drivers\avgldx86.sys
    c:\program files\AVG\AVG10\Drivers\avgmf.cat
    c:\program files\AVG\AVG10\Drivers\avgmf.inf
    c:\program files\AVG\AVG10\Drivers\avgmfx64.sys
    c:\program files\AVG\AVG10\Drivers\avgmfx86.sys
    c:\program files\AVG\AVG10\Drivers\avgrk.cat
    c:\program files\AVG\AVG10\Drivers\avgrk.inf
    c:\program files\AVG\AVG10\Drivers\avgrkx64.sys
    c:\program files\AVG\AVG10\Drivers\avgrkx86.sys
    c:\program files\AVG\AVG10\Drivers\avgtdi.cat
    c:\program files\AVG\AVG10\Drivers\avgtdi.inf
    c:\program files\AVG\AVG10\Drivers\avgtdia.sys
    c:\program files\AVG\AVG10\Drivers\avgtdix.sys
    c:\program files\AVG\AVG10\Drivers\ErHrXpx86\AVGIDSEH.cat
    c:\program files\AVG\AVG10\Drivers\ErHrXpx86\AVGIDSEH.inf
    c:\program files\AVG\AVG10\Drivers\ErHrXpx86\AVGIDSEH.sys
    c:\program files\AVG\AVG10\Drivers\XP\AVGIDSDriver.cat
    c:\program files\AVG\AVG10\Drivers\XP\AVGIDSDriver.inf
    c:\program files\AVG\AVG10\Drivers\XP\AVGIDSDriver.sys
    c:\program files\AVG\AVG10\Drivers\XP\AVGIDSFilter.cat
    c:\program files\AVG\AVG10\Drivers\XP\AVGIDSFilter.inf
    c:\program files\AVG\AVG10\Drivers\XP\AVGIDSFilter.sys
    c:\program files\AVG\AVG10\Drivers\XP\AVGIDSShim.cat
    c:\program files\AVG\AVG10\Drivers\XP\AVGIDSShim.inf
    c:\program files\AVG\AVG10\Drivers\XP\AVGIDSShim.sys
    c:\program files\AVG\AVG10\Firefox\Chrome\searchshield.jar
    c:\program files\AVG\AVG10\Firefox4\chrome.manifest
    c:\program files\AVG\AVG10\Firefox4\Chrome\searchshield.jar
    c:\program files\AVG\AVG10\Firefox4\Components\avgssff4.dll
    c:\program files\AVG\AVG10\Firefox4\Components\ISearchShield4.xpt
    c:\program files\AVG\AVG10\Firefox4\install.rdf
    c:\program files\AVG\AVG10\fixcfg.exe
    c:\program files\AVG\AVG10\HtmLayout.dll
    c:\program files\AVG\AVG10\Icons\alert_mask.png
    c:\program files\AVG\AVG10\Icons\background_middle_gray.gif
    c:\program files\AVG\AVG10\Icons\background_middle_green.gif
    c:\program files\AVG\AVG10\Icons\background_middle_orange.gif
    c:\program files\AVG\AVG10\Icons\background_middle_red.gif
    c:\program files\AVG\AVG10\Icons\background_middle_yellow.gif
    c:\program files\AVG\AVG10\Icons\background_top_gray.gif
    c:\program files\AVG\AVG10\Icons\background_top_green.gif
    c:\program files\AVG\AVG10\Icons\background_top_orange.gif
    c:\program files\AVG\AVG10\Icons\background_top_red.gif
    c:\program files\AVG\AVG10\Icons\background_top_yellow.gif
    c:\program files\AVG\AVG10\Icons\block-doc.gif
    c:\program files\AVG\AVG10\Icons\blocked.gif
    c:\program files\AVG\AVG10\Icons\blocked12.png
    c:\program files\AVG\AVG10\Icons\border_bottom_gray.gif
    c:\program files\AVG\AVG10\Icons\border_bottom_green.gif
    c:\program files\AVG\AVG10\Icons\border_bottom_orange.gif
    c:\program files\AVG\AVG10\Icons\border_bottom_red.gif
    c:\program files\AVG\AVG10\Icons\border_bottom_yellow.gif
    c:\program files\AVG\AVG10\Icons\border_top_gray.gif
    c:\program files\AVG\AVG10\Icons\border_top_green.gif
    c:\program files\AVG\AVG10\Icons\border_top_orange.gif
    c:\program files\AVG\AVG10\Icons\border_top_red.gif
    c:\program files\AVG\AVG10\Icons\border_top_yellow.gif
    c:\program files\AVG\AVG10\Icons\box_bottom_red.gif
    c:\program files\AVG\AVG10\Icons\box_top_red.gif
    c:\program files\AVG\AVG10\Icons\caution.gif
    c:\program files\AVG\AVG10\Icons\caution12.png
    c:\program files\AVG\AVG10\Icons\click_here_gray.gif
    c:\program files\AVG\AVG10\Icons\click_here_green.gif
    c:\program files\AVG\AVG10\Icons\click_here_orange.gif
    c:\program files\AVG\AVG10\Icons\click_here_red.gif
    c:\program files\AVG\AVG10\Icons\click_here_yellow.gif
    c:\program files\AVG\AVG10\Icons\clock.gif
    c:\program files\AVG\AVG10\Icons\clock12.png
    c:\program files\AVG\AVG10\Icons\close.gif
    c:\program files\AVG\AVG10\Icons\icons_blocked.gif
    c:\program files\AVG\AVG10\Icons\icons_caution.gif
    c:\program files\AVG\AVG10\Icons\icons_close.gif
    c:\program files\AVG\AVG10\Icons\icons_safe.gif
    c:\program files\AVG\AVG10\Icons\icons_unknown.gif
    c:\program files\AVG\AVG10\Icons\icons_warning.gif
    c:\program files\AVG\AVG10\Icons\LS_Logo_Results.gif
    c:\program files\AVG\AVG10\Icons\safe.gif
    c:\program files\AVG\AVG10\Icons\safe12.png
    c:\program files\AVG\AVG10\Icons\unknown.gif
    c:\program files\AVG\AVG10\Icons\vrsn-secured-lsfo.gif
    c:\program files\AVG\AVG10\Icons\warning.gif
    c:\program files\AVG\AVG10\Icons\warning12.png
    c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\avgcslex.dll
    c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
    c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe.old
    c:\program files\AVG\AVG10\Identity Protection\Agent\driver\platform_XP\UniversalDD.sys
    c:\program files\AVG\AVG10\imsdk32.dll
    c:\program files\AVG\AVG10\js.dat
    c:\program files\AVG\AVG10\license_nl.htm
    c:\program files\AVG\AVG10\license_us.htm
    c:\program files\AVG\AVG10\mfanl.lns
    c:\program files\AVG\AVG10\mfaus.lns
    c:\program files\AVG\AVG10\mfaverx.txt
    c:\program files\AVG\AVG10\PCTuneup\AxBrowsers.dll
    c:\program files\AVG\AVG10\PCTuneup\DiskCleanerHelper.dll
    c:\program files\AVG\AVG10\PCTuneup\DiskDefragHelper.dll
    c:\program files\AVG\AVG10\PCTuneup\helper.dll
    c:\program files\AVG\AVG10\PCTuneup\localizer.dll
    c:\program files\AVG\AVG10\PCTuneup\MicroScanner.exe
    c:\program files\AVG\AVG10\PCTuneup\PerlRegExp.bpl
    c:\program files\AVG\AVG10\PCTuneup\RegistryCleanerHelper.dll
    c:\program files\AVG\AVG10\PCTuneup\RescueCenterHelper.dll
    c:\program files\AVG\AVG10\PCTuneup\rtl120.bpl
    c:\program files\AVG\AVG10\PCTuneup\vcl120.bpl
    c:\program files\AVG\AVG10\ph.dat
    c:\program files\AVG\AVG10\sb.dat
    c:\program files\AVG\AVG10\sb.dat.xcd
    c:\program files\AVG\AVG10\sb2.dat
    c:\program files\AVG\AVG10\sc.dat
    c:\program files\AVG\AVG10\sc.dat.xcd
    c:\program files\AVG\AVG10\SearchProvider.exe
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\23_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\26_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\27_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\29_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\38_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\39_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\40_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\41_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\42_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\43_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\44_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\45_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\46_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\48_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\49_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\50_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\56_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\57_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\58_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\59_sp.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\channels.dat
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome.manifest
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\26_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\27_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\29_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\38_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\39_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\40_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\41_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\42_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\43_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\44_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\45_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\46_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\48_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\49_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\50_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\56_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\57_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\58_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\59_config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\autocomplete-popup.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\config.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\contexthtml.xul
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\custom.js
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\26_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\27_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\29_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\38_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\41_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\42_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\43_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\44_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\45_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\46_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\49_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\50_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\56_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\58_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\59_tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\about.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_arr.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_body.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_main-heading.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_rule-overlay.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_rule.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bg_tab.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_AB.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_ABSearch.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_arrow.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_bottom_shadow.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirm.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmAVGSafe.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmEmail.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmFacebook.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmIco_fb.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmIco_notifier.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmIco_weather.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmTbr.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_confirmWeather.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_egs.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_general.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_IDV1.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_IDV2.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_logo.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_protection.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_search.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBox.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBoxBaidu.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBoxBlank.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_SPupdate.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_SPupdateSearchBox.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_style.css
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_top_shadow.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\bubble_update.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\deletehistory_processing.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_config.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifier.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierBackground.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierBullet.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierClose.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierDown.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierDownActive.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierDownDisabled.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierIco.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierNext.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierNextActive.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierNextDisabled.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierPrevious.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierPreviousActive.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierPreviousDisabled.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierScrollbar.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierSettings.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierUp.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierUpActive.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierUpDisabled.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_config.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_error.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\facebook_logo.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_notifier.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_notifierIco.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_status.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\facebook_style.css
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\facebook_textbox.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\Facebook_user.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBAccess.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBCalc.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBExcel.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBExplorer.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBMediaPlayer.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBNotepad.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBOutlook.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBOutlookExpress.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBPaint.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBPowerPoint.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBSkype.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\icoUBWord.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!backgroundGrey.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!backgroundRed.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!bullet.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!close.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoiDNES.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoRead.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoRSS.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoSimple.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!icoUnread.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!logo.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!settings.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_!tabHilighted.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_advanced.css
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_advanced.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_bullet-1.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_config.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\rssreader_simple.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_askdialog.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_background.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_checkboxdialog.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_closedialog.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_closedialog.htm.old
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_closedialog_bg1.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_closedialog_bg2.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icohelp.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icohelp.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icoQuest.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icoRisk.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icoSafe.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_icoUnkn.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_loading.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_logo.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_main.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_menu1.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_menu2.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_menu3.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_menu4.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\settings_style.css
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_gray.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_green.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_orange.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_red.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_arrow_yellow.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_gray.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_green.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_orange.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_red.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_yellow.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_gray.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_green.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_orange.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_red.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_background_top_yellow.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_blocked.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_gray.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_green.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_orange.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_red.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_yellow.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_gray.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_green.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_orange.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_red.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_border_top_yellow.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_caution.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_dangerous.html
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_blocked.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_caution.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_close.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_safe.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_unknown.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_icons_warning.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_LS_Logo_Results.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_questionable.html
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_risky.html
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_safe.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_safe.html
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_unknown.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_unknown.html
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_waiting.html
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\ssb_warning.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_button.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_button_hilight.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_buttonHilight.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_ie7footer.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_ie7header.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_poweredByBlank.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tabswelcome_poweredByYahoo.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\tbapi.js
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\toolbarprotector_window.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\updater_error.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\updater_ok.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\updater_processing.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\weather_bg.gif
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\weather_error.htm
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\weather_img.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\html\weather_x.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\htmlwindow.xul
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\imageButton.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\26_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\38_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\39_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\40_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\41_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\42_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\43_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\44_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\45_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\46_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\48_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\49_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\50_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\56_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\57_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\58_en.ini
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\59_en.ini
    c:\program files\AVG\AVG10\Toolba





  • c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\Languages\languages.cfg
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\libs\include.js
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\libs\include_lite.js
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\marquee.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\overlay.js
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\overlay.xul
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\content\searchProviders.xml
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\icons\default\htmlwindow.ico
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\38_searchProvider.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\38_spBaidu.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\39_spGeneralSearch.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\40_searchProvider.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\40_spYandex.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\41_searchProvider.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\41_spYandex.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\42_spGeneralSearch.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\43_searchProvider.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\43_spYandex.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\44_spGeneralSearch.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\45_searchProvider.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\45_spYandex.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\46_spGeneralSearch.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\48_searchProvider.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\48_spBaidu.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\49_searchProvider.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\49_spBaidu.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\50_searchProvider.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\50_spBaidu.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\56_spYahoo.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\57_spYahoo.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\58_spYahoo.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\59_spYahoo.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\chevron.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\contexthtml.css
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\dragdrop.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\emailchecker_icoEmail.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\emailchecker_icoEmailNew.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\gripper.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoAbout.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoAVGInfo.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoFacebook_facebook.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoFacebook_FriendReq.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoFacebook_messages.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoFacebook_pokes.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoGoButtonBG.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoHomepage.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoIdentityGuard.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoOptions.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoProtection.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoProtectionLimited.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoRSS.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoRSSBlue.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoRSSGray.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoRSSGreen.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_D.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_Q.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_R.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_S.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_U.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_W.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoTrash.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBAccess.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBCalc.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBExcel.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBExplorer.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBMediaPlayer.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBNotepad.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBOutlook.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBOutlookExpress.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBPaint.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBPowerPoint.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBSkype.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUBWord.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoUpdate.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\icoWeather.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\logo.ico
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\logo.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\overlay.css
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\rssreader_!icoRead.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\rssreader_!icoUnread.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\Search_provider_drop.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\searchProvider.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\settings_icon.ico
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\slider.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spImages.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spLocal.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spSearch.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spShopping.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spVideo.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spWiki.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spYahooBG.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\spYahooBG_small.png
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\chrome\skin\toolbarprotector_icon.ico
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\autocomplete.js
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\avgapi.js
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\facebook.js
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils.xpt
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components
    otifications.js
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\sp.js
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgdatabaseversion.xpt
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgprogramversion.xpt
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgsearchratingsconfig.xpt
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.xpt
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgverdicts.xpt
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\install.rdf
    c:\program files\AVG\AVG10\Toolbar\Firefox\avg@igeared\xpfunc.dll
    c:\program files\AVG\AVG10\Toolbar\Firefox\sp.xml
    c:\program files\AVG\AVG10\Toolbar\IE8Lib.dll
    c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
    c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe
    c:\program files\AVG\AVG10\updatecomps.bak
    c:\windows\default.htm
    c:\windows\Installer\id53.exe
    c:\windows\ST6UNST.000
    c:\windows\system32\Bank.dll
    c:\windows\system32\config\systemprofile\WINDOWS
    c:\windows\system32\drivers\4_stars.gif
    c:\windows\system32\drivers\5_stars.gif
    c:\windows\system32\drivers\AVG
    c:\windows\system32\drivers\AVG\iavichjg.avm
    c:\windows\system32\drivers\AVG\iavichjw.avm
    c:\windows\system32\drivers\AVG\incavi.avm
    c:\windows\system32\drivers\AVGIDSDriver.sys
    c:\windows\system32\drivers\AVGIDSEH.sys
    c:\windows\system32\drivers\AVGIDSFilter.sys
    c:\windows\system32\drivers\AVGIDSShim.sys
    c:\windows\system32\drivers\avgldx86.sys
    c:\windows\system32\drivers\avgmfx86.sys
    c:\windows\system32\drivers\avgrkx86.sys
    c:\windows\system32\drivers\avgtdix.sys
    c:\windows\system32\drivers\buy_btn.gif
    c:\windows\system32\drivers\download_btn.gif
    c:\windows\system32\drivers\features.gif
    c:\windows\system32\drivers\logo_bg.gif
    c:\windows\system32\drivers\perfect_cleaner_box_small.jpg
    c:\windows\system32\drivers\perfect_cleaner_header.gif
    c:\windows\system32\drivers\perfect_cleaner_header_small.gif
    c:\windows\system32\drivers\protect.gif
    c:\windows\system32\drivers\spy_away_box_small.jpg
    c:\windows\system32\drivers\spy_away_header.gif
    c:\windows\system32\drivers\spy_away_header_small.gif
    c:\windows\system32\drivers\users_rating.gif
    c:\windows\system32\SrchSTS.exe
    c:\windows\system32\stfv.bin
    c:\windows\system32\tmp.tmp
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ——-\Legacy_AVGIDSAGENT
    ——-\Legacy_AVGIDSDRIVER
    ——-\Legacy_AVGIDSEH
    ——-\Legacy_AVGIDSFILTER
    ——-\Legacy_AVGIDSSHIM
    ——-\Legacy_AVGLDX86
    ——-\Legacy_AVGMFX86
    ——-\Legacy_AVGRKX86
    ——-\Legacy_AVGTDIX
    ——-\Legacy_AVGWD
    ——-\Legacy_SSHNAS
    ——-\Service_Avg
    ——-\Service_AVGIDSAgent
    ——-\Service_AVGIDSDriver
    ——-\Service_AVGIDSEH
    ——-\Service_AVGIDSFilter
    ——-\Service_AVGIDSShim
    ——-\Service_Avgldx86
    ——-\Service_Avgmfx86
    ——-\Service_Avgrkx86
    ——-\Service_Avgtdix
    ——-\Service_avgwd
    ——-\Service_SSHNAS
    ——-\Legacy_AVG_Security_Toolbar_Service
    ——-\Legacy_AVG_Security_Toolbar_Service
    ——-\Service_AVG Security Toolbar Service
    ——-\Service_AVG Security Toolbar Service
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-03-27 to 2011-04-27 ))))))))))))))))))))))))))))))
    .
    .
    2011-04-27 17:26 . 2011-04-27 17:26 ——– d—–w- c:\documents and settings\VAN KERCKHOVE\Local Settings\Application Data\Sunbelt Software
    2011-04-27 17:23 . 2011-04-27 17:23 ——– dc-h–w- c:\documents and settings\All Users\Application Data\{91EC863D-D912-4466-91CC-9489A4A2ADD3}
    2011-04-27 03:10 . 2011-04-27 03:10 ——– d—–w- C:\$WIN_NT$.~LS
    2011-04-27 03:10 . 2011-04-27 03:10 ——– d—–w- C:\$WIN_NT$.~BT
    2011-04-26 19:02 . 2011-04-27 17:27 98392 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-04-27 19:19 . 2005-01-27 09:31 26112 —-a-w- c:\windows\system32\userinit.exe
    2011-04-26 00:00 . 2010-07-18 18:57 64512 —-a-w- c:\windows\system32\drivers\Lbd.sys
    2011-03-07 05:33 . 2005-01-27 09:50 692736 —-a-w- c:\windows\system32\inetcomm.dll
    2011-03-04 06:36 . 2005-01-27 09:31 420864 —-a-w- c:\windows\system32\vbscript.dll
    2011-03-03 13:53 . 2005-01-27 09:31 1858048 —-a-w- c:\windows\system32\win32k.sys
    2011-02-22 23:07 . 2005-01-27 09:31 916480 —-a-w- c:\windows\system32\wininet.dll
    2011-02-22 23:07 . 2005-01-27 09:31 43520 —-a-w- c:\windows\system32\licmgr10.dll
    2011-02-22 23:07 . 2005-01-27 09:31 1469440 —-a-w- c:\windows\system32\inetcpl.cpl
    2011-02-22 11:43 . 2005-01-27 09:31 385024 —-a-w- c:\windows\system32\html.iec
    2011-02-17 13:18 . 2005-01-27 09:31 455936 —-a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-02-17 13:18 . 2005-01-27 09:31 357888 —-a-w- c:\windows\system32\drivers\srv.sys
    2011-02-17 12:54 . 2008-05-05 05:25 5632 —-a-w- c:\windows\system32\xpsp4res.dll
    2011-02-15 12:56 . 2005-01-27 09:31 290432 —-a-w- c:\windows\system32\atmfd.dll
    2011-02-11 14:44 . 2005-01-27 14:31 236544 —-a-w- c:\windows\system32\fxscover.exe
    2011-02-09 13:54 . 2005-01-27 09:31 270848 —-a-w- c:\windows\system32\sbe.dll
    2011-02-09 13:54 . 2005-01-27 09:31 186880 —-a-w- c:\windows\system32\encdec.dll
    2011-02-08 13:33 . 2005-01-27 09:31 978944 —-a-w- c:\windows\system32\mfc42.dll
    2011-02-08 13:33 . 2005-01-27 09:31 974848 —-a-w- c:\windows\system32\mfc42u.dll
    2011-02-02 07:58 . 2005-01-27 09:49 2067456 —-a-w- c:\windows\system32\mstscax.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-10-08 88363]
    "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-01-12 344064]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
    "PCMService"="c:\program files\Home Cinema\PowerCinema\PCMService.exe" [2005-02-21 118926]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    .
    c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
    BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2005-1-27 1048576]
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync
    estart
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, mibvxbfi.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
    "c:\\Program Files\\CheckPoint\\SSL Network Extender\\slimsvc.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    .
    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [18/07/2010 20:57 64512]
    R2 cpextender;Check Point SSL Network Extender;c:\program files\CheckPoint\SSL Network Extender\slimsvc.exe [14/01/2009 13:14 353680]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [26/04/2011 2:00 2146496]
    R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [13/02/2005 15:02 666368]
    R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [20/01/2005 16:05 1272000]
    R3 VNA;Check Point Virtual Network Adapter;c:\windows\system32\drivers\vna.sys [10/06/2007 16:48 126808]
    R3 wbscr;Winbond Smartcard Reader for I/O;c:\windows\system32\drivers\wbscr.sys [27/01/2005 13:37 19928]
    S3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [27/01/2005 13:34 17408]
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-04-27 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-04-26 15:37]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.hln.be/
    Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
    Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
    WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
    HKLM-Run-Cmaudio - cmicnfg.cpl
    HKLM-Run-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
    HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
    HKLM-Run-AVG_TRAY - c:\program files\AVG\AVG10\avgtray.exe
    SafeBoot-mcmscsvc
    SafeBoot-MCODS
    AddRemove-HijackThis - f:\hijack\Hijack This\HijackThis.exe
    AddRemove-SMS-it! - c:\program files\SMS-it\Uninst.isu
    AddRemove-UDC6M_is1 - c:\program files\DriveCleaner Free\unins000.exe
    AddRemove-Close 32 Tool - c:\docume~1\VANKER~1\APPLIC~1\THUNKD~1\Blue clock.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-04-27 21:39
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————
    .
    - - - - - - - > 'winlogon.exe'(632)
    c:\windows\system32\Ati2evxx.dll
    .
    - - - - - - - > 'explorer.exe'(2636)
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\windows\system32\Ati2evxx.exe
    c:\windows\system32\Ati2evxx.exe
    c:\windows\System32\SCardSvr.exe
    c:\windows\AGRSMMSG.exe
    c:\windows\system32\RunDll32.exe
    c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
    c:\program files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    c:\program files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    c:\program files\Windows Media Player\WMPNetwk.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\progra~1\COMMON~1\X10\Common\x10nets.exe
    c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2011-04-27 21:44:27 - machine werd herstart
    ComboFix-quarantined-files.txt 2011-04-27 19:44
    .
    Pre-Run: 17.111.646.208 bytes beschikbaar
    Post-Run: 16.937.156.608 bytes beschikbaar
    .
    - - End Of File - - 1CEA193FAB3DBE611CAD0897C665C5BB

  • Is het bovendien normaal dat combofix komt zeggen dat ie bestanden uploadt naar server voor verdere analyse?
    Nog voor combofix (en nog steeds) blijf ik bij opstart meerkeuze krijgen tussen 'windows xp home premium edition' of 'windows setup' => kan ik ook hier nog iets aan verhelpen (keuze 1 werkt nochtans perfect & as usual)?
    Alvast hartelijk bedankt!
  • Hoi Bobbinho, ja - het is normaal dat ComboFix bestanden kan uploaden!

    Dat is gezien de snelle ontwikkelingen aan de criminele kant een van de maatregelen, om op die maniet proberen de ontwikkelingen bij te houden!

    Om precies dezelfde reden doen het gros van de antivirusprogramma's dit ook.

    Want in de cloud kan in realtime geanalyseerd worden!
    Zoals bijvoorbeeld bij installatie van Avast de vraag of je meedoet met de Avast Community - dat is de Avast-versie van de cloud!

    Overigens: ComboFix heeft een vieze trojan downloader verwijderd!


    Indien je AVG nog niet hebt geherinstalleerd, kijk dan naar onderstaande:

    Avast 6\2011 Free is de enigste, die een aantal onderdelen aan boord heeft, die je verder alleen aantreft bij betaalde antivirusprogramma's.

    Avast speelt hier dus duidelijk op de nieuwe bedreigingen van het internet in!
    Bovendien merk je nauwelijks, dat Avast draait!
    Ook heeft Avast een "zandbox" aan boord, waarin je veilig programma's kan testen!

    [b:c8b46207dd]Downloadlink Avast 6 Free[/b:c8b46207dd]

    Andere gratis alternatieven:

    [b:c8b46207dd]Panda Cloud Antivirus[/b:c8b46207dd] - downloadlink
    [b:c8b46207dd]AVG Free 2011[/b:c8b46207dd] - downloadlink
    [b:c8b46207dd]Avira Antivir[/b:c8b46207dd] - downloadlink
    [b:c8b46207dd]Microsoft Security Essentials[/b:c8b46207dd] - downloadlink


    Welke je ook kiest, laat je keuze na updaten een volledige systeemscan doen en post daarna een nieuw Hijack This-log


    De rangschikking van de programma's is gedaan naar ratio van de beveiliging en herkenning van malware.

    N.B. alleen AVG en ComboFix hebben een onderling probleem!
  • Logfile of HijackThis v1.99.1
    Scan saved at 18:30:37, on 1/05/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AVG\AVG10\avgwdsvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\AVG\AVG10\avgnsx.exe
    C:\Program Files\AVG\AVG10\avgemcx.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\PROGRA~1\AVG\AVG10\avgrsx.exe
    C:\Program Files\AVG\AVG10\avgcsrvx.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    F:\Hijack This\hijackthis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi
    edir.dll?prd=ie&ar=iesearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi
    edir.dll?prd=ie&ar=iesearch
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International
    O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1106838455765
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B4CB50E4-0309-4906-86EA-10B6641C8392} (SlimClient Class) - https:/
    emote.aznikolaas.be/SNX/CSHELL/extender.cab
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = azwaasland.be,sn.azmm,itnet.hosp
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = azwaasland.be,sn.azmm,itnet.hosp
    O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Check Point SSL Network Extender (cpextender) - Check Point Software Technologies - C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    Mét scan van AVG van voor dit hijackje nog 1 trojan gevonden & in quarantaine geplaatst… had AVG idd. reeds terug geïnstalleerd maar op basis van uw aanbevelingen schik ik hem idd te vervangen door uw 1e suggestie!


  • De versie van HijackThis die jij gebruikt is al erg verouderd.
    Je kan misschien beter de nieuwe versie installeren en het log opnieuw posten.
    http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi
  • Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 19:02:23, on 1/05/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AVG\AVG10\avgwdsvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\AVG\AVG10\avgnsx.exe
    C:\Program Files\AVG\AVG10\avgemcx.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\PROGRA~1\AVG\AVG10\avgrsx.exe
    C:\Program Files\AVG\AVG10\avgcsrvx.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\SNDVOL32.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\msiexec.exe
    F:\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hln.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1106838455765
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B4CB50E4-0309-4906-86EA-10B6641C8392} (SlimClient Class) - https:/
    emote.aznikolaas.be/SNX/CSHELL/extender.cab
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = azwaasland.be,sn.azmm,itnet.hosp
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = azwaasland.be,sn.azmm,itnet.hosp
    O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\Browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\Browseui.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: Check Point SSL Network Extender (cpextender) - Check Point Software Technologies - C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe


    End of file - 8606 bytes
  • Waarom heb je weer voor AVG gekozen?


    Sluit alle openstaande webvensters - behalve dit venster, dat je sluit voor het moment, dat je op de knop [b:be304f75a3]Fix checked[/b:be304f75a3] klikt!


    Start nu HijackThis en klik op de knop [b:be304f75a3]Do a Scan only,

    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)[/b:be304f75a3]
    [list:be304f75a3][*:be304f75a3] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen
    [*:be304f75a3] Sluit nu de webbrowser en vervolgens klik je daarna op de knop [b:be304f75a3]Fix checked[/b:be304f75a3]
    [*:be304f75a3] Klik hierna HijackThis op uit.[/list:u:be304f75a3]


    Gebruik het Norton removal tool om de laatste resten van Norton op te ruimen: http://service1.symantec.com/support/inter/tsgeninfointl.nsf/nl_docid/20050411155130924?OpenDocument&seg=hm&lg=nl&ct=nl

    En doe daarna het volgende:

    [b:be304f75a3]Welk programma[/b:be304f75a3]: Malwarebytes MBAM
    [b:be304f75a3]Waarvoor/waarom[/b:be304f75a3]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
    [b:be304f75a3]Moeilijkheidsgraad[/b:be304f75a3]: geen.

    [b:be304f75a3]Download Malwarebytes MBAM via één van deze locaties[/b:be304f75a3]:
    [list:be304f75a3] [*:be304f75a3][b:be304f75a3]Download.com[/b:be304f75a3]
    [*:be304f75a3][b:be304f75a3]Softpedia.com[/b:be304f75a3][*:be304f75a3][b:be304f75a3]Majorgeeks.com[/b:be304f75a3][/list:u:be304f75a3]
    [b:be304f75a3]Allereerst[/b:be304f75a3]:[list:be304f75a3][*:be304f75a3] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
    [*:be304f75a3] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'![/list:u:be304f75a3]
    [b:be304f75a3]Malwarebytes MBAM opstarten[/b:be304f75a3]:
    Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
    Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.

    [b:be304f75a3]Scannen[/b:be304f75a3]:
    [list:be304f75a3][*:be304f75a3] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
    [*:be304f75a3]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
    [*:be304f75a3]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:be304f75a3]
    [b:be304f75a3]Infecties gevonden[/b:be304f75a3]:
    [list:be304f75a3][*:be304f75a3]Klik nu eerst op OK om de melding weg te klikken
    [*:be304f75a3]Klik vervolgens rechtsonder op de knop Bekijk resultaten.
    [*:be304f75a3]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
    [*:be304f75a3]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    [*:be304f75a3]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
    [*:be304f75a3]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:be304f75a3]
    [b:be304f75a3]MBAM-Log[/b:be304f75a3]:
    [list:be304f75a3][*:be304f75a3] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:be304f75a3]
    [b:be304f75a3]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:be304f75a3]


    [b:be304f75a3]Samenvattend: hierna post je de inhoud van de volgende logs:[/b:be304f75a3]
    [list:be304f75a3][*:be304f75a3] een nieuw Hijackthis-log
    [*:be304f75a3] MBAM scanlog[/list:u:be304f75a3]
  • Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Databaseversie: 6492

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    2/05/2011 20:04:08
    mbam-log-2011-05-02 (20-04-08).txt

    Scantype: Snelle scan
    Objecten gescand: 147381
    Verstreken tijd: 14 minuut/minuten, 57 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 1

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    c:\WINDOWS\system32\fuamfu32.ini (Malware.Trace) -> Quarantined and deleted successfully.


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 20:12:08, on 2/05/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
    C:\PROGRA~1\AVG\AVG10\avgrsx.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AVG\AVG10\avgwdsvc.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\AVG\AVG10\avgnsx.exe
    C:\Program Files\AVG\AVG10\avgemcx.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\internet explorer\iexplore.exe
    F:\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hln.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1106838455765
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B4CB50E4-0309-4906-86EA-10B6641C8392} (SlimClient Class) - https:/
    emote.aznikolaas.be/SNX/CSHELL/extender.cab
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = azwaasland.be,sn.azmm,itnet.hosp
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = azwaasland.be,sn.azmm,itnet.hosp
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\Browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\Browseui.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    O23 - Service: Check Point SSL Network Extender (cpextender) - Check Point Software Technologies - C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe


    End of file - 8100 bytes
  • Je mag het volgende gaan doen:

    [b:9b70a6b39b]Download LopSD of LOPSD naar je Bureaublad.[/b:9b70a6b39b]
    [list:9b70a6b39b][*:9b70a6b39b] [b:9b70a6b39b]De-activeer bij dit tooltje je antispyware en virusscanner.[/b:9b70a6b39b]
    [*:9b70a6b39b][b:9b70a6b39b]Vista- en Windows 7 gebruikers: rechtsklik op LopSD en kies voor "Als Administrator uitvoeren"!
    [*:9b70a6b39b] Kies Optie N en Enter
    [*:9b70a6b39b] Klik OK bij het informatie venter
    [*:9b70a6b39b] Kies Optie 2 en Enter
    [*:9b70a6b39b] Aan het eind verschijnt een log ( LopR.txt ) plaats de inhoud ervan in je volgende antwoord[/b:9b70a6b39b][/list:u:9b70a6b39b]
  • ——————–\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : VAN KERCKHOVE ( Administrator )
    BOOT : Normal boot
    Antivirus : Lavasoft Ad-Watch Live! Antivirus (Activated)
    C:\ (Local Disk) - NTFS - Total:74 Go (Free:15 Go)
    D:\ (Local Disk) - NTFS - Total:57 Go (Free:0 Go)
    E:\ (Local Disk) - FAT32 - Total:16 Go (Free:12 Go)
    F:\ (Local Disk) - NTFS - Total:149 Go (Free:17 Go)
    G:\ (CD or DVD)
    H:\ (CD or DVD)
    J:\ (USB)
    K:\ (USB)
    L:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( ma 02/05/2011|20:35 )


    HERSTEL

    Verwijderd ! - C:\DOCUME~1\VANKER~1\Cookies\van_kerckhove@advertising[1].txt




    ——————–\\ Beschrijving van mappen in APPLIC~1

    [27/04/2011|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{91EC863D-D912-4466-91CC-9489A4A2ADD3}
    [27/01/2005|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [27/01/2005|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [30/06/2007|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [10/12/2010|23:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG Security Toolbar
    [27/04/2011|22:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG10
    [27/01/2005|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
    [28/11/2010|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Common Files
    [01/03/2005|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [26/01/2008|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\First Ford Math Intra
    [18/07/2007|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [18/07/2010|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [02/05/2011|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [09/08/2010|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
    [27/04/2011|22:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MFAData
    [31/10/2005|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [27/01/2005|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
    [09/08/2010|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Panda Security
    [06/06/2010|23:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
    [06/08/2007|14:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [11/05/2010|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sun
    [02/05/2011|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [21/05/2009|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TVU Networks
    [24/07/2007|14:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
    [31/05/2006|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [0|bestand(en)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes
    [27|map(pen)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes beschikbaar

    [14/02/2005|15:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
    [27/01/2005|11:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [27/01/2005|18:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [27/01/2005|18:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [27/01/2005|16:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [0|bestand(en)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes
    [7|map(pen)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes beschikbaar

    [07/10/2007|15:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [07/06/2010|19:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\SACore
    [14/02/2005|14:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
    [0|bestand(en)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes
    [5|map(pen)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes beschikbaar

    [27/01/2005|11:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [30/01/2009|09:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\SACore
    [21/10/2007|15:11] C:\DOCUME~1\NETWOR~1\APPLIC~1\X10 Commander
    [0|bestand(en)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes
    [5|map(pen)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes beschikbaar

    [26/08/2006|14:37] C:\DOCUME~1\VANKER~1\APPLIC~1\.BitTornado
    [22/04/2008|21:48] C:\DOCUME~1\VANKER~1\APPLIC~1\Adobe
    [29/12/2005|17:36] C:\DOCUME~1\VANKER~1\APPLIC~1\AdobeUM
    [23/01/2006|22:54] C:\DOCUME~1\VANKER~1\APPLIC~1\Ahead
    [15/06/2006|22:07] C:\DOCUME~1\VANKER~1\APPLIC~1\Apple Computer
    [27/04/2011|22:10] C:\DOCUME~1\VANKER~1\APPLIC~1\AVG10
    [26/08/2006|14:33] C:\DOCUME~1\VANKER~1\APPLIC~1\Azureus
    [14/02/2005|15:59] C:\DOCUME~1\VANKER~1\APPLIC~1\CyberLink
    [05/03/2010|22:35] C:\DOCUME~1\VANKER~1\APPLIC~1\DVD Flick
    [19/01/2006|22:13] C:\DOCUME~1\VANKER~1\APPLIC~1\Google
    [02/11/2005|23:08] C:\DOCUME~1\VANKER~1\APPLIC~1\Help
    [06/03/2009|21:24] C:\DOCUME~1\VANKER~1\APPLIC~1\ICAClient
    [27/01/2005|11:51] C:\DOCUME~1\VANKER~1\APPLIC~1\Identities
    [21/12/2008|20:56] C:\DOCUME~1\VANKER~1\APPLIC~1\InstallShield
    [07/06/2008|17:02] C:\DOCUME~1\VANKER~1\APPLIC~1\JLC's Software
    [22/10/2005|14:01] C:\DOCUME~1\VANKER~1\APPLIC~1\Lavasoft
    [27/01/2005|18:42] C:\DOCUME~1\VANKER~1\APPLIC~1\Macromedia
    [02/05/2011|19:47] C:\DOCUME~1\VANKER~1\APPLIC~1\Malwarebytes
    [04/05/2008|14:01] C:\DOCUME~1\VANKER~1\APPLIC~1\Media Player Classic
    [05/03/2010|23:11] C:\DOCUME~1\VANKER~1\APPLIC~1\Microsoft
    [27/01/2005|16:33] C:\DOCUME~1\VANKER~1\APPLIC~1\Sun
    [16/11/2009|22:44] C:\DOCUME~1\VANKER~1\APPLIC~1\TeamViewer
    [01/11/2008|00:49] C:\DOCUME~1\VANKER~1\APPLIC~1\Vso
    [0|bestand(en)] C:\DOCUME~1\VANKER~1\APPLIC~1\bytes
    [25|map(pen)] C:\DOCUME~1\VANKER~1\APPLIC~1\bytes beschikbaar

    ——————–\\ Geplande Taken gelocaliseerd in C:\WINDOWS\Tasks

    [27/04/2011 21:38][–a——] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [02/05/2011 20:06][–ah—–] C:\WINDOWS\tasks\SA.DAT
    [04/08/2004 14:00][-r-h—–] C:\WINDOWS\tasks\desktop.ini

    ——————–\\ Beschrijving van mappen in C:\Program Files

    [27/01/2005|15:41] C:\Program Files\Adobe
    [27/01/2005|15:29] C:\Program Files\Ahead
    [27/01/2005|15:09] C:\Program Files\ATI Technologies
    [27/04/2011|22:04] C:\Program Files\AVG
    [14/08/2008|16:31] C:\Program Files\AviSynth 2.5
    [07/05/2010|20:38] C:\Program Files\CheckPoint
    [06/03/2009|20:46] C:\Program Files\Citrix
    [27/04/2011|21:26] C:\Program Files\Common Files
    [27/01/2005|11:49] C:\Program Files\ComPlus Applications
    [01/03/2005|15:19] C:\Program Files\CyberLink
    [27/01/2005|15:59] C:\Program Files\DivX
    [05/03/2010|22:32] C:\Program Files\DVD Flick
    [11/08/2009|17:39] C:\Program Files\dvdSanta
    [13/02/2008|23:18] C:\Program Files\FLAC
    [18/07/2007|22:03] C:\Program Files\Google
    [01/03/2005|15:19] C:\Program Files\Home Cinema
    [28/11/2010|22:13] C:\Program Files\InstallShield Installation Information
    [27/01/2005|13:12] C:\Program Files\Intel
    [26/04/2011|23:54] C:\Program Files\Internet Explorer
    [27/01/2005|15:01] C:\Program Files\IVT Corporation
    [21/07/2010|11:18] C:\Program Files\Java
    [18/07/2010|20:54] C:\Program Files\Lavasoft
    [14/02/2005|13:02] C:\Program Files\Medion Tools
    [17/09/2008|20:10] C:\Program Files\Messenger
    [02/11/2009|21:30] C:\Program Files\Microsoft
    [04/11/2009|22:11] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [27/01/2005|11:51] C:\Program Files\microsoft frontpage
    [20/01/2010|00:05] C:\Program Files\Microsoft Office
    [27/04/2011|18:56] C:\Program Files\Microsoft Silverlight
    [02/11/2009|21:32] C:\Program Files\Microsoft SQL Server Compact Edition
    [19/07/2010|19:51] C:\Program Files\Microsoft Works
    [14/02/2005|13:46] C:\Program Files\Microsoft Works Suite 2005
    [11/08/2010|21:42] C:\Program Files\Movie Maker
    [27/01/2005|11:49] C:\Program Files\MSN Gaming Zone
    [15/11/2006|01:24] C:\Program Files\MSXML 4.0
    [14/02/2005|13:42] C:\Program Files\Musicmatch
    [27/01/2005|16:10] C:\Program Files\muvee Technologies
    [21/12/2008|21:02] C:\Program Files\MyDSC2
    [17/09/2008|20:03] C:\Program Files\NetMeeting
    [27/01/2005|11:50] C:\Program Files\Online Services
    [16/12/2010|22:21] C:\Program Files\Outlook Express
    [14/02/2005|13:59] C:\Program Files\Picture It! Premium 10
    [06/06/2010|22:54] C:\Program Files\ProgDVB
    [17/07/2007|13:53] C:\Program Files\QuickTime
    [27/01/2005|14:35] C:\Program Files\RALINK
    [16/11/2009|22:44] C:\Program Files\TeamViewer
    [02/03/2007|11:36] C:\Program Files\Thunk Dash
    [27/01/2005|11:53] C:\Program Files\Uninstall Information
    [24/07/2007|13:29] C:\Program Files\vso
    [27/01/2005|15:26] C:\Program Files\Winbond Electronics Corp
    [27/01/2005|18:39] C:\Program Files\Windows Journal Viewer
    [22/03/2011|23:42] C:\Program Files\Windows Live
    [22/03/2011|23:39] C:\Program Files\Windows Live SkyDrive
    [01/10/2007|23:23] C:\Program Files\Windows Media Connect
    [01/10/2007|23:27] C:\Program Files\Windows Media Connect 2
    [17/09/2008|20:02] C:\Program Files\Windows Media Player
    [17/09/2008|20:02] C:\Program Files\Windows NT
    [22/10/2005|00:08] C:\Program Files\WindowsUpdate
    [14/02/2005|14:12] C:\Program Files\X10 Hardware
    [27/01/2005|11:51] C:\Program Files\xerox
    [0|bestand(en)] C:\Program Files\bytes
    [62|map(pen)] C:\Program Files\bytes beschikbaar

    ——————–\\ Beschrijving van mappen in C:\Program Files\Common Files

    [29/12/2005|17:36] C:\Program Files\Common Files\Adobe
    [27/01/2005|15:28] C:\Program Files\Common Files\Ahead
    [27/01/2005|15:26] C:\Program Files\Common Files\Borland Shared
    [15/06/2006|22:01] C:\Program Files\Common Files\InstallShield
    [21/07/2010|11:18] C:\Program Files\Common Files\Java
    [22/03/2011|23:39] C:\Program Files\Common Files\Microsoft Shared
    [27/01/2005|11:50] C:\Program Files\Common Files\MSSoap
    [27/01/2005|16:10] C:\Program Files\Common Files\muvee Technologies
    [27/01/2005|12:45] C:\Program Files\Common Files\ODBC
    [27/01/2005|11:50] C:\Program Files\Common Files\Services
    [27/01/2005|12:45] C:\Program Files\Common Files\SpeechEngines
    [13/01/2008|19:16] C:\Program Files\Common Files\SWF Studio
    [02/05/2011|19:40] C:\Program Files\Common Files\Symantec Shared
    [17/09/2008|20:02] C:\Program Files\Common Files\System
    [13/10/2009|22:52] C:\Program Files\Common Files\Windows Live
    [14/02/2005|14:12] C:\Program Files\Common Files\X10
    [0|bestand(en)] C:\Program Files\Common Files\bytes
    [18|map(pen)] C:\Program Files\Common Files\bytes beschikbaar

    ——————–\\ Process

    ( 54 Processes )

    … OK !

    ——————–\\ Zoeken met S_Lop

    Geen Lop mappen gevonden !

    ——————–\\ Zoeken naar Lop Bestanden - Mappen

    Geen Lop mappen gevonden !

    ——————–\\ Zoeken doorheen het Register

    ….. OK !

    ——————–\\ Nazicht van het Hosts bestand

    Hosts bestand IN ORDE


    ——————–\\ Zoeken naar verborgen bestanden met Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-05-02 20:39:46
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes …
    scanning hidden files …
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    ——————–\\ Zoeken naar andere infecties


    Geen andere infecties gevonden !

    [F:4][D:2]-> C:\DOCUME~1\VANKER~1\LOCALS~1\Temp
    [F:230][D:0]-> C:\DOCUME~1\VANKER~1\Cookies
    [F:10139][D:12]-> C:\DOCUME~1\VANKER~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - ma 02/05/2011|20:42 - Option : [2]

    ——————–\\ Scan voltooid om 20:42:10
  • Ik vind het er ondertussen goed uitzien!

    Doe nu het volgende:

    [b:2cae9b721f]Doe de ESET online scan (Klik).[/b:2cae9b721f]
    [list:2cae9b721f]
    [*:2cae9b721f]Klik op de knop [b:2cae9b721f]ESET Online Scanner[/b:2cae9b721f]
    [*:2cae9b721f]Zet een vinkje bij [b:2cae9b721f]YES, I accept the Terms of Use[/b:2cae9b721f]
    [*:2cae9b721f]Klik op [b:2cae9b721f]Start[/b:2cae9b721f]
    [*:2cae9b721f]Sta het ActiveX control toe om te installeren.
    [*:2cae9b721f]Klik op [b:2cae9b721f]"Advanced settings"[/b:2cae9b721f]
    [*:2cae9b721f]Zet een vinkje bij de volgende opties:
    [list:2cae9b721f][*:2cae9b721f][b:2cae9b721f]Remove found threats[/b:2cae9b721f]
    [*:2cae9b721f][b:2cae9b721f]Scan archives[/b:2cae9b721f]
    [*:2cae9b721f][b:2cae9b721f]Scan for potentially unwanted applications[/b:2cae9b721f]
    [*:2cae9b721f][b:2cae9b721f]Scan for potentially unsafe applications[/b:2cae9b721f]
    [*:2cae9b721f][b:2cae9b721f]Enable Anti-Stealth technology [/b:2cae9b721f][/list:u:2cae9b721f]
    [*:2cae9b721f]Klik op [b:2cae9b721f]Start[/b:2cae9b721f]
    [*:2cae9b721f]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.
    [*:2cae9b721f]Je mag het venster sluiten wanneer de scan klaar is.
    [*:2cae9b721f]Gebruik [b:2cae9b721f]Kladblok[/b:2cae9b721f] om het logje te openen. Dit logje vind je in de lokatie C:\Program Files\EsetOnlineScanner\[b:2cae9b721f]log.txt[/b:2cae9b721f]
    [*:2cae9b721f]Kopieer en plak de inhoud van dit logje in je volgende bericht.[/list:u:2cae9b721f]
    N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.