| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Browser Startet nicht, sowie jegliche Antiviren Programme, Downloadgeschwindigkeit sehr geringWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
02.06.2014, 15:28
| #16 |
 |  Browser Startet nicht, sowie jegliche Antiviren Programme, Downloadgeschwindigkeit sehr gering Liebes Trojaner-Board Team! Hier die Ergebnisse der Log File von: HitmanPro: Code:
ATTFilter HitmanPro 3.7.9.216
www.hitmanpro.com
Computer name . . . . : LUKAS-PC
Windows . . . . . . . : 6.1.1.7601.X86/2
User name . . . . . . : Lukas-PC\Timmy
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)
Scan date . . . . . . : 2014-06-02 16:15:34
Scan mode . . . . . . : Normal
Scan duration . . . . : 4m 27s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : Yes
Threats . . . . . . . : 5
Traces . . . . . . . : 30
Objects scanned . . . : 1.054.050
Files scanned . . . . : 36.595
Remnants scanned . . : 431.726 files / 585.729 keys
Malware _____________________________________________________________________
C:\Program Files\Sirius MT2\# Sirius MT2.exe -> Deleted
Size . . . . . . . : 1.954.816 bytes
Age . . . . . . . : 42.0 days (2014-04-21 17:16:01)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 6F92CC23C24CF09DF8B44E9BDC36652409B20E8531EACE3590D2B30BC48DA3EC
Needs elevation . : Yes
Product . . . . . : SiriusPatcher
Publisher . . . . : SiriusMT2
Description . . . : SiriusPatcher
Version . . . . . : 1.0.0.1
Copyright . . . . : Copyright ©SiriusMT2 2012
> Bitdefender . . . : Trojan.Generic.11262803
Fuzzy . . . . . . : 108.0
References
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sirius MT2\Sirius MT2.lnk
C:\Users\Timmy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sirius MT2.lnk
C:\Users\Timmy\Desktop\Sirius MT2.lnk
C:\Program Files\Sirius MT2\neuer_patcher -> Deleted
Size . . . . . . . : 1.954.816 bytes
Age . . . . . . . : 42.0 days (2014-04-21 17:16:01)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 6F92CC23C24CF09DF8B44E9BDC36652409B20E8531EACE3590D2B30BC48DA3EC
Needs elevation . : Yes
Product . . . . . : SiriusPatcher
Publisher . . . . : SiriusMT2
Description . . . : SiriusPatcher
Version . . . . . : 1.0.0.1
Copyright . . . . : Copyright ©SiriusMT2 2012
> Bitdefender . . . : Trojan.Generic.11262803
Fuzzy . . . . . . : 118.0
C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\Custom.dll -> Deleted
Size . . . . . . . : 93.696 bytes
Age . . . . . . . : 1.7 days (2014-05-31 22:15:49)
Entropy . . . . . : 6.3
SHA-256 . . . . . : 1BF33578F57D6436E916CC0734E8ADC66A0E3C7CA5DE1290601A73E3E362419D
Product . . . . . : SuperbApp
Publisher . . . . : SuperbApp
Description . . . : Custom DLL for SuperbApp
Version . . . . . : 2014.4.
Copyright . . . . : Copyright © 2014 S
> Kaspersky . . . . : Trojan.Win32.AntiFW.b
Fuzzy . . . . . . : 102.0
Forensic Cluster
-0.7s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{18EFC9FE-4235-A3E5-8EA1-D0F446646227}\
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{18EFC9FE-4235-A3E5-8EA1-D0F446646227}\YoutubeAdblocker.2.7.dat
-0.6s C:\zoek_backup\restore.txt
-0.6s C:\zoek_backup\restore.txt
-0.6s C:\zoek_backup\restore.txt
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{1CF67973-C380-3115-A8A6-BA4C958673E1}\
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{1CF67973-C380-3115-A8A6-BA4C958673E1}\YoutubeAdblocker.2.7.dat
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{396E5F17-26E2-2AEC-C244-7C5E0A47D098}\
-0.5s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{396E5F17-26E2-2AEC-C244-7C5E0A47D098}\HAippy2Savea.2.9.dat
-0.5s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{460D08C8-1B07-C60A-64E2-2C684AA107F2}\
-0.5s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{460D08C8-1B07-C60A-64E2-2C684AA107F2}\saeve net.2.7.dat
-0.5s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{460D08C8-1B07-C60A-64E2-2C684AA107F2}\saeve net.2.7.dat
-0.5s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{9EF49866-DED5-8121-8B45-5CCCDFD52ABC}\
-0.5s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{9EF49866-DED5-8121-8B45-5CCCDFD52ABC}\Search-NewTab.2.7.dat
-0.5s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{9EF49866-DED5-8121-8B45-5CCCDFD52ABC}\Search-NewTab.2.7.dat
-0.4s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\
-0.4s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\
-0.4s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\DigiCoupOnn.2.7.dat
-0.4s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\DigiCoupOnn.2.7.dat
-0.4s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\DigiCoupOnn.2.7.dat
-0.4s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\DigiCoupOnn.2.7.dat
-0.4s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{F1D1E649-0A44-F44E-2F0C-4E25E1AD32BC}\
-0.4s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{F1D1E649-0A44-F44E-2F0C-4E25E1AD32BC}\50Coiupoonss.2.9.dat
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\2a0b23fa8d6e74d491affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\60b6132765a7b0ab91affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\8c84dcdc46445dd691affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\c639ec01ae8d99a991affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\c639ec01ae8d99a991affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\c639ec01ae8d99a991affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\f5cc729cb434385591affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\f5cc729cb434385591affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\f5cc729cb434385591affd05bff6b1a1.ini
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{44E4311D-BA06-FD43-505E-17DC53F4C22F}
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{44E4311D-BA06-FD43-505E-17DC53F4C22F}
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{44E4311D-BA06-FD43-505E-17DC53F4C22F}.old
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}.old
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
-0.3s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.old
-0.2s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{CE94DD89-7404-B4B9-E713-E55CC0AB6C3B}
-0.2s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\
-0.2s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\
-0.2s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\
-0.2s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\
-0.2s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\OMvNsr8Q.dat
-0.2s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\OMvNsr8Q.tlb
-0.2s C:\zoek_backup\C_PROGRA~2_ICQ\
-0.1s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\
-0.1s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\icqtabs.css
-0.1s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\icqtabs.js
-0.1s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\newTab.html
-0.1s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\
-0.1s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\bgLarge.gif
-0.1s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\bgSmall.gif
-0.1s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\buttonBlue.gif
-0.1s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\buttonGreen.gif
-0.1s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\buttonGreen.gif
-0.1s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\searchLogo.gif
-0.1s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\searchLogo.gif
-0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\
-0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\35814D17\
-0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\7736030C\
-0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\A8B37AF3\
-0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\
-0.0s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\20140417145109.log
0.0s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\Custom.dll
0.0s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\Readme.txt
0.0s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\Setup.dat
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\Setup.ico
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\TsuDll.dll
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\_Setup.dll
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\20140506170218.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Custom.dll
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Readme.txt
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.ico
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\TsuDll.dll
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\TsuDll.dll
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\TsuDll.dll
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\_Setup.dll
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.5s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\Custom.dll
0.5s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\Readme.txt
0.6s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\Setup.dat
0.6s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\Setup.ico
0.6s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\TsuDll.dll
0.7s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\_Setup.dll
0.7s C:\zoek_backup\C_PROGRA~2_Package Cache\
0.7s C:\zoek_backup\C_PROGRA~2_Package Cache\977FD4FC86B65788449055DB21BA0B6BD22FFFAD\
0.7s C:\zoek_backup\C_PROGRA~2_Package Cache\977FD4FC86B65788449055DB21BA0B6BD22FFFAD\Avira.OE.Setup.Prerequisites.exe
0.7s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\
0.7s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\
0.7s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\
0.7s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\cab1.cab
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\state.rsm
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\vcredist_x86.exe
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\vcredist_x86.exe
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\Avira.OE.Setup.Msi.msi
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\BundledProducts.xml
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.de.mst
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.en.mst
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.es.mst
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.fr.mst
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.it.mst
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.ptbr.mst
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.ptbr.mst
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.ru.mst
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\Avira.OE.Setup.Bundle.En-us.exe
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\Avira.OE.Setup.Bundle.En-us.exe
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\Avira.OE.Setup.Bundle.En-us.exe
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\state.rsm
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\state.rsm
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\
1.1s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\
1.1s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\cab1.cab
1.1s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\cab1.cab
1.1s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi
1.2s C:\zoek_backup\C_Users_Timmy_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_AppsHat\
1.2s C:\zoek_backup\C_Users_Timmy_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_AppsHat\AppsHat.lnk
1.2s C:\zoek_backup\C_Users_Timmy_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_AppsHat\Uninstall.lnk
1.2s C:\zoek_backup\C_Users_Timmy_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_AppsHat\Uninstall.lnk
1.3s C:\zoek_backup\C_Windows_System32_searchplugins\
1.3s C:\zoek_backup\C_Windows_System32_Extensions\
1.3s C:\zoek_backup\C_PROGRA~2_rebootpending.txt.vir
1.3s C:\zoek_backup\C_PROGRA~2_rebootpending.txt.vir
1.3s C:\zoek_backup\C_PROGRA~2_rebootpending.txt.vir
C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Custom.dll -> Deleted
Size . . . . . . . : 93.696 bytes
Age . . . . . . . : 1.7 days (2014-05-31 22:15:49)
Entropy . . . . . : 6.3
SHA-256 . . . . . : 26A322CAB318444A72EA7E4EA13328753D5930C9BEC68191D43CB28E4648CE92
Product . . . . . : AppReady Software
Publisher . . . . : AppReady Software
Description . . . : Custom DLL for AppReady
Version . . . . . : 2014.5.
Copyright . . . . : Copyright © 2014 A
> Bitdefender . . . : Gen:Variant.Application.Kazy.365295
> Kaspersky . . . . : Trojan.Win32.AntiFW.b
Fuzzy . . . . . . : 102.0
Forensic Cluster
-0.9s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{18EFC9FE-4235-A3E5-8EA1-D0F446646227}\
-0.8s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{18EFC9FE-4235-A3E5-8EA1-D0F446646227}\YoutubeAdblocker.2.7.dat
-0.7s C:\zoek_backup\restore.txt
-0.7s C:\zoek_backup\restore.txt
-0.7s C:\zoek_backup\restore.txt
-0.7s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{1CF67973-C380-3115-A8A6-BA4C958673E1}\
-0.7s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{1CF67973-C380-3115-A8A6-BA4C958673E1}\YoutubeAdblocker.2.7.dat
-0.7s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{396E5F17-26E2-2AEC-C244-7C5E0A47D098}\
-0.7s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{396E5F17-26E2-2AEC-C244-7C5E0A47D098}\HAippy2Savea.2.9.dat
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{460D08C8-1B07-C60A-64E2-2C684AA107F2}\
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{460D08C8-1B07-C60A-64E2-2C684AA107F2}\saeve net.2.7.dat
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{460D08C8-1B07-C60A-64E2-2C684AA107F2}\saeve net.2.7.dat
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{9EF49866-DED5-8121-8B45-5CCCDFD52ABC}\
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{9EF49866-DED5-8121-8B45-5CCCDFD52ABC}\Search-NewTab.2.7.dat
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{9EF49866-DED5-8121-8B45-5CCCDFD52ABC}\Search-NewTab.2.7.dat
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\DigiCoupOnn.2.7.dat
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\DigiCoupOnn.2.7.dat
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\DigiCoupOnn.2.7.dat
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\DigiCoupOnn.2.7.dat
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{F1D1E649-0A44-F44E-2F0C-4E25E1AD32BC}\
-0.6s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{F1D1E649-0A44-F44E-2F0C-4E25E1AD32BC}\50Coiupoonss.2.9.dat
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\2a0b23fa8d6e74d491affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\60b6132765a7b0ab91affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\8c84dcdc46445dd691affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\c639ec01ae8d99a991affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\c639ec01ae8d99a991affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\c639ec01ae8d99a991affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\f5cc729cb434385591affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\f5cc729cb434385591affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\f5cc729cb434385591affd05bff6b1a1.ini
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{44E4311D-BA06-FD43-505E-17DC53F4C22F}
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{44E4311D-BA06-FD43-505E-17DC53F4C22F}
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{44E4311D-BA06-FD43-505E-17DC53F4C22F}.old
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.5s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}.old
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.old
-0.4s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{CE94DD89-7404-B4B9-E713-E55CC0AB6C3B}
-0.4s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\
-0.4s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\
-0.4s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\
-0.4s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\
-0.3s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\OMvNsr8Q.dat
-0.3s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\OMvNsr8Q.tlb
-0.3s C:\zoek_backup\C_PROGRA~2_ICQ\
-0.3s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\
-0.3s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\icqtabs.css
-0.3s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\icqtabs.js
-0.3s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\newTab.html
-0.3s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\
-0.3s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\bgLarge.gif
-0.3s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\bgSmall.gif
-0.3s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\buttonBlue.gif
-0.3s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\buttonGreen.gif
-0.3s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\buttonGreen.gif
-0.3s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\searchLogo.gif
-0.3s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\searchLogo.gif
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\35814D17\
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\7736030C\
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\A8B37AF3\
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\20140417145109.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\Custom.dll
-0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\Readme.txt
-0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\Setup.dat
-0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\Setup.ico
-0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\TsuDll.dll
-0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\_Setup.dll
-0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\
-0.0s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\20140506170218.log
0.0s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Custom.dll
0.0s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Readme.txt
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.ico
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\TsuDll.dll
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\TsuDll.dll
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\TsuDll.dll
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\_Setup.dll
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.4s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\Custom.dll
0.4s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\Readme.txt
0.4s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\Setup.dat
0.5s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\Setup.ico
0.5s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\TsuDll.dll
0.5s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\_Setup.dll
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\977FD4FC86B65788449055DB21BA0B6BD22FFFAD\
0.6s C:\zoek_backup\C_PROGRA~2_Package Cache\977FD4FC86B65788449055DB21BA0B6BD22FFFAD\Avira.OE.Setup.Prerequisites.exe
0.6s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\
0.6s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\
0.6s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\
0.6s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\cab1.cab
0.6s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi
0.6s C:\zoek_backup\C_PROGRA~2_Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\
0.6s C:\zoek_backup\C_PROGRA~2_Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\state.rsm
0.6s C:\zoek_backup\C_PROGRA~2_Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\vcredist_x86.exe
0.6s C:\zoek_backup\C_PROGRA~2_Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\vcredist_x86.exe
0.7s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\
0.7s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\Avira.OE.Setup.Msi.msi
0.7s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\BundledProducts.xml
0.7s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.de.mst
0.7s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.en.mst
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.es.mst
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.fr.mst
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.it.mst
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.ptbr.mst
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.ptbr.mst
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.ru.mst
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\
0.8s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\Avira.OE.Setup.Bundle.En-us.exe
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\Avira.OE.Setup.Bundle.En-us.exe
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\Avira.OE.Setup.Bundle.En-us.exe
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\state.rsm
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\state.rsm
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\cab1.cab
0.9s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\cab1.cab
1.0s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi
1.0s C:\zoek_backup\C_Users_Timmy_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_AppsHat\
1.0s C:\zoek_backup\C_Users_Timmy_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_AppsHat\AppsHat.lnk
1.1s C:\zoek_backup\C_Users_Timmy_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_AppsHat\Uninstall.lnk
1.1s C:\zoek_backup\C_Users_Timmy_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_AppsHat\Uninstall.lnk
1.1s C:\zoek_backup\C_Windows_System32_searchplugins\
1.1s C:\zoek_backup\C_Windows_System32_Extensions\
1.2s C:\zoek_backup\C_PROGRA~2_rebootpending.txt.vir
1.2s C:\zoek_backup\C_PROGRA~2_rebootpending.txt.vir
1.2s C:\zoek_backup\C_PROGRA~2_rebootpending.txt.vir
C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\Custom.dll -> Deleted
Size . . . . . . . : 93.696 bytes
Age . . . . . . . : 1.7 days (2014-05-31 22:15:50)
Entropy . . . . . : 6.3
SHA-256 . . . . . : A59DCFC80305319700A9390F0E9770C446497B8B6B373C5DFD32BC08B13F47AA
Product . . . . . : AllaboutApp
Publisher . . . . : AllaboutApp
Description . . . : Custom DLL for AllaboutA
Version . . . . . : 2014.5.
Copyright . . . . : Copyright © 2014 A
> Bitdefender . . . : Gen:Variant.Application.Kazy.365295
> Kaspersky . . . . : Trojan.Win32.AntiFW.b
Fuzzy . . . . . . : 102.0
Forensic Cluster
-1.3s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{18EFC9FE-4235-A3E5-8EA1-D0F446646227}\
-1.1s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{18EFC9FE-4235-A3E5-8EA1-D0F446646227}\YoutubeAdblocker.2.7.dat
-1.1s C:\zoek_backup\restore.txt
-1.1s C:\zoek_backup\restore.txt
-1.1s C:\zoek_backup\restore.txt
-1.1s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{1CF67973-C380-3115-A8A6-BA4C958673E1}\
-1.1s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{1CF67973-C380-3115-A8A6-BA4C958673E1}\YoutubeAdblocker.2.7.dat
-1.1s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{396E5F17-26E2-2AEC-C244-7C5E0A47D098}\
-1.1s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{396E5F17-26E2-2AEC-C244-7C5E0A47D098}\HAippy2Savea.2.9.dat
-1.0s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{460D08C8-1B07-C60A-64E2-2C684AA107F2}\
-1.0s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{460D08C8-1B07-C60A-64E2-2C684AA107F2}\saeve net.2.7.dat
-1.0s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{460D08C8-1B07-C60A-64E2-2C684AA107F2}\saeve net.2.7.dat
-1.0s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{9EF49866-DED5-8121-8B45-5CCCDFD52ABC}\
-1.0s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{9EF49866-DED5-8121-8B45-5CCCDFD52ABC}\Search-NewTab.2.7.dat
-1.0s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{9EF49866-DED5-8121-8B45-5CCCDFD52ABC}\Search-NewTab.2.7.dat
-1.0s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\
-1.0s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\
-0.9s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\DigiCoupOnn.2.7.dat
-0.9s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\DigiCoupOnn.2.7.dat
-0.9s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\DigiCoupOnn.2.7.dat
-0.9s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{D93E1A42-3C60-522A-1BD8-C77671C868B6}\DigiCoupOnn.2.7.dat
-0.9s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{F1D1E649-0A44-F44E-2F0C-4E25E1AD32BC}\
-0.9s C:\zoek_backup\C_Users_Timmy_AppData_LocalLow_{F1D1E649-0A44-F44E-2F0C-4E25E1AD32BC}\50Coiupoonss.2.9.dat
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\2a0b23fa8d6e74d491affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\60b6132765a7b0ab91affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\8c84dcdc46445dd691affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\c639ec01ae8d99a991affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\c639ec01ae8d99a991affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\c639ec01ae8d99a991affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\eb6fe1e673371e2e91affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\f5cc729cb434385591affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\f5cc729cb434385591affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\f5cc729cb434385591affd05bff6b1a1.ini
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{44E4311D-BA06-FD43-505E-17DC53F4C22F}
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{44E4311D-BA06-FD43-505E-17DC53F4C22F}
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{44E4311D-BA06-FD43-505E-17DC53F4C22F}.old
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
-0.9s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{7DD5E91C-3864-77EC-7635-D14910C2A03E}.old
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.old
-0.8s C:\zoek_backup\C_PROGRA~2_16eee1d900693bc\{CE94DD89-7404-B4B9-E713-E55CC0AB6C3B}
-0.7s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\
-0.7s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\
-0.7s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\
-0.7s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\
-0.7s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\OMvNsr8Q.dat
-0.7s C:\zoek_backup\C_PROGRA~2_HAippy2Savea\OMvNsr8Q.tlb
-0.7s C:\zoek_backup\C_PROGRA~2_ICQ\
-0.7s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\
-0.7s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\icqtabs.css
-0.7s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\icqtabs.js
-0.6s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\newTab.html
-0.6s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\
-0.6s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\bgLarge.gif
-0.6s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\bgSmall.gif
-0.6s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\buttonBlue.gif
-0.6s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\buttonGreen.gif
-0.6s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\buttonGreen.gif
-0.6s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\searchLogo.gif
-0.6s C:\zoek_backup\C_PROGRA~2_ICQ\ICQNewTab\img\searchLogo.gif
-0.6s C:\zoek_backup\C_PROGRA~2_InstallMate\
-0.6s C:\zoek_backup\C_PROGRA~2_InstallMate\35814D17\
-0.6s C:\zoek_backup\C_PROGRA~2_InstallMate\7736030C\
-0.6s C:\zoek_backup\C_PROGRA~2_InstallMate\A8B37AF3\
-0.6s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\
-0.6s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\20140417145109.log
-0.5s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\Custom.dll
-0.5s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\Readme.txt
-0.5s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\Setup.dat
-0.5s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\Setup.ico
-0.5s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\TsuDll.dll
-0.4s C:\zoek_backup\C_PROGRA~2_InstallMate\{579E7C0C-5E48-4569-A782-166A8C7D5EFA}\_Setup.dll
-0.4s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\
-0.4s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\20140506170218.log
-0.4s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Custom.dll
-0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Readme.txt
-0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
-0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
-0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
-0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
-0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.dat
-0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\Setup.ico
-0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\TsuDll.dll
-0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\TsuDll.dll
-0.3s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\TsuDll.dll
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CCE445D9-9094-4486-A66D-D8B61707672F}\_Setup.dll
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
-0.2s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\20140515160004.log
0.0s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\Custom.dll
0.0s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\Readme.txt
0.0s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\Setup.dat
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\Setup.ico
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\TsuDll.dll
0.1s C:\zoek_backup\C_PROGRA~2_InstallMate\{CEC1B8C2-9212-4135-A3DE-DA3015229A34}\_Setup.dll
0.1s C:\zoek_backup\C_PROGRA~2_Package Cache\
0.2s C:\zoek_backup\C_PROGRA~2_Package Cache\977FD4FC86B65788449055DB21BA0B6BD22FFFAD\
0.2s C:\zoek_backup\C_PROGRA~2_Package Cache\977FD4FC86B65788449055DB21BA0B6BD22FFFAD\Avira.OE.Setup.Prerequisites.exe
0.2s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\
0.2s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\
0.2s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\
0.2s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\cab1.cab
0.2s C:\zoek_backup\C_PROGRA~2_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi
0.3s C:\zoek_backup\C_PROGRA~2_Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\
0.3s C:\zoek_backup\C_PROGRA~2_Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\state.rsm
0.3s C:\zoek_backup\C_PROGRA~2_Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\vcredist_x86.exe
0.3s C:\zoek_backup\C_PROGRA~2_Package Cache\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}\vcredist_x86.exe
0.3s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\
0.3s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\Avira.OE.Setup.Msi.msi
0.4s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\BundledProducts.xml
0.4s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.de.mst
0.4s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.en.mst
0.4s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.es.mst
0.4s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.fr.mst
0.4s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.it.mst
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.ptbr.mst
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.ptbr.mst
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{5C16076B-DB38-4E0E-9F36-9276010E4F51}v1.1.12.20002\loc.ru.mst
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\Avira.OE.Setup.Bundle.En-us.exe
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\Avira.OE.Setup.Bundle.En-us.exe
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\Avira.OE.Setup.Bundle.En-us.exe
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\state.rsm
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{70a79d1f-686d-4d5c-962b-07aa1294eae0}\state.rsm
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\cab1.cab
0.5s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\cab1.cab
0.6s C:\zoek_backup\C_PROGRA~2_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi
0.6s C:\zoek_backup\C_Users_Timmy_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_AppsHat\
0.7s C:\zoek_backup\C_Users_Timmy_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_AppsHat\AppsHat.lnk
0.7s C:\zoek_backup\C_Users_Timmy_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_AppsHat\Uninstall.lnk
0.7s C:\zoek_backup\C_Users_Timmy_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_AppsHat\Uninstall.lnk
0.7s C:\zoek_backup\C_Windows_System32_searchplugins\
0.8s C:\zoek_backup\C_Windows_System32_Extensions\
0.8s C:\zoek_backup\C_PROGRA~2_rebootpending.txt.vir
0.8s C:\zoek_backup\C_PROGRA~2_rebootpending.txt.vir
0.8s C:\zoek_backup\C_PROGRA~2_rebootpending.txt.vir
Suspicious files ____________________________________________________________
C:\Program Files\Sirius MT2\MultiHack_Kamer.mix -> Deleted
Size . . . . . . . : 413.184 bytes
Age . . . . . . . : 25.7 days (2014-05-07 22:34:49)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 032EBBCAA78D7001691B73213AC1376AFA2F5EA4BCAF2ADBFF2E570F4398053D
Fuzzy . . . . . . : 24.0
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
File belongs to an identified security risk.
The file name extension of this program is not common.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Forensic Cluster
-0.1s C:\Program Files\Sirius MT2\dumpfileremoveme
0.0s C:\Program Files\Sirius MT2\MultiHack_Kamer.mix
0.0s C:\Program Files\Sirius MT2\MultiHack_Kamer.mix
0.0s C:\Program Files\Sirius MT2\MultiHack_Kamer.mix
0.0s C:\Program Files\Sirius MT2\MultiHack_Kamer.mix
0.0s C:\Program Files\Sirius MT2\MultiHack_Kamer.mix
C:\Windows\system32\GameMon.des -> Deleted
Size . . . . . . . : 4.598.456 bytes
Age . . . . . . . : 658.6 days (2012-08-13 02:46:43)
Entropy . . . . . : 7.9
SHA-256 . . . . . : CC168A7545B8516C0F10E75E3519FCEF3643EA758308342FDE6E47CF85EFFAF7
Product . . . . . : nProtect Game Monitor
Publisher . . . . : INCA Internet Co., Ltd.
Description . . . : nProtect Game Monitor Rev 1865
Version . . . . . : 2012.5.23.1
Copyright . . . . : Copyright ⓒ 2000-2011 INCA Internet
Service . . . . . : npggsvc
Fuzzy . . . . . . : 31.0
The file name extension of this program is not common.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Starts automatically as a service during system bootup.
The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
Startup
HKLM\SYSTEM\CurrentControlSet\Services\npggsvc\
Potential Unwanted Programs _________________________________________________
HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}\ (FLV Player) -> Deleted
HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}\ (FLV Player) -> Deleted
HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}\ (FLV Player) -> Deleted
HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}\ (FLV Player) -> Deleted
HKLM\SOFTWARE\Microsoft\Tracing\PluginService_RASAPI32\ (Qone8) -> Deleted
HKLM\SOFTWARE\Microsoft\Tracing\PluginService_RASMANCS\ (Qone8) -> Deleted
HKLM\SOFTWARE\Microsoft\Tracing\TBNotifier_RASAPI32\ (AskBar) -> Deleted
HKLM\SOFTWARE\Microsoft\Tracing\TBNotifier_RASMANCS\ (AskBar) -> Deleted
HKLM\SOFTWARE\Microsoft\Tracing\wprotectmanager_RASAPI32\ (Qone8) -> Deleted
HKLM\SOFTWARE\Microsoft\Tracing\wprotectmanager_RASMANCS\ (Qone8) -> Deleted
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467\ (FLV Player) -> Deleted
HKLM\SYSTEM\ControlSet001\services\eventlog\Application\IePluginService\ (FTDownloader) -> Deleted
HKLM\SYSTEM\ControlSet001\services\eventlog\Application\Wpm\ (FTDownloader) -> Deleted
HKLM\SYSTEM\ControlSet002\services\eventlog\Application\IePluginService\ (FTDownloader) -> Deleted
HKLM\SYSTEM\ControlSet002\services\eventlog\Application\Wpm\ (FTDownloader) -> Deleted
HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\IePluginService\ (FTDownloader) -> PendingDelete
HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\Wpm\ (FTDownloader) -> PendingDelete
HKU\S-1-5-21-24558719-2126205106-1827937244-1004\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find) -> Deleted
HKU\S-1-5-21-24558719-2126205106-1827937244-1004\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find) -> Deleted
Noch dazu: hatte gerade eben einen Bundestrojaner-Virus, habe diesen aber mit der Systemreperatur gelöscht ! mfg Hippel02 |
| Themen zu Browser Startet nicht, sowie jegliche Antiviren Programme, Downloadgeschwindigkeit sehr gering |
| downloadgeschwindigkeit, pup.optional.4shared, pup.optional.adpeak.a, pup.optional.amonetize, pup.optional.amonetize.a, pup.optional.appready, pup.optional.bechiro, pup.optional.coupondownloader.a, pup.optional.domalq, pup.optional.feven.a, pup.optional.installerex, pup.optional.multiplug.a, pup.optional.outbrowse, pup.optional.searchcertifiedtb.a, pup.optional.snboost.a, pup.optional.snbooster.a, pup.optional.softonic, pup.optional.softonic.a, pup.optional.somoto, pup.optional.somoto.a, pup.optional.superfish.a, pup.optional.tarma.a, spyware.msil, trojan.ardamax, trojan.keylogger.msil, trojan.sprotector |
Baum-Darstellung