[code] HitmanPro 3.7.9.232 www.hitmanpro.com Computer name . . . . : PC_VAN_ROBKE Windows . . . . . . . : 6.0.1.6001.X86/2 User name . . . . . . : PC_van_robke\robke UAC . . . . . . . . . : Enabled License . . . . . . . : Trial (20 days left) Scan date . . . . . . : 2014-12-26 09:44:47 Scan mode . . . . . . : Normal Scan duration . . . . : 17m 52s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 12 Traces . . . . . . . : 17 Objects scanned . . . : 1.567.499 Files scanned . . . . : 20.356 Remnants scanned . . : 293.941 files / 1.253.202 keys Malware _____________________________________________________________________ C:\Program Files\ZHPDiag\ZHPDiag.exe -> Quarantined Size . . . . . . . : 8.144.384 bytes Age . . . . . . . : 0.0 days (2014-12-26 09:31:04) Entropy . . . . . : 6.0 SHA-256 . . . . . : 200502165C304DF6C8B110CD83E00C4D1D9F25AC270F974A0128E1FF3121EBAA Product . . . . . : ZHPDiag Publisher . . . . : Nicolas Coolman Description . . . : ZHPDiag Version . . . . . : 2014.12.24.177 Copyright . . . . : Nicolas Coolman LanguageID . . . . : 1033 > Bitdefender . . . : Trojan.Generic.12411468 Fuzzy . . . . . . : 94.0 References HKU\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Program Files\ZHPDiag\ZHPDiag.exe Forensic Cluster -0.5s C:\Program Files\ZHPDiag\ -0.5s C:\Users\robke\AppData\Roaming\ZHP\ -0.4s C:\Program Files\ZHPDiag\unins000.dat -0.4s C:\Program Files\ZHPDiag\unins000.exe -0.4s C:\Program Files\ZHPDiag\ZHPhep.exe 0.0s C:\Program Files\ZHPDiag\ZHPDiag.exe 0.7s C:\Program Files\ZHPDiag\ZHPDiag.ico 0.7s C:\Program Files\ZHPDiag\ZHPRootkit.txt 0.7s C:\Program Files\ZHPDiag\ZHPScan.txt 0.7s C:\Program Files\ZHPDiag\hosts 0.7s C:\Program Files\ZHPDiag\ZHPFix\ 0.7s C:\Program Files\ZHPDiag\ZHPFix\ZHPFix.exe 0.9s C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe 1.2s C:\Program Files\ZHPDiag\ZHPFix\LanguesFix.ini 1.2s C:\Program Files\ZHPDiag\ZHPFix\ConfigFix.ini 1.2s C:\Program Files\ZHPDiag\ZHPFix\ZHPFix.ico 1.2s C:\Program Files\ZHPDiag\a.txt 1.2s C:\Program Files\ZHPDiag\Lads.exe 1.2s C:\Program Files\ZHPDiag\mbr.exe 1.3s C:\Program Files\ZHPDiag\setacl32.exe 1.3s C:\Program Files\ZHPDiag\setacl64.exe 1.4s C:\Program Files\ZHPDiag\subinacl.exe 1.4s C:\Program Files\ZHPDiag\sigcheck.exe 1.4s C:\Program Files\ZHPDiag\catchme.exe 1.4s C:\Program Files\ZHPDiag\mbrcheck.exe 1.5s C:\Program Files\ZHPDiag\pv.exe 1.5s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ 1.6s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk 1.6s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk 1.7s C:\Users\robke\Desktop\ZHPDiag.lnk 1.7s C:\Users\robke\Desktop\ZHPFix.lnk 2.9s C:\Windows\Prefetch\ZHPDIAG2.TMP-697790B2.pf 32.3s C:\Users\robke\AppData\Roaming\ZHP\TestsZHPDiag.txt 42.0s C:\Windows\Prefetch\ZHPDIAG.EXE-5F50D22C.pf C:\Users\robke\Desktop\ZHPDiag2.exe -> Quarantined Size . . . . . . . : 6.865.700 bytes Age . . . . . . . : 0.8 days (2014-12-25 14:03:01) Entropy . . . . . : 8.0 SHA-256 . . . . . : DC039B42656EC2A8BE5BA2387A012B44DFA9A3AC3EFF192E5B89B855E41EAA48 Publisher . . . . : Nicolas Coolman Description . . . : ZHPDiag Setup Version . . . . . : Outil Copyright . . . . : Nicolas Coolman > Bitdefender . . . : Trojan.Generic.12411468 Fuzzy . . . . . . : 108.0 C:\zoek_backup\C_Windows_System32_mjcm\5113\nsib.dll -> Quarantined Size . . . . . . . : 1.581.872 bytes Age . . . . . . . : 1.7 days (2014-12-24 16:07:08) Entropy . . . . . : 6.7 SHA-256 . . . . . : 8D470F33E5A91BB28937A9BDAF557446E703411D81A4AB6ED8DAF19779F36DCA RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:WebToolbar.Win32.Perinet.c Fuzzy . . . . . . : 101.0 Forensic Cluster -20.0s C:\Windows\Prefetch\SC.EXE-945D79AE.pf -19.7s C:\Windows\Prefetch\SWREG.EXE-27F27570.pf -3.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\ -3.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\ -3.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\bootstrap.js -3.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\chrome.manifest -3.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\install.rdf -3.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\ -3.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\bg.js -3.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\ -3.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\bootstrap.js -3.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\chrome.manifest -3.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\install.rdf -3.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\ -3.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\bg.js -3.4s C:\Windows\Prefetch\XCOPY.EXE-41E6513F.pf -3.4s C:\zoek_backup\restore.txt -3.3s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\ -3.2s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\background.html -3.2s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\content.js -3.2s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\lsdb.js -3.2s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\manifest.json -3.1s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\qWEqb.js -3.1s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\sqlite.js -3.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\ -2.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\deal4rreal.2.7.dat -2.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\ -2.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\AppetoU.2.7.dat -2.7s C:\zoek_backup\C_Users_robke_AppData_Local_1372\ -2.6s C:\zoek_backup\C_Users_robke_AppData_Local_1372\status.cfg -2.6s C:\zoek_backup\C_Users_robke_AppData_Local_1372\Updater.xml -2.6s C:\zoek_backup\C_PROGRA~2_AppetoU\ -2.5s C:\zoek_backup\C_PROGRA~2_AppetoU\a.dat -2.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\ -2.3s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ -2.3s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\EULA_EN.rtf -2.3s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ReadmeSSCE_ENU.htm -2.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\REDIST.TXT -2.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceca30.dll -2.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcecompact30.dll -2.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceer30EN.dll -2.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceme30.dll -2.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceoledb30.dll -2.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceqp30.dll -2.0s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcese30.dll -2.0s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\System.Data.SqlServerCe.dll -1.9s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\ -1.8s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\avgp -1.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\ -1.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\ -1.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\140d29af71fd910d.fb -1.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\1f7c4a5d1c659695.fb -1.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2562c70b510b2664.fb -1.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2e7bc8a83c73d615.fb -1.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\32d8e09b4ed76f86.fb -1.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\34c9ffe549bc9db1.fb -1.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\45ea5b065ea8d1e3.fb -1.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\50525eac9db0d399.fb -1.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5087aaac78c27919.fb -1.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5fff9999f4fc2383.fb -1.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\636daee6deb5bbc3.fb -1.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\6c97f95c1bfb33ec.fb -1.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\78ccf58f4871292c.fb -1.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\917cc4024410ac08.fb -1.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\b796870199d40fdf.fb -1.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c03e2376eabd4ba6.fb -1.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c71199748cf93508.fb -1.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\cf788bbaaecf01fb.fb -1.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\d3eaddb37c3b84d1.fb -1.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\facf079a7b504f42.fb -0.8s C:\zoek_backup\C_Windows_System32_mjcm\ -0.7s C:\zoek_backup\C_Windows_System32_mjcm\dnkt.exe -0.6s C:\zoek_backup\C_Windows_System32_mjcm\ImHttpComm.dll -0.5s C:\zoek_backup\C_Windows_System32_mjcm\msvcp100.dll -0.5s C:\zoek_backup\C_Windows_System32_mjcm\msvcr100.dll -0.4s C:\zoek_backup\C_Windows_System32_mjcm\5108\ -0.4s C:\zoek_backup\C_Windows_System32_mjcm\5108\ImHttpComm.dll -0.4s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcp100.dll -0.3s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcr100.dll -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5108\nsib.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5113\ -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5113\ImHttpComm.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcp100.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcr100.dll 0.0s C:\zoek_backup\C_Windows_System32_mjcm\5113\nsib.dll 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5119\ 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5119\ImHttpComm.dll 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcp100.dll 0.2s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcr100.dll 0.2s C:\zoek_backup\C_Windows_System32_mjcm\5119\nsib.dll 0.3s C:\zoek_backup\C_Windows_System32_mjcm\5123\ 0.3s C:\zoek_backup\C_Windows_System32_mjcm\5123\ImHttpComm.dll 0.4s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcp100.dll 0.5s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcr100.dll 0.6s C:\zoek_backup\C_Windows_System32_mjcm\5123\nsib.dll 0.7s C:\zoek_backup\C_Windows_System32_mjcm\5131\ 0.7s C:\zoek_backup\C_Windows_System32_mjcm\5131\ImHttpComm.dll 0.7s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcp100.dll 0.8s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcr100.dll 0.8s C:\zoek_backup\C_Windows_System32_mjcm\5131\nsib.dll 1.0s C:\zoek_backup\C_Windows_System32_mjcm\5132\ 1.0s C:\zoek_backup\C_Windows_System32_mjcm\5132\ImHttpComm.dll 1.0s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcp100.dll 1.0s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcr100.dll 1.1s C:\zoek_backup\C_Windows_System32_mjcm\5132\nsib.dll 1.2s C:\zoek_backup\C_Windows_System32_mjcm\5141\ 1.2s C:\zoek_backup\C_Windows_System32_mjcm\5141\ImHttpComm.dll 1.4s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcp100.dll 1.5s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcr100.dll 1.7s C:\zoek_backup\C_Windows_System32_mjcm\5141\nsib.dll 2.2s C:\zoek_backup\C_Windows_System32_mjcm\5143\ 2.2s C:\zoek_backup\C_Windows_System32_mjcm\5143\ImHttpComm.dll 2.3s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcp100.dll 2.4s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcr100.dll 2.4s C:\zoek_backup\C_Windows_System32_mjcm\5143\nsib.dll 2.6s C:\zoek_backup\C_Windows_System32_mjcm\5148\ 2.6s C:\zoek_backup\C_Windows_System32_mjcm\5148\ImHttpComm.dll 2.7s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcp100.dll 2.8s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcr100.dll 2.9s C:\zoek_backup\C_Windows_System32_mjcm\5148\nsib.dll 3.0s C:\zoek_backup\C_Windows_System32_mjcm\5152\ 3.0s C:\zoek_backup\C_Windows_System32_mjcm\5152\ImHttpComm.dll 3.0s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcp100.dll 3.1s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcr100.dll 3.2s C:\zoek_backup\C_Windows_System32_mjcm\5152\nsib.dll 3.3s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\ 3.4s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\Registry.pol 3.4s C:\zoek_backup\C_Windows_system32_GroupPolicy_User\ 3.5s C:\zoek_backup\C_Windows_System32_searchplugins\ 3.6s C:\zoek_backup\C_Windows_System32_Extensions\ 3.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_GoogleToolbarData\ 4.1s C:\zoek_backup\C_awh382F.tmp.vir 4.1s C:\zoek_backup\C_awh388D.tmp.vir 4.1s C:\zoek_backup\C_awh3B99.tmp.vir 4.1s C:\zoek_backup\C_awh3C54.tmp.vir 4.1s C:\zoek_backup\C_awh3F41.tmp.vir 4.1s C:\zoek_backup\C_awh3FFC.tmp.vir 4.2s C:\zoek_backup\C_awh40B7.tmp.vir 4.2s C:\zoek_backup\C_awh427B.tmp.vir 4.2s C:\zoek_backup\C_awh4559.tmp.vir 4.2s C:\zoek_backup\C_awh4817.tmp.vir 4.2s C:\zoek_backup\C_awh4845.tmp.vir 4.3s C:\zoek_backup\C_awh6E33.tmp.vir 4.3s C:\zoek_backup\C_awhAB4C.tmp.vir 4.3s C:\zoek_backup\C_user.js.vir 4.3s C:\zoek_backup\C_Users_robke_AppData_Roaming_WB.CFG.vir 4.3s C:\zoek_backup\C_Users_robke_AppData_LocalLow_SkwConfig.bin.vir 4.4s C:\zoek_backup\C_Windows_system32_GroupPolicy_gpt.ini.vir 5.0s C:\Windows\Prefetch\ATTRIB.EXE-A990CB86.pf 12.7s C:\Windows\Prefetch\NIRCMD.EXE-78840431.pf C:\zoek_backup\C_Windows_System32_mjcm\5119\nsib.dll -> Quarantined Size . . . . . . . : 1.575.216 bytes Age . . . . . . . : 1.7 days (2014-12-24 16:07:09) Entropy . . . . . : 6.7 SHA-256 . . . . . : 63F8A9F2414CE8AD7576B835073CB3F0C72EC12A0DB629DD0DD8D63BAFB9DDF3 RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:WebToolbar.Win32.Perinet.d Fuzzy . . . . . . : 101.0 Forensic Cluster -20.2s C:\Windows\Prefetch\SC.EXE-945D79AE.pf -19.9s C:\Windows\Prefetch\SWREG.EXE-27F27570.pf -4.0s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\ -3.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\ -3.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\bootstrap.js -3.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\chrome.manifest -3.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\install.rdf -3.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\ -3.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\bg.js -3.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\ -3.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\bootstrap.js -3.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\chrome.manifest -3.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\install.rdf -3.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\ -3.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\bg.js -3.6s C:\Windows\Prefetch\XCOPY.EXE-41E6513F.pf -3.6s C:\zoek_backup\restore.txt -3.6s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\ -3.5s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\background.html -3.4s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\content.js -3.4s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\lsdb.js -3.4s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\manifest.json -3.4s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\qWEqb.js -3.3s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\sqlite.js -3.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\ -3.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\deal4rreal.2.7.dat -3.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\ -3.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\AppetoU.2.7.dat -3.0s C:\zoek_backup\C_Users_robke_AppData_Local_1372\ -2.9s C:\zoek_backup\C_Users_robke_AppData_Local_1372\status.cfg -2.9s C:\zoek_backup\C_Users_robke_AppData_Local_1372\Updater.xml -2.8s C:\zoek_backup\C_PROGRA~2_AppetoU\ -2.7s C:\zoek_backup\C_PROGRA~2_AppetoU\a.dat -2.7s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\ -2.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ -2.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\EULA_EN.rtf -2.5s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ReadmeSSCE_ENU.htm -2.5s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\REDIST.TXT -2.5s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceca30.dll -2.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcecompact30.dll -2.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceer30EN.dll -2.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceme30.dll -2.3s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceoledb30.dll -2.3s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceqp30.dll -2.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcese30.dll -2.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\System.Data.SqlServerCe.dll -2.1s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\ -2.0s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\avgp -1.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\ -1.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\ -1.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\140d29af71fd910d.fb -1.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\1f7c4a5d1c659695.fb -1.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2562c70b510b2664.fb -1.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2e7bc8a83c73d615.fb -1.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\32d8e09b4ed76f86.fb -1.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\34c9ffe549bc9db1.fb -1.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\45ea5b065ea8d1e3.fb -1.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\50525eac9db0d399.fb -1.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5087aaac78c27919.fb -1.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5fff9999f4fc2383.fb -1.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\636daee6deb5bbc3.fb -1.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\6c97f95c1bfb33ec.fb -1.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\78ccf58f4871292c.fb -1.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\917cc4024410ac08.fb -1.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\b796870199d40fdf.fb -1.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c03e2376eabd4ba6.fb -1.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c71199748cf93508.fb -1.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\cf788bbaaecf01fb.fb -1.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\d3eaddb37c3b84d1.fb -1.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\facf079a7b504f42.fb -1.0s C:\zoek_backup\C_Windows_System32_mjcm\ -0.9s C:\zoek_backup\C_Windows_System32_mjcm\dnkt.exe -0.8s C:\zoek_backup\C_Windows_System32_mjcm\ImHttpComm.dll -0.8s C:\zoek_backup\C_Windows_System32_mjcm\msvcp100.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\msvcr100.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5108\ -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5108\ImHttpComm.dll -0.6s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcp100.dll -0.5s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcr100.dll -0.5s C:\zoek_backup\C_Windows_System32_mjcm\5108\nsib.dll -0.4s C:\zoek_backup\C_Windows_System32_mjcm\5113\ -0.4s C:\zoek_backup\C_Windows_System32_mjcm\5113\ImHttpComm.dll -0.4s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcp100.dll -0.3s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcr100.dll -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5113\nsib.dll -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5119\ -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5119\ImHttpComm.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcp100.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcr100.dll 0.0s C:\zoek_backup\C_Windows_System32_mjcm\5119\nsib.dll 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5123\ 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5123\ImHttpComm.dll 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcp100.dll 0.2s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcr100.dll 0.3s C:\zoek_backup\C_Windows_System32_mjcm\5123\nsib.dll 0.4s C:\zoek_backup\C_Windows_System32_mjcm\5131\ 0.4s C:\zoek_backup\C_Windows_System32_mjcm\5131\ImHttpComm.dll 0.5s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcp100.dll 0.5s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcr100.dll 0.6s C:\zoek_backup\C_Windows_System32_mjcm\5131\nsib.dll 0.7s C:\zoek_backup\C_Windows_System32_mjcm\5132\ 0.7s C:\zoek_backup\C_Windows_System32_mjcm\5132\ImHttpComm.dll 0.7s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcp100.dll 0.8s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcr100.dll 0.9s C:\zoek_backup\C_Windows_System32_mjcm\5132\nsib.dll 1.0s C:\zoek_backup\C_Windows_System32_mjcm\5141\ 1.0s C:\zoek_backup\C_Windows_System32_mjcm\5141\ImHttpComm.dll 1.2s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcp100.dll 1.3s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcr100.dll 1.5s C:\zoek_backup\C_Windows_System32_mjcm\5141\nsib.dll 2.0s C:\zoek_backup\C_Windows_System32_mjcm\5143\ 2.0s C:\zoek_backup\C_Windows_System32_mjcm\5143\ImHttpComm.dll 2.0s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcp100.dll 2.1s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcr100.dll 2.2s C:\zoek_backup\C_Windows_System32_mjcm\5143\nsib.dll 2.3s C:\zoek_backup\C_Windows_System32_mjcm\5148\ 2.3s C:\zoek_backup\C_Windows_System32_mjcm\5148\ImHttpComm.dll 2.5s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcp100.dll 2.6s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcr100.dll 2.7s C:\zoek_backup\C_Windows_System32_mjcm\5148\nsib.dll 2.8s C:\zoek_backup\C_Windows_System32_mjcm\5152\ 2.8s C:\zoek_backup\C_Windows_System32_mjcm\5152\ImHttpComm.dll 2.8s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcp100.dll 2.8s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcr100.dll 2.9s C:\zoek_backup\C_Windows_System32_mjcm\5152\nsib.dll 3.0s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\ 3.1s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\Registry.pol 3.2s C:\zoek_backup\C_Windows_system32_GroupPolicy_User\ 3.3s C:\zoek_backup\C_Windows_System32_searchplugins\ 3.4s C:\zoek_backup\C_Windows_System32_Extensions\ 3.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_GoogleToolbarData\ 3.8s C:\zoek_backup\C_awh382F.tmp.vir 3.8s C:\zoek_backup\C_awh388D.tmp.vir 3.9s C:\zoek_backup\C_awh3B99.tmp.vir 3.9s C:\zoek_backup\C_awh3C54.tmp.vir 3.9s C:\zoek_backup\C_awh3F41.tmp.vir 3.9s C:\zoek_backup\C_awh3FFC.tmp.vir 3.9s C:\zoek_backup\C_awh40B7.tmp.vir 3.9s C:\zoek_backup\C_awh427B.tmp.vir 4.0s C:\zoek_backup\C_awh4559.tmp.vir 4.0s C:\zoek_backup\C_awh4817.tmp.vir 4.0s C:\zoek_backup\C_awh4845.tmp.vir 4.0s C:\zoek_backup\C_awh6E33.tmp.vir 4.0s C:\zoek_backup\C_awhAB4C.tmp.vir 4.0s C:\zoek_backup\C_user.js.vir 4.1s C:\zoek_backup\C_Users_robke_AppData_Roaming_WB.CFG.vir 4.1s C:\zoek_backup\C_Users_robke_AppData_LocalLow_SkwConfig.bin.vir 4.1s C:\zoek_backup\C_Windows_system32_GroupPolicy_gpt.ini.vir 4.7s C:\Windows\Prefetch\ATTRIB.EXE-A990CB86.pf 12.5s C:\Windows\Prefetch\NIRCMD.EXE-78840431.pf C:\zoek_backup\C_Windows_System32_mjcm\5123\nsib.dll -> Quarantined Size . . . . . . . : 1.628.976 bytes Age . . . . . . . : 1.7 days (2014-12-24 16:07:09) Entropy . . . . . : 6.7 SHA-256 . . . . . : D807DC78016D177B3ECB1BAA57F9E19AC9BF284CE908C8E564A7190EE1EC3CF9 RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:WebToolbar.Win32.Perinet.d Fuzzy . . . . . . : 101.0 Forensic Cluster -20.6s C:\Windows\Prefetch\SC.EXE-945D79AE.pf -20.2s C:\Windows\Prefetch\SWREG.EXE-27F27570.pf -4.3s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\ -4.1s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\ -4.1s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\bootstrap.js -4.1s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\chrome.manifest -4.1s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\install.rdf -4.1s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\ -4.0s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\bg.js -4.0s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\ -4.0s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\bootstrap.js -4.0s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\chrome.manifest -4.0s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\install.rdf -4.0s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\ -3.9s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\bg.js -3.9s C:\Windows\Prefetch\XCOPY.EXE-41E6513F.pf -3.9s C:\zoek_backup\restore.txt -3.9s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\ -3.8s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\background.html -3.8s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\content.js -3.7s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\lsdb.js -3.7s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\manifest.json -3.7s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\qWEqb.js -3.7s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\sqlite.js -3.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\ -3.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\deal4rreal.2.7.dat -3.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\ -3.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\AppetoU.2.7.dat -3.3s C:\zoek_backup\C_Users_robke_AppData_Local_1372\ -3.2s C:\zoek_backup\C_Users_robke_AppData_Local_1372\status.cfg -3.2s C:\zoek_backup\C_Users_robke_AppData_Local_1372\Updater.xml -3.2s C:\zoek_backup\C_PROGRA~2_AppetoU\ -3.0s C:\zoek_backup\C_PROGRA~2_AppetoU\a.dat -3.0s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\ -2.9s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ -2.9s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\EULA_EN.rtf -2.8s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ReadmeSSCE_ENU.htm -2.8s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\REDIST.TXT -2.8s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceca30.dll -2.8s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcecompact30.dll -2.7s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceer30EN.dll -2.7s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceme30.dll -2.7s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceoledb30.dll -2.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceqp30.dll -2.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcese30.dll -2.5s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\System.Data.SqlServerCe.dll -2.4s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\ -2.3s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\avgp -2.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\ -1.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\ -1.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\140d29af71fd910d.fb -1.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\1f7c4a5d1c659695.fb -1.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2562c70b510b2664.fb -1.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2e7bc8a83c73d615.fb -1.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\32d8e09b4ed76f86.fb -1.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\34c9ffe549bc9db1.fb -1.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\45ea5b065ea8d1e3.fb -1.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\50525eac9db0d399.fb -1.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5087aaac78c27919.fb -1.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5fff9999f4fc2383.fb -1.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\636daee6deb5bbc3.fb -1.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\6c97f95c1bfb33ec.fb -1.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\78ccf58f4871292c.fb -1.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\917cc4024410ac08.fb -1.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\b796870199d40fdf.fb -1.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c03e2376eabd4ba6.fb -1.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c71199748cf93508.fb -1.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\cf788bbaaecf01fb.fb -1.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\d3eaddb37c3b84d1.fb -1.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\facf079a7b504f42.fb -1.3s C:\zoek_backup\C_Windows_System32_mjcm\ -1.2s C:\zoek_backup\C_Windows_System32_mjcm\dnkt.exe -1.1s C:\zoek_backup\C_Windows_System32_mjcm\ImHttpComm.dll -1.1s C:\zoek_backup\C_Windows_System32_mjcm\msvcp100.dll -1.1s C:\zoek_backup\C_Windows_System32_mjcm\msvcr100.dll -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5108\ -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5108\ImHttpComm.dll -0.9s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcp100.dll -0.9s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcr100.dll -0.8s C:\zoek_backup\C_Windows_System32_mjcm\5108\nsib.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5113\ -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5113\ImHttpComm.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcp100.dll -0.6s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcr100.dll -0.6s C:\zoek_backup\C_Windows_System32_mjcm\5113\nsib.dll -0.5s C:\zoek_backup\C_Windows_System32_mjcm\5119\ -0.5s C:\zoek_backup\C_Windows_System32_mjcm\5119\ImHttpComm.dll -0.4s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcp100.dll -0.4s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcr100.dll -0.3s C:\zoek_backup\C_Windows_System32_mjcm\5119\nsib.dll -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5123\ -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5123\ImHttpComm.dll -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcp100.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcr100.dll 0.0s C:\zoek_backup\C_Windows_System32_mjcm\5123\nsib.dll 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5131\ 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5131\ImHttpComm.dll 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcp100.dll 0.2s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcr100.dll 0.3s C:\zoek_backup\C_Windows_System32_mjcm\5131\nsib.dll 0.4s C:\zoek_backup\C_Windows_System32_mjcm\5132\ 0.4s C:\zoek_backup\C_Windows_System32_mjcm\5132\ImHttpComm.dll 0.4s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcp100.dll 0.5s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcr100.dll 0.6s C:\zoek_backup\C_Windows_System32_mjcm\5132\nsib.dll 0.7s C:\zoek_backup\C_Windows_System32_mjcm\5141\ 0.7s C:\zoek_backup\C_Windows_System32_mjcm\5141\ImHttpComm.dll 0.9s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcp100.dll 1.0s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcr100.dll 1.2s C:\zoek_backup\C_Windows_System32_mjcm\5141\nsib.dll 1.7s C:\zoek_backup\C_Windows_System32_mjcm\5143\ 1.7s C:\zoek_backup\C_Windows_System32_mjcm\5143\ImHttpComm.dll 1.7s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcp100.dll 1.8s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcr100.dll 1.8s C:\zoek_backup\C_Windows_System32_mjcm\5143\nsib.dll 2.0s C:\zoek_backup\C_Windows_System32_mjcm\5148\ 2.0s C:\zoek_backup\C_Windows_System32_mjcm\5148\ImHttpComm.dll 2.2s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcp100.dll 2.3s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcr100.dll 2.4s C:\zoek_backup\C_Windows_System32_mjcm\5148\nsib.dll 2.4s C:\zoek_backup\C_Windows_System32_mjcm\5152\ 2.5s C:\zoek_backup\C_Windows_System32_mjcm\5152\ImHttpComm.dll 2.5s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcp100.dll 2.5s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcr100.dll 2.6s C:\zoek_backup\C_Windows_System32_mjcm\5152\nsib.dll 2.7s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\ 2.8s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\Registry.pol 2.9s C:\zoek_backup\C_Windows_system32_GroupPolicy_User\ 3.0s C:\zoek_backup\C_Windows_System32_searchplugins\ 3.1s C:\zoek_backup\C_Windows_System32_Extensions\ 3.2s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_GoogleToolbarData\ 3.5s C:\zoek_backup\C_awh382F.tmp.vir 3.5s C:\zoek_backup\C_awh388D.tmp.vir 3.5s C:\zoek_backup\C_awh3B99.tmp.vir 3.6s C:\zoek_backup\C_awh3C54.tmp.vir 3.6s C:\zoek_backup\C_awh3F41.tmp.vir 3.6s C:\zoek_backup\C_awh3FFC.tmp.vir 3.6s C:\zoek_backup\C_awh40B7.tmp.vir 3.6s C:\zoek_backup\C_awh427B.tmp.vir 3.7s C:\zoek_backup\C_awh4559.tmp.vir 3.7s C:\zoek_backup\C_awh4817.tmp.vir 3.7s C:\zoek_backup\C_awh4845.tmp.vir 3.7s C:\zoek_backup\C_awh6E33.tmp.vir 3.7s C:\zoek_backup\C_awhAB4C.tmp.vir 3.7s C:\zoek_backup\C_user.js.vir 3.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_WB.CFG.vir 3.8s C:\zoek_backup\C_Users_robke_AppData_LocalLow_SkwConfig.bin.vir 3.8s C:\zoek_backup\C_Windows_system32_GroupPolicy_gpt.ini.vir 4.4s C:\Windows\Prefetch\ATTRIB.EXE-A990CB86.pf 12.2s C:\Windows\Prefetch\NIRCMD.EXE-78840431.pf C:\zoek_backup\C_Windows_System32_mjcm\5131\nsib.dll -> Quarantined Size . . . . . . . : 1.774.896 bytes Age . . . . . . . : 1.7 days (2014-12-24 16:07:09) Entropy . . . . . : 6.7 SHA-256 . . . . . : D6E154F9D45DD9C1AE83B5AD4F0074CEB7371B4B968DCD41255A56A2689B67E4 RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:WebToolbar.Win32.Perinet.d Fuzzy . . . . . . : 101.0 Forensic Cluster -20.8s C:\Windows\Prefetch\SC.EXE-945D79AE.pf -20.5s C:\Windows\Prefetch\SWREG.EXE-27F27570.pf -4.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\ -4.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\ -4.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\bootstrap.js -4.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\chrome.manifest -4.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\install.rdf -4.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\ -4.3s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\bg.js -4.3s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\ -4.3s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\bootstrap.js -4.3s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\chrome.manifest -4.3s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\install.rdf -4.3s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\ -4.2s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\bg.js -4.2s C:\Windows\Prefetch\XCOPY.EXE-41E6513F.pf -4.2s C:\zoek_backup\restore.txt -4.2s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\ -4.1s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\background.html -4.0s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\content.js -4.0s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\lsdb.js -4.0s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\manifest.json -4.0s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\qWEqb.js -3.9s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\sqlite.js -3.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\ -3.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\deal4rreal.2.7.dat -3.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\ -3.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\AppetoU.2.7.dat -3.6s C:\zoek_backup\C_Users_robke_AppData_Local_1372\ -3.5s C:\zoek_backup\C_Users_robke_AppData_Local_1372\status.cfg -3.5s C:\zoek_backup\C_Users_robke_AppData_Local_1372\Updater.xml -3.4s C:\zoek_backup\C_PROGRA~2_AppetoU\ -3.3s C:\zoek_backup\C_PROGRA~2_AppetoU\a.dat -3.3s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\ -3.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ -3.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\EULA_EN.rtf -3.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ReadmeSSCE_ENU.htm -3.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\REDIST.TXT -3.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceca30.dll -3.0s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcecompact30.dll -3.0s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceer30EN.dll -3.0s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceme30.dll -2.9s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceoledb30.dll -2.9s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceqp30.dll -2.8s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcese30.dll -2.8s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\System.Data.SqlServerCe.dll -2.7s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\ -2.6s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\avgp -2.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\ -2.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\ -2.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\140d29af71fd910d.fb -2.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\1f7c4a5d1c659695.fb -2.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2562c70b510b2664.fb -2.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2e7bc8a83c73d615.fb -2.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\32d8e09b4ed76f86.fb -2.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\34c9ffe549bc9db1.fb -2.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\45ea5b065ea8d1e3.fb -2.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\50525eac9db0d399.fb -2.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5087aaac78c27919.fb -2.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5fff9999f4fc2383.fb -2.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\636daee6deb5bbc3.fb -2.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\6c97f95c1bfb33ec.fb -2.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\78ccf58f4871292c.fb -1.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\917cc4024410ac08.fb -1.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\b796870199d40fdf.fb -1.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c03e2376eabd4ba6.fb -1.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c71199748cf93508.fb -1.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\cf788bbaaecf01fb.fb -1.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\d3eaddb37c3b84d1.fb -1.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\facf079a7b504f42.fb -1.6s C:\zoek_backup\C_Windows_System32_mjcm\ -1.5s C:\zoek_backup\C_Windows_System32_mjcm\dnkt.exe -1.4s C:\zoek_backup\C_Windows_System32_mjcm\ImHttpComm.dll -1.4s C:\zoek_backup\C_Windows_System32_mjcm\msvcp100.dll -1.3s C:\zoek_backup\C_Windows_System32_mjcm\msvcr100.dll -1.2s C:\zoek_backup\C_Windows_System32_mjcm\5108\ -1.2s C:\zoek_backup\C_Windows_System32_mjcm\5108\ImHttpComm.dll -1.2s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcp100.dll -1.1s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcr100.dll -1.1s C:\zoek_backup\C_Windows_System32_mjcm\5108\nsib.dll -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5113\ -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5113\ImHttpComm.dll -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcp100.dll -0.9s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcr100.dll -0.8s C:\zoek_backup\C_Windows_System32_mjcm\5113\nsib.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5119\ -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5119\ImHttpComm.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcp100.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcr100.dll -0.6s C:\zoek_backup\C_Windows_System32_mjcm\5119\nsib.dll -0.5s C:\zoek_backup\C_Windows_System32_mjcm\5123\ -0.5s C:\zoek_backup\C_Windows_System32_mjcm\5123\ImHttpComm.dll -0.5s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcp100.dll -0.4s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcr100.dll -0.3s C:\zoek_backup\C_Windows_System32_mjcm\5123\nsib.dll -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5131\ -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5131\ImHttpComm.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcp100.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcr100.dll 0.0s C:\zoek_backup\C_Windows_System32_mjcm\5131\nsib.dll 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5132\ 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5132\ImHttpComm.dll 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcp100.dll 0.2s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcr100.dll 0.3s C:\zoek_backup\C_Windows_System32_mjcm\5132\nsib.dll 0.4s C:\zoek_backup\C_Windows_System32_mjcm\5141\ 0.4s C:\zoek_backup\C_Windows_System32_mjcm\5141\ImHttpComm.dll 0.6s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcp100.dll 0.7s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcr100.dll 0.9s C:\zoek_backup\C_Windows_System32_mjcm\5141\nsib.dll 1.4s C:\zoek_backup\C_Windows_System32_mjcm\5143\ 1.4s C:\zoek_backup\C_Windows_System32_mjcm\5143\ImHttpComm.dll 1.5s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcp100.dll 1.5s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcr100.dll 1.6s C:\zoek_backup\C_Windows_System32_mjcm\5143\nsib.dll 1.7s C:\zoek_backup\C_Windows_System32_mjcm\5148\ 1.7s C:\zoek_backup\C_Windows_System32_mjcm\5148\ImHttpComm.dll 1.9s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcp100.dll 2.0s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcr100.dll 2.1s C:\zoek_backup\C_Windows_System32_mjcm\5148\nsib.dll 2.2s C:\zoek_backup\C_Windows_System32_mjcm\5152\ 2.2s C:\zoek_backup\C_Windows_System32_mjcm\5152\ImHttpComm.dll 2.2s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcp100.dll 2.2s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcr100.dll 2.3s C:\zoek_backup\C_Windows_System32_mjcm\5152\nsib.dll 2.4s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\ 2.5s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\Registry.pol 2.6s C:\zoek_backup\C_Windows_system32_GroupPolicy_User\ 2.7s C:\zoek_backup\C_Windows_System32_searchplugins\ 2.8s C:\zoek_backup\C_Windows_System32_Extensions\ 2.9s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_GoogleToolbarData\ 3.2s C:\zoek_backup\C_awh382F.tmp.vir 3.2s C:\zoek_backup\C_awh388D.tmp.vir 3.3s C:\zoek_backup\C_awh3B99.tmp.vir 3.3s C:\zoek_backup\C_awh3C54.tmp.vir 3.3s C:\zoek_backup\C_awh3F41.tmp.vir 3.3s C:\zoek_backup\C_awh3FFC.tmp.vir 3.3s C:\zoek_backup\C_awh40B7.tmp.vir 3.3s C:\zoek_backup\C_awh427B.tmp.vir 3.4s C:\zoek_backup\C_awh4559.tmp.vir 3.4s C:\zoek_backup\C_awh4817.tmp.vir 3.4s C:\zoek_backup\C_awh4845.tmp.vir 3.4s C:\zoek_backup\C_awh6E33.tmp.vir 3.4s C:\zoek_backup\C_awhAB4C.tmp.vir 3.4s C:\zoek_backup\C_user.js.vir 3.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_WB.CFG.vir 3.5s C:\zoek_backup\C_Users_robke_AppData_LocalLow_SkwConfig.bin.vir 3.5s C:\zoek_backup\C_Windows_system32_GroupPolicy_gpt.ini.vir 4.1s C:\Windows\Prefetch\ATTRIB.EXE-A990CB86.pf 11.9s C:\Windows\Prefetch\NIRCMD.EXE-78840431.pf C:\zoek_backup\C_Windows_System32_mjcm\5132\nsib.dll -> Quarantined Size . . . . . . . : 1.775.920 bytes Age . . . . . . . : 1.7 days (2014-12-24 16:07:09) Entropy . . . . . : 6.7 SHA-256 . . . . . : E9DC9B0A5F0D4A0A0519C3A0A81F841EAE92888464BD4C3B0465AD74FCA6D45C RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:WebToolbar.Win32.Perinet.d Fuzzy . . . . . . : 101.0 Forensic Cluster -21.1s C:\Windows\Prefetch\SC.EXE-945D79AE.pf -20.8s C:\Windows\Prefetch\SWREG.EXE-27F27570.pf -4.9s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\ -4.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\ -4.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\bootstrap.js -4.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\chrome.manifest -4.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\install.rdf -4.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\ -4.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\bg.js -4.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\ -4.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\bootstrap.js -4.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\chrome.manifest -4.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\install.rdf -4.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\ -4.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\bg.js -4.5s C:\Windows\Prefetch\XCOPY.EXE-41E6513F.pf -4.5s C:\zoek_backup\restore.txt -4.5s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\ -4.3s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\background.html -4.3s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\content.js -4.3s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\lsdb.js -4.3s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\manifest.json -4.3s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\qWEqb.js -4.2s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\sqlite.js -4.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\ -4.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\deal4rreal.2.7.dat -4.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\ -3.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\AppetoU.2.7.dat -3.9s C:\zoek_backup\C_Users_robke_AppData_Local_1372\ -3.8s C:\zoek_backup\C_Users_robke_AppData_Local_1372\status.cfg -3.8s C:\zoek_backup\C_Users_robke_AppData_Local_1372\Updater.xml -3.7s C:\zoek_backup\C_PROGRA~2_AppetoU\ -3.6s C:\zoek_backup\C_PROGRA~2_AppetoU\a.dat -3.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\ -3.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ -3.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\EULA_EN.rtf -3.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ReadmeSSCE_ENU.htm -3.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\REDIST.TXT -3.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceca30.dll -3.3s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcecompact30.dll -3.3s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceer30EN.dll -3.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceme30.dll -3.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceoledb30.dll -3.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceqp30.dll -3.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcese30.dll -3.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\System.Data.SqlServerCe.dll -3.0s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\ -2.9s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\avgp -2.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\ -2.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\ -2.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\140d29af71fd910d.fb -2.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\1f7c4a5d1c659695.fb -2.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2562c70b510b2664.fb -2.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2e7bc8a83c73d615.fb -2.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\32d8e09b4ed76f86.fb -2.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\34c9ffe549bc9db1.fb -2.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\45ea5b065ea8d1e3.fb -2.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\50525eac9db0d399.fb -2.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5087aaac78c27919.fb -2.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5fff9999f4fc2383.fb -2.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\636daee6deb5bbc3.fb -2.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\6c97f95c1bfb33ec.fb -2.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\78ccf58f4871292c.fb -2.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\917cc4024410ac08.fb -2.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\b796870199d40fdf.fb -2.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c03e2376eabd4ba6.fb -2.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c71199748cf93508.fb -2.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\cf788bbaaecf01fb.fb -2.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\d3eaddb37c3b84d1.fb -2.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\facf079a7b504f42.fb -1.9s C:\zoek_backup\C_Windows_System32_mjcm\ -1.8s C:\zoek_backup\C_Windows_System32_mjcm\dnkt.exe -1.7s C:\zoek_backup\C_Windows_System32_mjcm\ImHttpComm.dll -1.7s C:\zoek_backup\C_Windows_System32_mjcm\msvcp100.dll -1.6s C:\zoek_backup\C_Windows_System32_mjcm\msvcr100.dll -1.5s C:\zoek_backup\C_Windows_System32_mjcm\5108\ -1.5s C:\zoek_backup\C_Windows_System32_mjcm\5108\ImHttpComm.dll -1.5s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcp100.dll -1.4s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcr100.dll -1.4s C:\zoek_backup\C_Windows_System32_mjcm\5108\nsib.dll -1.3s C:\zoek_backup\C_Windows_System32_mjcm\5113\ -1.3s C:\zoek_backup\C_Windows_System32_mjcm\5113\ImHttpComm.dll -1.2s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcp100.dll -1.2s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcr100.dll -1.1s C:\zoek_backup\C_Windows_System32_mjcm\5113\nsib.dll -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5119\ -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5119\ImHttpComm.dll -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcp100.dll -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcr100.dll -0.9s C:\zoek_backup\C_Windows_System32_mjcm\5119\nsib.dll -0.8s C:\zoek_backup\C_Windows_System32_mjcm\5123\ -0.8s C:\zoek_backup\C_Windows_System32_mjcm\5123\ImHttpComm.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcp100.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcr100.dll -0.6s C:\zoek_backup\C_Windows_System32_mjcm\5123\nsib.dll -0.5s C:\zoek_backup\C_Windows_System32_mjcm\5131\ -0.5s C:\zoek_backup\C_Windows_System32_mjcm\5131\ImHttpComm.dll -0.4s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcp100.dll -0.4s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcr100.dll -0.3s C:\zoek_backup\C_Windows_System32_mjcm\5131\nsib.dll -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5132\ -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5132\ImHttpComm.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcp100.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcr100.dll 0.0s C:\zoek_backup\C_Windows_System32_mjcm\5132\nsib.dll 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5141\ 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5141\ImHttpComm.dll 0.3s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcp100.dll 0.4s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcr100.dll 0.6s C:\zoek_backup\C_Windows_System32_mjcm\5141\nsib.dll 1.1s C:\zoek_backup\C_Windows_System32_mjcm\5143\ 1.1s C:\zoek_backup\C_Windows_System32_mjcm\5143\ImHttpComm.dll 1.2s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcp100.dll 1.2s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcr100.dll 1.3s C:\zoek_backup\C_Windows_System32_mjcm\5143\nsib.dll 1.5s C:\zoek_backup\C_Windows_System32_mjcm\5148\ 1.5s C:\zoek_backup\C_Windows_System32_mjcm\5148\ImHttpComm.dll 1.6s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcp100.dll 1.7s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcr100.dll 1.8s C:\zoek_backup\C_Windows_System32_mjcm\5148\nsib.dll 1.9s C:\zoek_backup\C_Windows_System32_mjcm\5152\ 1.9s C:\zoek_backup\C_Windows_System32_mjcm\5152\ImHttpComm.dll 1.9s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcp100.dll 2.0s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcr100.dll 2.0s C:\zoek_backup\C_Windows_System32_mjcm\5152\nsib.dll 2.2s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\ 2.2s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\Registry.pol 2.3s C:\zoek_backup\C_Windows_system32_GroupPolicy_User\ 2.4s C:\zoek_backup\C_Windows_System32_searchplugins\ 2.5s C:\zoek_backup\C_Windows_System32_Extensions\ 2.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_GoogleToolbarData\ 2.9s C:\zoek_backup\C_awh382F.tmp.vir 3.0s C:\zoek_backup\C_awh388D.tmp.vir 3.0s C:\zoek_backup\C_awh3B99.tmp.vir 3.0s C:\zoek_backup\C_awh3C54.tmp.vir 3.0s C:\zoek_backup\C_awh3F41.tmp.vir 3.0s C:\zoek_backup\C_awh3FFC.tmp.vir 3.0s C:\zoek_backup\C_awh40B7.tmp.vir 3.1s C:\zoek_backup\C_awh427B.tmp.vir 3.1s C:\zoek_backup\C_awh4559.tmp.vir 3.1s C:\zoek_backup\C_awh4817.tmp.vir 3.1s C:\zoek_backup\C_awh4845.tmp.vir 3.1s C:\zoek_backup\C_awh6E33.tmp.vir 3.2s C:\zoek_backup\C_awhAB4C.tmp.vir 3.2s C:\zoek_backup\C_user.js.vir 3.2s C:\zoek_backup\C_Users_robke_AppData_Roaming_WB.CFG.vir 3.2s C:\zoek_backup\C_Users_robke_AppData_LocalLow_SkwConfig.bin.vir 3.2s C:\zoek_backup\C_Windows_system32_GroupPolicy_gpt.ini.vir 3.9s C:\Windows\Prefetch\ATTRIB.EXE-A990CB86.pf 11.6s C:\Windows\Prefetch\NIRCMD.EXE-78840431.pf C:\zoek_backup\C_Windows_System32_mjcm\5141\nsib.dll -> Quarantined Size . . . . . . . : 1.778.480 bytes Age . . . . . . . : 1.7 days (2014-12-24 16:07:10) Entropy . . . . . : 6.7 SHA-256 . . . . . : BA995E8813BC7258DF07CFFFB85269BE28FFC70B68C96ED332E675E91C99012A RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:WebToolbar.Win32.Perinet.d Fuzzy . . . . . . : 101.0 Forensic Cluster -21.7s C:\Windows\Prefetch\SC.EXE-945D79AE.pf -21.4s C:\Windows\Prefetch\SWREG.EXE-27F27570.pf -5.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\ -5.3s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\ -5.3s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\bootstrap.js -5.2s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\chrome.manifest -5.2s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\install.rdf -5.2s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\ -5.2s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\bg.js -5.2s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\ -5.2s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\bootstrap.js -5.1s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\chrome.manifest -5.1s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\install.rdf -5.1s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\ -5.1s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\bg.js -5.1s C:\Windows\Prefetch\XCOPY.EXE-41E6513F.pf -5.1s C:\zoek_backup\restore.txt -5.1s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\ -4.9s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\background.html -4.9s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\content.js -4.9s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\lsdb.js -4.9s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\manifest.json -4.9s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\qWEqb.js -4.8s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\sqlite.js -4.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\ -4.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\deal4rreal.2.7.dat -4.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\ -4.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\AppetoU.2.7.dat -4.5s C:\zoek_backup\C_Users_robke_AppData_Local_1372\ -4.4s C:\zoek_backup\C_Users_robke_AppData_Local_1372\status.cfg -4.4s C:\zoek_backup\C_Users_robke_AppData_Local_1372\Updater.xml -4.3s C:\zoek_backup\C_PROGRA~2_AppetoU\ -4.2s C:\zoek_backup\C_PROGRA~2_AppetoU\a.dat -4.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\ -4.0s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ -4.0s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\EULA_EN.rtf -4.0s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ReadmeSSCE_ENU.htm -4.0s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\REDIST.TXT -4.0s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceca30.dll -3.9s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcecompact30.dll -3.9s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceer30EN.dll -3.8s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceme30.dll -3.8s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceoledb30.dll -3.8s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceqp30.dll -3.7s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcese30.dll -3.7s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\System.Data.SqlServerCe.dll -3.6s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\ -3.5s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\avgp -3.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\ -3.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\ -3.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\140d29af71fd910d.fb -3.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\1f7c4a5d1c659695.fb -3.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2562c70b510b2664.fb -3.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2e7bc8a83c73d615.fb -2.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\32d8e09b4ed76f86.fb -2.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\34c9ffe549bc9db1.fb -2.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\45ea5b065ea8d1e3.fb -2.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\50525eac9db0d399.fb -2.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5087aaac78c27919.fb -2.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5fff9999f4fc2383.fb -2.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\636daee6deb5bbc3.fb -2.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\6c97f95c1bfb33ec.fb -2.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\78ccf58f4871292c.fb -2.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\917cc4024410ac08.fb -2.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\b796870199d40fdf.fb -2.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c03e2376eabd4ba6.fb -2.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c71199748cf93508.fb -2.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\cf788bbaaecf01fb.fb -2.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\d3eaddb37c3b84d1.fb -2.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\facf079a7b504f42.fb -2.5s C:\zoek_backup\C_Windows_System32_mjcm\ -2.4s C:\zoek_backup\C_Windows_System32_mjcm\dnkt.exe -2.3s C:\zoek_backup\C_Windows_System32_mjcm\ImHttpComm.dll -2.2s C:\zoek_backup\C_Windows_System32_mjcm\msvcp100.dll -2.2s C:\zoek_backup\C_Windows_System32_mjcm\msvcr100.dll -2.1s C:\zoek_backup\C_Windows_System32_mjcm\5108\ -2.1s C:\zoek_backup\C_Windows_System32_mjcm\5108\ImHttpComm.dll -2.1s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcp100.dll -2.0s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcr100.dll -2.0s C:\zoek_backup\C_Windows_System32_mjcm\5108\nsib.dll -1.9s C:\zoek_backup\C_Windows_System32_mjcm\5113\ -1.9s C:\zoek_backup\C_Windows_System32_mjcm\5113\ImHttpComm.dll -1.8s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcp100.dll -1.8s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcr100.dll -1.7s C:\zoek_backup\C_Windows_System32_mjcm\5113\nsib.dll -1.6s C:\zoek_backup\C_Windows_System32_mjcm\5119\ -1.6s C:\zoek_backup\C_Windows_System32_mjcm\5119\ImHttpComm.dll -1.6s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcp100.dll -1.5s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcr100.dll -1.5s C:\zoek_backup\C_Windows_System32_mjcm\5119\nsib.dll -1.4s C:\zoek_backup\C_Windows_System32_mjcm\5123\ -1.4s C:\zoek_backup\C_Windows_System32_mjcm\5123\ImHttpComm.dll -1.3s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcp100.dll -1.2s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcr100.dll -1.2s C:\zoek_backup\C_Windows_System32_mjcm\5123\nsib.dll -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5131\ -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5131\ImHttpComm.dll -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcp100.dll -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcr100.dll -0.9s C:\zoek_backup\C_Windows_System32_mjcm\5131\nsib.dll -0.8s C:\zoek_backup\C_Windows_System32_mjcm\5132\ -0.8s C:\zoek_backup\C_Windows_System32_mjcm\5132\ImHttpComm.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcp100.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcr100.dll -0.6s C:\zoek_backup\C_Windows_System32_mjcm\5132\nsib.dll -0.5s C:\zoek_backup\C_Windows_System32_mjcm\5141\ -0.5s C:\zoek_backup\C_Windows_System32_mjcm\5141\ImHttpComm.dll -0.3s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcp100.dll -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcr100.dll 0.0s C:\zoek_backup\C_Windows_System32_mjcm\5141\nsib.dll 0.5s C:\zoek_backup\C_Windows_System32_mjcm\5143\ 0.5s C:\zoek_backup\C_Windows_System32_mjcm\5143\ImHttpComm.dll 0.6s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcp100.dll 0.6s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcr100.dll 0.7s C:\zoek_backup\C_Windows_System32_mjcm\5143\nsib.dll 0.9s C:\zoek_backup\C_Windows_System32_mjcm\5148\ 0.9s C:\zoek_backup\C_Windows_System32_mjcm\5148\ImHttpComm.dll 1.0s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcp100.dll 1.1s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcr100.dll 1.2s C:\zoek_backup\C_Windows_System32_mjcm\5148\nsib.dll 1.3s C:\zoek_backup\C_Windows_System32_mjcm\5152\ 1.3s C:\zoek_backup\C_Windows_System32_mjcm\5152\ImHttpComm.dll 1.3s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcp100.dll 1.4s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcr100.dll 1.4s C:\zoek_backup\C_Windows_System32_mjcm\5152\nsib.dll 1.6s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\ 1.7s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\Registry.pol 1.7s C:\zoek_backup\C_Windows_system32_GroupPolicy_User\ 1.8s C:\zoek_backup\C_Windows_System32_searchplugins\ 1.9s C:\zoek_backup\C_Windows_System32_Extensions\ 2.0s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_GoogleToolbarData\ 2.4s C:\zoek_backup\C_awh382F.tmp.vir 2.4s C:\zoek_backup\C_awh388D.tmp.vir 2.4s C:\zoek_backup\C_awh3B99.tmp.vir 2.4s C:\zoek_backup\C_awh3C54.tmp.vir 2.4s C:\zoek_backup\C_awh3F41.tmp.vir 2.4s C:\zoek_backup\C_awh3FFC.tmp.vir 2.4s C:\zoek_backup\C_awh40B7.tmp.vir 2.5s C:\zoek_backup\C_awh427B.tmp.vir 2.5s C:\zoek_backup\C_awh4559.tmp.vir 2.5s C:\zoek_backup\C_awh4817.tmp.vir 2.5s C:\zoek_backup\C_awh4845.tmp.vir 2.5s C:\zoek_backup\C_awh6E33.tmp.vir 2.6s C:\zoek_backup\C_awhAB4C.tmp.vir 2.6s C:\zoek_backup\C_user.js.vir 2.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_WB.CFG.vir 2.6s C:\zoek_backup\C_Users_robke_AppData_LocalLow_SkwConfig.bin.vir 2.6s C:\zoek_backup\C_Windows_system32_GroupPolicy_gpt.ini.vir 3.3s C:\Windows\Prefetch\ATTRIB.EXE-A990CB86.pf 11.0s C:\Windows\Prefetch\NIRCMD.EXE-78840431.pf C:\zoek_backup\C_Windows_System32_mjcm\5143\nsib.dll -> Quarantined Size . . . . . . . : 1.650.480 bytes Age . . . . . . . : 1.7 days (2014-12-24 16:07:11) Entropy . . . . . : 6.7 SHA-256 . . . . . : 6E63CC2CA23D721B963DEC3109D0215AF41868DA28670F43E5028EA8B36A8AA9 RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:WebToolbar.Win32.Perinet.d Fuzzy . . . . . . : 101.0 Forensic Cluster -22.4s C:\Windows\Prefetch\SC.EXE-945D79AE.pf -22.1s C:\Windows\Prefetch\SWREG.EXE-27F27570.pf -6.1s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\ -6.0s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\ -5.9s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\bootstrap.js -5.9s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\chrome.manifest -5.9s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\install.rdf -5.9s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\ -5.9s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\bg.js -5.9s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\ -5.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\bootstrap.js -5.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\chrome.manifest -5.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\install.rdf -5.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\ -5.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\bg.js -5.8s C:\Windows\Prefetch\XCOPY.EXE-41E6513F.pf -5.8s C:\zoek_backup\restore.txt -5.7s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\ -5.6s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\background.html -5.6s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\content.js -5.6s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\lsdb.js -5.6s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\manifest.json -5.5s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\qWEqb.js -5.5s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\sqlite.js -5.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\ -5.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\deal4rreal.2.7.dat -5.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\ -5.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\AppetoU.2.7.dat -5.1s C:\zoek_backup\C_Users_robke_AppData_Local_1372\ -5.0s C:\zoek_backup\C_Users_robke_AppData_Local_1372\status.cfg -5.0s C:\zoek_backup\C_Users_robke_AppData_Local_1372\Updater.xml -5.0s C:\zoek_backup\C_PROGRA~2_AppetoU\ -4.9s C:\zoek_backup\C_PROGRA~2_AppetoU\a.dat -4.8s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\ -4.7s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ -4.7s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\EULA_EN.rtf -4.7s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ReadmeSSCE_ENU.htm -4.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\REDIST.TXT -4.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceca30.dll -4.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcecompact30.dll -4.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceer30EN.dll -4.5s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceme30.dll -4.5s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceoledb30.dll -4.5s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceqp30.dll -4.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcese30.dll -4.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\System.Data.SqlServerCe.dll -4.3s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\ -4.2s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\avgp -3.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\ -3.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\ -3.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\140d29af71fd910d.fb -3.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\1f7c4a5d1c659695.fb -3.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2562c70b510b2664.fb -3.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2e7bc8a83c73d615.fb -3.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\32d8e09b4ed76f86.fb -3.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\34c9ffe549bc9db1.fb -3.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\45ea5b065ea8d1e3.fb -3.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\50525eac9db0d399.fb -3.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5087aaac78c27919.fb -3.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5fff9999f4fc2383.fb -3.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\636daee6deb5bbc3.fb -3.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\6c97f95c1bfb33ec.fb -3.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\78ccf58f4871292c.fb -3.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\917cc4024410ac08.fb -3.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\b796870199d40fdf.fb -3.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c03e2376eabd4ba6.fb -3.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c71199748cf93508.fb -3.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\cf788bbaaecf01fb.fb -3.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\d3eaddb37c3b84d1.fb -3.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\facf079a7b504f42.fb -3.2s C:\zoek_backup\C_Windows_System32_mjcm\ -3.1s C:\zoek_backup\C_Windows_System32_mjcm\dnkt.exe -3.0s C:\zoek_backup\C_Windows_System32_mjcm\ImHttpComm.dll -2.9s C:\zoek_backup\C_Windows_System32_mjcm\msvcp100.dll -2.9s C:\zoek_backup\C_Windows_System32_mjcm\msvcr100.dll -2.8s C:\zoek_backup\C_Windows_System32_mjcm\5108\ -2.8s C:\zoek_backup\C_Windows_System32_mjcm\5108\ImHttpComm.dll -2.8s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcp100.dll -2.7s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcr100.dll -2.6s C:\zoek_backup\C_Windows_System32_mjcm\5108\nsib.dll -2.5s C:\zoek_backup\C_Windows_System32_mjcm\5113\ -2.5s C:\zoek_backup\C_Windows_System32_mjcm\5113\ImHttpComm.dll -2.5s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcp100.dll -2.5s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcr100.dll -2.4s C:\zoek_backup\C_Windows_System32_mjcm\5113\nsib.dll -2.3s C:\zoek_backup\C_Windows_System32_mjcm\5119\ -2.3s C:\zoek_backup\C_Windows_System32_mjcm\5119\ImHttpComm.dll -2.3s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcp100.dll -2.2s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcr100.dll -2.2s C:\zoek_backup\C_Windows_System32_mjcm\5119\nsib.dll -2.1s C:\zoek_backup\C_Windows_System32_mjcm\5123\ -2.1s C:\zoek_backup\C_Windows_System32_mjcm\5123\ImHttpComm.dll -2.0s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcp100.dll -1.9s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcr100.dll -1.8s C:\zoek_backup\C_Windows_System32_mjcm\5123\nsib.dll -1.7s C:\zoek_backup\C_Windows_System32_mjcm\5131\ -1.7s C:\zoek_backup\C_Windows_System32_mjcm\5131\ImHttpComm.dll -1.7s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcp100.dll -1.6s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcr100.dll -1.6s C:\zoek_backup\C_Windows_System32_mjcm\5131\nsib.dll -1.5s C:\zoek_backup\C_Windows_System32_mjcm\5132\ -1.5s C:\zoek_backup\C_Windows_System32_mjcm\5132\ImHttpComm.dll -1.4s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcp100.dll -1.4s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcr100.dll -1.3s C:\zoek_backup\C_Windows_System32_mjcm\5132\nsib.dll -1.2s C:\zoek_backup\C_Windows_System32_mjcm\5141\ -1.2s C:\zoek_backup\C_Windows_System32_mjcm\5141\ImHttpComm.dll -1.0s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcp100.dll -0.9s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcr100.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5141\nsib.dll -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5143\ -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5143\ImHttpComm.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcp100.dll -0.0s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcr100.dll 0.0s C:\zoek_backup\C_Windows_System32_mjcm\5143\nsib.dll 0.2s C:\zoek_backup\C_Windows_System32_mjcm\5148\ 0.2s C:\zoek_backup\C_Windows_System32_mjcm\5148\ImHttpComm.dll 0.3s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcp100.dll 0.4s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcr100.dll 0.5s C:\zoek_backup\C_Windows_System32_mjcm\5148\nsib.dll 0.6s C:\zoek_backup\C_Windows_System32_mjcm\5152\ 0.6s C:\zoek_backup\C_Windows_System32_mjcm\5152\ImHttpComm.dll 0.6s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcp100.dll 0.7s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcr100.dll 0.7s C:\zoek_backup\C_Windows_System32_mjcm\5152\nsib.dll 0.9s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\ 1.0s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\Registry.pol 1.0s C:\zoek_backup\C_Windows_system32_GroupPolicy_User\ 1.1s C:\zoek_backup\C_Windows_System32_searchplugins\ 1.2s C:\zoek_backup\C_Windows_System32_Extensions\ 1.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_GoogleToolbarData\ 1.7s C:\zoek_backup\C_awh382F.tmp.vir 1.7s C:\zoek_backup\C_awh388D.tmp.vir 1.7s C:\zoek_backup\C_awh3B99.tmp.vir 1.7s C:\zoek_backup\C_awh3C54.tmp.vir 1.7s C:\zoek_backup\C_awh3F41.tmp.vir 1.7s C:\zoek_backup\C_awh3FFC.tmp.vir 1.8s C:\zoek_backup\C_awh40B7.tmp.vir 1.8s C:\zoek_backup\C_awh427B.tmp.vir 1.8s C:\zoek_backup\C_awh4559.tmp.vir 1.8s C:\zoek_backup\C_awh4817.tmp.vir 1.8s C:\zoek_backup\C_awh4845.tmp.vir 1.9s C:\zoek_backup\C_awh6E33.tmp.vir 1.9s C:\zoek_backup\C_awhAB4C.tmp.vir 1.9s C:\zoek_backup\C_user.js.vir 1.9s C:\zoek_backup\C_Users_robke_AppData_Roaming_WB.CFG.vir 1.9s C:\zoek_backup\C_Users_robke_AppData_LocalLow_SkwConfig.bin.vir 2.0s C:\zoek_backup\C_Windows_system32_GroupPolicy_gpt.ini.vir 2.6s C:\Windows\Prefetch\ATTRIB.EXE-A990CB86.pf 10.3s C:\Windows\Prefetch\NIRCMD.EXE-78840431.pf C:\zoek_backup\C_Windows_System32_mjcm\5148\nsib.dll -> Quarantined Size . . . . . . . : 1.675.568 bytes Age . . . . . . . : 1.7 days (2014-12-24 16:07:11) Entropy . . . . . : 6.7 SHA-256 . . . . . : 7537D0CA54DC4302881C4504BC1D9CA9A2CB3D38E9678C8102AE7A9848AFC7FF RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:WebToolbar.Win32.Perinet.d Fuzzy . . . . . . : 101.0 Forensic Cluster -22.9s C:\Windows\Prefetch\SC.EXE-945D79AE.pf -22.6s C:\Windows\Prefetch\SWREG.EXE-27F27570.pf -6.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\ -6.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\ -6.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\bootstrap.js -6.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\chrome.manifest -6.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\install.rdf -6.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\ -6.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\bg.js -6.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\ -6.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\bootstrap.js -6.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\chrome.manifest -6.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\install.rdf -6.3s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\ -6.3s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\bg.js -6.3s C:\Windows\Prefetch\XCOPY.EXE-41E6513F.pf -6.3s C:\zoek_backup\restore.txt -6.3s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\ -6.1s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\background.html -6.1s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\content.js -6.1s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\lsdb.js -6.1s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\manifest.json -6.1s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\qWEqb.js -6.0s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\sqlite.js -6.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\ -5.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\deal4rreal.2.7.dat -5.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\ -5.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\AppetoU.2.7.dat -5.7s C:\zoek_backup\C_Users_robke_AppData_Local_1372\ -5.6s C:\zoek_backup\C_Users_robke_AppData_Local_1372\status.cfg -5.6s C:\zoek_backup\C_Users_robke_AppData_Local_1372\Updater.xml -5.5s C:\zoek_backup\C_PROGRA~2_AppetoU\ -5.4s C:\zoek_backup\C_PROGRA~2_AppetoU\a.dat -5.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\ -5.3s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ -5.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\EULA_EN.rtf -5.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ReadmeSSCE_ENU.htm -5.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\REDIST.TXT -5.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceca30.dll -5.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcecompact30.dll -5.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceer30EN.dll -5.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceme30.dll -5.0s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceoledb30.dll -5.0s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceqp30.dll -4.9s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcese30.dll -4.9s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\System.Data.SqlServerCe.dll -4.8s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\ -4.7s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\avgp -4.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\ -4.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\ -4.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\140d29af71fd910d.fb -4.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\1f7c4a5d1c659695.fb -4.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2562c70b510b2664.fb -4.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2e7bc8a83c73d615.fb -4.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\32d8e09b4ed76f86.fb -4.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\34c9ffe549bc9db1.fb -4.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\45ea5b065ea8d1e3.fb -4.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\50525eac9db0d399.fb -4.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5087aaac78c27919.fb -4.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5fff9999f4fc2383.fb -4.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\636daee6deb5bbc3.fb -4.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\6c97f95c1bfb33ec.fb -4.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\78ccf58f4871292c.fb -4.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\917cc4024410ac08.fb -4.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\b796870199d40fdf.fb -4.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c03e2376eabd4ba6.fb -4.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c71199748cf93508.fb -4.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\cf788bbaaecf01fb.fb -4.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\d3eaddb37c3b84d1.fb -4.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\facf079a7b504f42.fb -3.7s C:\zoek_backup\C_Windows_System32_mjcm\ -3.6s C:\zoek_backup\C_Windows_System32_mjcm\dnkt.exe -3.5s C:\zoek_backup\C_Windows_System32_mjcm\ImHttpComm.dll -3.5s C:\zoek_backup\C_Windows_System32_mjcm\msvcp100.dll -3.4s C:\zoek_backup\C_Windows_System32_mjcm\msvcr100.dll -3.3s C:\zoek_backup\C_Windows_System32_mjcm\5108\ -3.3s C:\zoek_backup\C_Windows_System32_mjcm\5108\ImHttpComm.dll -3.3s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcp100.dll -3.2s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcr100.dll -3.2s C:\zoek_backup\C_Windows_System32_mjcm\5108\nsib.dll -3.1s C:\zoek_backup\C_Windows_System32_mjcm\5113\ -3.1s C:\zoek_backup\C_Windows_System32_mjcm\5113\ImHttpComm.dll -3.0s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcp100.dll -3.0s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcr100.dll -2.9s C:\zoek_backup\C_Windows_System32_mjcm\5113\nsib.dll -2.8s C:\zoek_backup\C_Windows_System32_mjcm\5119\ -2.8s C:\zoek_backup\C_Windows_System32_mjcm\5119\ImHttpComm.dll -2.8s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcp100.dll -2.8s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcr100.dll -2.7s C:\zoek_backup\C_Windows_System32_mjcm\5119\nsib.dll -2.6s C:\zoek_backup\C_Windows_System32_mjcm\5123\ -2.6s C:\zoek_backup\C_Windows_System32_mjcm\5123\ImHttpComm.dll -2.6s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcp100.dll -2.5s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcr100.dll -2.4s C:\zoek_backup\C_Windows_System32_mjcm\5123\nsib.dll -2.3s C:\zoek_backup\C_Windows_System32_mjcm\5131\ -2.3s C:\zoek_backup\C_Windows_System32_mjcm\5131\ImHttpComm.dll -2.2s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcp100.dll -2.2s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcr100.dll -2.1s C:\zoek_backup\C_Windows_System32_mjcm\5131\nsib.dll -2.0s C:\zoek_backup\C_Windows_System32_mjcm\5132\ -2.0s C:\zoek_backup\C_Windows_System32_mjcm\5132\ImHttpComm.dll -2.0s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcp100.dll -1.9s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcr100.dll -1.8s C:\zoek_backup\C_Windows_System32_mjcm\5132\nsib.dll -1.7s C:\zoek_backup\C_Windows_System32_mjcm\5141\ -1.7s C:\zoek_backup\C_Windows_System32_mjcm\5141\ImHttpComm.dll -1.5s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcp100.dll -1.4s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcr100.dll -1.2s C:\zoek_backup\C_Windows_System32_mjcm\5141\nsib.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5143\ -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5143\ImHttpComm.dll -0.6s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcp100.dll -0.6s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcr100.dll -0.5s C:\zoek_backup\C_Windows_System32_mjcm\5143\nsib.dll -0.3s C:\zoek_backup\C_Windows_System32_mjcm\5148\ -0.3s C:\zoek_backup\C_Windows_System32_mjcm\5148\ImHttpComm.dll -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcp100.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcr100.dll 0.0s C:\zoek_backup\C_Windows_System32_mjcm\5148\nsib.dll 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5152\ 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5152\ImHttpComm.dll 0.1s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcp100.dll 0.2s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcr100.dll 0.2s C:\zoek_backup\C_Windows_System32_mjcm\5152\nsib.dll 0.4s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\ 0.4s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\Registry.pol 0.5s C:\zoek_backup\C_Windows_system32_GroupPolicy_User\ 0.6s C:\zoek_backup\C_Windows_System32_searchplugins\ 0.7s C:\zoek_backup\C_Windows_System32_Extensions\ 0.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_GoogleToolbarData\ 1.1s C:\zoek_backup\C_awh382F.tmp.vir 1.2s C:\zoek_backup\C_awh388D.tmp.vir 1.2s C:\zoek_backup\C_awh3B99.tmp.vir 1.2s C:\zoek_backup\C_awh3C54.tmp.vir 1.2s C:\zoek_backup\C_awh3F41.tmp.vir 1.2s C:\zoek_backup\C_awh3FFC.tmp.vir 1.2s C:\zoek_backup\C_awh40B7.tmp.vir 1.2s C:\zoek_backup\C_awh427B.tmp.vir 1.3s C:\zoek_backup\C_awh4559.tmp.vir 1.3s C:\zoek_backup\C_awh4817.tmp.vir 1.3s C:\zoek_backup\C_awh4845.tmp.vir 1.3s C:\zoek_backup\C_awh6E33.tmp.vir 1.3s C:\zoek_backup\C_awhAB4C.tmp.vir 1.4s C:\zoek_backup\C_user.js.vir 1.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_WB.CFG.vir 1.4s C:\zoek_backup\C_Users_robke_AppData_LocalLow_SkwConfig.bin.vir 1.4s C:\zoek_backup\C_Windows_system32_GroupPolicy_gpt.ini.vir 2.1s C:\Windows\Prefetch\ATTRIB.EXE-A990CB86.pf 9.8s C:\Windows\Prefetch\NIRCMD.EXE-78840431.pf C:\zoek_backup\C_Windows_System32_mjcm\5152\nsib.dll -> Quarantined Size . . . . . . . : 1.710.384 bytes Age . . . . . . . : 1.7 days (2014-12-24 16:07:11) Entropy . . . . . : 6.7 SHA-256 . . . . . : 10ED8C75284DC51FAADA327E10C7B1FAEEB7F5D4AC5B9E3C654F9CF265B7EA95 RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:WebToolbar.Win32.Perinet.d Fuzzy . . . . . . : 101.0 Forensic Cluster -23.2s C:\Windows\Prefetch\SC.EXE-945D79AE.pf -22.8s C:\Windows\Prefetch\SWREG.EXE-27F27570.pf -6.9s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\ -6.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\ -6.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\bootstrap.js -6.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\chrome.manifest -6.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\install.rdf -6.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\ -6.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\bg.js -6.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\ -6.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\bootstrap.js -6.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\chrome.manifest -6.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\install.rdf -6.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\ -6.5s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\bg.js -6.5s C:\Windows\Prefetch\XCOPY.EXE-41E6513F.pf -6.5s C:\zoek_backup\restore.txt -6.5s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\ -6.4s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\background.html -6.3s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\content.js -6.3s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\lsdb.js -6.3s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\manifest.json -6.3s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\qWEqb.js -6.2s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\sqlite.js -6.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\ -6.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\deal4rreal.2.7.dat -6.0s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\ -5.9s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\AppetoU.2.7.dat -5.9s C:\zoek_backup\C_Users_robke_AppData_Local_1372\ -5.8s C:\zoek_backup\C_Users_robke_AppData_Local_1372\status.cfg -5.8s C:\zoek_backup\C_Users_robke_AppData_Local_1372\Updater.xml -5.7s C:\zoek_backup\C_PROGRA~2_AppetoU\ -5.6s C:\zoek_backup\C_PROGRA~2_AppetoU\a.dat -5.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\ -5.5s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ -5.5s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\EULA_EN.rtf -5.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ReadmeSSCE_ENU.htm -5.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\REDIST.TXT -5.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceca30.dll -5.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcecompact30.dll -5.3s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceer30EN.dll -5.3s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceme30.dll -5.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceoledb30.dll -5.2s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceqp30.dll -5.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcese30.dll -5.1s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\System.Data.SqlServerCe.dll -5.0s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\ -4.9s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\avgp -4.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\ -4.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\ -4.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\140d29af71fd910d.fb -4.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\1f7c4a5d1c659695.fb -4.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2562c70b510b2664.fb -4.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2e7bc8a83c73d615.fb -4.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\32d8e09b4ed76f86.fb -4.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\34c9ffe549bc9db1.fb -4.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\45ea5b065ea8d1e3.fb -4.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\50525eac9db0d399.fb -4.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5087aaac78c27919.fb -4.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5fff9999f4fc2383.fb -4.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\636daee6deb5bbc3.fb -4.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\6c97f95c1bfb33ec.fb -4.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\78ccf58f4871292c.fb -4.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\917cc4024410ac08.fb -4.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\b796870199d40fdf.fb -4.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c03e2376eabd4ba6.fb -4.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c71199748cf93508.fb -4.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\cf788bbaaecf01fb.fb -4.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\d3eaddb37c3b84d1.fb -4.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\facf079a7b504f42.fb -3.9s C:\zoek_backup\C_Windows_System32_mjcm\ -3.8s C:\zoek_backup\C_Windows_System32_mjcm\dnkt.exe -3.7s C:\zoek_backup\C_Windows_System32_mjcm\ImHttpComm.dll -3.7s C:\zoek_backup\C_Windows_System32_mjcm\msvcp100.dll -3.7s C:\zoek_backup\C_Windows_System32_mjcm\msvcr100.dll -3.6s C:\zoek_backup\C_Windows_System32_mjcm\5108\ -3.6s C:\zoek_backup\C_Windows_System32_mjcm\5108\ImHttpComm.dll -3.5s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcp100.dll -3.4s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcr100.dll -3.4s C:\zoek_backup\C_Windows_System32_mjcm\5108\nsib.dll -3.3s C:\zoek_backup\C_Windows_System32_mjcm\5113\ -3.3s C:\zoek_backup\C_Windows_System32_mjcm\5113\ImHttpComm.dll -3.3s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcp100.dll -3.2s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcr100.dll -3.2s C:\zoek_backup\C_Windows_System32_mjcm\5113\nsib.dll -3.1s C:\zoek_backup\C_Windows_System32_mjcm\5119\ -3.1s C:\zoek_backup\C_Windows_System32_mjcm\5119\ImHttpComm.dll -3.0s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcp100.dll -3.0s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcr100.dll -2.9s C:\zoek_backup\C_Windows_System32_mjcm\5119\nsib.dll -2.8s C:\zoek_backup\C_Windows_System32_mjcm\5123\ -2.8s C:\zoek_backup\C_Windows_System32_mjcm\5123\ImHttpComm.dll -2.8s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcp100.dll -2.7s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcr100.dll -2.6s C:\zoek_backup\C_Windows_System32_mjcm\5123\nsib.dll -2.5s C:\zoek_backup\C_Windows_System32_mjcm\5131\ -2.5s C:\zoek_backup\C_Windows_System32_mjcm\5131\ImHttpComm.dll -2.4s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcp100.dll -2.4s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcr100.dll -2.3s C:\zoek_backup\C_Windows_System32_mjcm\5131\nsib.dll -2.2s C:\zoek_backup\C_Windows_System32_mjcm\5132\ -2.2s C:\zoek_backup\C_Windows_System32_mjcm\5132\ImHttpComm.dll -2.2s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcp100.dll -2.1s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcr100.dll -2.0s C:\zoek_backup\C_Windows_System32_mjcm\5132\nsib.dll -1.9s C:\zoek_backup\C_Windows_System32_mjcm\5141\ -1.9s C:\zoek_backup\C_Windows_System32_mjcm\5141\ImHttpComm.dll -1.7s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcp100.dll -1.6s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcr100.dll -1.4s C:\zoek_backup\C_Windows_System32_mjcm\5141\nsib.dll -0.9s C:\zoek_backup\C_Windows_System32_mjcm\5143\ -0.9s C:\zoek_backup\C_Windows_System32_mjcm\5143\ImHttpComm.dll -0.9s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcp100.dll -0.8s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcr100.dll -0.7s C:\zoek_backup\C_Windows_System32_mjcm\5143\nsib.dll -0.6s C:\zoek_backup\C_Windows_System32_mjcm\5148\ -0.6s C:\zoek_backup\C_Windows_System32_mjcm\5148\ImHttpComm.dll -0.4s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcp100.dll -0.3s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcr100.dll -0.2s C:\zoek_backup\C_Windows_System32_mjcm\5148\nsib.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5152\ -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5152\ImHttpComm.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcp100.dll -0.1s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcr100.dll 0.0s C:\zoek_backup\C_Windows_System32_mjcm\5152\nsib.dll 0.1s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\ 0.2s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\Registry.pol 0.3s C:\zoek_backup\C_Windows_system32_GroupPolicy_User\ 0.4s C:\zoek_backup\C_Windows_System32_searchplugins\ 0.5s C:\zoek_backup\C_Windows_System32_Extensions\ 0.6s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_GoogleToolbarData\ 0.9s C:\zoek_backup\C_awh382F.tmp.vir 0.9s C:\zoek_backup\C_awh388D.tmp.vir 1.0s C:\zoek_backup\C_awh3B99.tmp.vir 1.0s C:\zoek_backup\C_awh3C54.tmp.vir 1.0s C:\zoek_backup\C_awh3F41.tmp.vir 1.0s C:\zoek_backup\C_awh3FFC.tmp.vir 1.0s C:\zoek_backup\C_awh40B7.tmp.vir 1.0s C:\zoek_backup\C_awh427B.tmp.vir 1.1s C:\zoek_backup\C_awh4559.tmp.vir 1.1s C:\zoek_backup\C_awh4817.tmp.vir 1.1s C:\zoek_backup\C_awh4845.tmp.vir 1.1s C:\zoek_backup\C_awh6E33.tmp.vir 1.1s C:\zoek_backup\C_awhAB4C.tmp.vir 1.1s C:\zoek_backup\C_user.js.vir 1.2s C:\zoek_backup\C_Users_robke_AppData_Roaming_WB.CFG.vir 1.2s C:\zoek_backup\C_Users_robke_AppData_LocalLow_SkwConfig.bin.vir 1.2s C:\zoek_backup\C_Windows_system32_GroupPolicy_gpt.ini.vir 1.8s C:\Windows\Prefetch\ATTRIB.EXE-A990CB86.pf 9.6s C:\Windows\Prefetch\NIRCMD.EXE-78840431.pf C:\zoek_backup\C_Windows_System32_mjcm\dnkt.exe -> Quarantined Size . . . . . . . : 781.616 bytes Age . . . . . . . : 1.7 days (2014-12-24 16:07:08) Entropy . . . . . : 6.6 SHA-256 . . . . . : 451678E20EA0B705A7310DDF20D168317E382A2E71B5DBD9F0BC65FDE2F0EC4E RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:WebToolbar.Win32.Perinet.d Fuzzy . . . . . . : 101.0 Forensic Cluster -19.3s C:\Windows\Prefetch\SC.EXE-945D79AE.pf -19.0s C:\Windows\Prefetch\SWREG.EXE-27F27570.pf -3.0s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\ -2.9s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\ -2.9s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\bootstrap.js -2.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\chrome.manifest -2.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\install.rdf -2.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\ -2.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\hp-6oo@oeaarmbg-rhle.net\content\bg.js -2.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\ -2.8s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\bootstrap.js -2.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\chrome.manifest -2.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\install.rdf -2.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\ -2.7s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_extensions_staged\yyoe3aj@ueiy-ap.net\content\bg.js -2.7s C:\Windows\Prefetch\XCOPY.EXE-41E6513F.pf -2.7s C:\zoek_backup\restore.txt -2.7s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\ -2.5s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\background.html -2.5s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\content.js -2.5s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\lsdb.js -2.5s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\manifest.json -2.4s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\qWEqb.js -2.4s C:\zoek_backup\C_PROGRA~2_jdgnchnnnoafblkkfljbcbepoiddljhc\sqlite.js -2.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\ -2.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{0E8C7A61-D448-4C7D-7DDD-9B8925F2C217}\deal4rreal.2.7.dat -2.2s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\ -2.1s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_{BDC3570D-C78C-6F18-705D-553B87AF548B}\AppetoU.2.7.dat -2.1s C:\zoek_backup\C_Users_robke_AppData_Local_1372\ -2.0s C:\zoek_backup\C_Users_robke_AppData_Local_1372\status.cfg -2.0s C:\zoek_backup\C_Users_robke_AppData_Local_1372\Updater.xml -1.9s C:\zoek_backup\C_PROGRA~2_AppetoU\ -1.8s C:\zoek_backup\C_PROGRA~2_AppetoU\a.dat -1.7s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\ -1.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ -1.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\EULA_EN.rtf -1.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\ReadmeSSCE_ENU.htm -1.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\REDIST.TXT -1.6s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceca30.dll -1.5s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcecompact30.dll -1.5s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceer30EN.dll -1.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceme30.dll -1.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceoledb30.dll -1.4s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlceqp30.dll -1.3s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\sqlcese30.dll -1.3s C:\zoek_backup\C_Program Files_Microsoft SQL Server Compact Edition\v3.1\System.Data.SqlServerCe.dll -1.2s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\ -1.1s C:\zoek_backup\C_Users_robke_AppData_Local_avgchrome\avgp -0.8s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\ -0.7s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\ -0.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\140d29af71fd910d.fb -0.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\1f7c4a5d1c659695.fb -0.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2562c70b510b2664.fb -0.6s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\2e7bc8a83c73d615.fb -0.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\32d8e09b4ed76f86.fb -0.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\34c9ffe549bc9db1.fb -0.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\45ea5b065ea8d1e3.fb -0.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\50525eac9db0d399.fb -0.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5087aaac78c27919.fb -0.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\5fff9999f4fc2383.fb -0.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\636daee6deb5bbc3.fb -0.5s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\6c97f95c1bfb33ec.fb -0.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\78ccf58f4871292c.fb -0.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\917cc4024410ac08.fb -0.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\b796870199d40fdf.fb -0.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c03e2376eabd4ba6.fb -0.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\c71199748cf93508.fb -0.4s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\cf788bbaaecf01fb.fb -0.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\d3eaddb37c3b84d1.fb -0.3s C:\zoek_backup\C_Windows_system32_config_systemprofile_AppData_LocalLow_AVG Nation toolbar\cache\facf079a7b504f42.fb -0.1s C:\zoek_backup\C_Windows_System32_mjcm\ 0.0s C:\zoek_backup\C_Windows_System32_mjcm\dnkt.exe 0.1s C:\zoek_backup\C_Windows_System32_mjcm\ImHttpComm.dll 0.2s C:\zoek_backup\C_Windows_System32_mjcm\msvcp100.dll 0.2s C:\zoek_backup\C_Windows_System32_mjcm\msvcr100.dll 0.3s C:\zoek_backup\C_Windows_System32_mjcm\5108\ 0.3s C:\zoek_backup\C_Windows_System32_mjcm\5108\ImHttpComm.dll 0.3s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcp100.dll 0.4s C:\zoek_backup\C_Windows_System32_mjcm\5108\msvcr100.dll 0.5s C:\zoek_backup\C_Windows_System32_mjcm\5108\nsib.dll 0.5s C:\zoek_backup\C_Windows_System32_mjcm\5113\ 0.5s C:\zoek_backup\C_Windows_System32_mjcm\5113\ImHttpComm.dll 0.6s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcp100.dll 0.6s C:\zoek_backup\C_Windows_System32_mjcm\5113\msvcr100.dll 0.7s C:\zoek_backup\C_Windows_System32_mjcm\5113\nsib.dll 0.8s C:\zoek_backup\C_Windows_System32_mjcm\5119\ 0.8s C:\zoek_backup\C_Windows_System32_mjcm\5119\ImHttpComm.dll 0.8s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcp100.dll 0.9s C:\zoek_backup\C_Windows_System32_mjcm\5119\msvcr100.dll 0.9s C:\zoek_backup\C_Windows_System32_mjcm\5119\nsib.dll 1.0s C:\zoek_backup\C_Windows_System32_mjcm\5123\ 1.0s C:\zoek_backup\C_Windows_System32_mjcm\5123\ImHttpComm.dll 1.1s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcp100.dll 1.2s C:\zoek_backup\C_Windows_System32_mjcm\5123\msvcr100.dll 1.2s C:\zoek_backup\C_Windows_System32_mjcm\5123\nsib.dll 1.4s C:\zoek_backup\C_Windows_System32_mjcm\5131\ 1.4s C:\zoek_backup\C_Windows_System32_mjcm\5131\ImHttpComm.dll 1.4s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcp100.dll 1.5s C:\zoek_backup\C_Windows_System32_mjcm\5131\msvcr100.dll 1.5s C:\zoek_backup\C_Windows_System32_mjcm\5131\nsib.dll 1.6s C:\zoek_backup\C_Windows_System32_mjcm\5132\ 1.6s C:\zoek_backup\C_Windows_System32_mjcm\5132\ImHttpComm.dll 1.7s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcp100.dll 1.7s C:\zoek_backup\C_Windows_System32_mjcm\5132\msvcr100.dll 1.8s C:\zoek_backup\C_Windows_System32_mjcm\5132\nsib.dll 1.9s C:\zoek_backup\C_Windows_System32_mjcm\5141\ 1.9s C:\zoek_backup\C_Windows_System32_mjcm\5141\ImHttpComm.dll 2.1s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcp100.dll 2.2s C:\zoek_backup\C_Windows_System32_mjcm\5141\msvcr100.dll 2.4s C:\zoek_backup\C_Windows_System32_mjcm\5141\nsib.dll 2.9s C:\zoek_backup\C_Windows_System32_mjcm\5143\ 2.9s C:\zoek_backup\C_Windows_System32_mjcm\5143\ImHttpComm.dll 3.0s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcp100.dll 3.0s C:\zoek_backup\C_Windows_System32_mjcm\5143\msvcr100.dll 3.1s C:\zoek_backup\C_Windows_System32_mjcm\5143\nsib.dll 3.3s C:\zoek_backup\C_Windows_System32_mjcm\5148\ 3.3s C:\zoek_backup\C_Windows_System32_mjcm\5148\ImHttpComm.dll 3.4s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcp100.dll 3.5s C:\zoek_backup\C_Windows_System32_mjcm\5148\msvcr100.dll 3.6s C:\zoek_backup\C_Windows_System32_mjcm\5148\nsib.dll 3.7s C:\zoek_backup\C_Windows_System32_mjcm\5152\ 3.7s C:\zoek_backup\C_Windows_System32_mjcm\5152\ImHttpComm.dll 3.7s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcp100.dll 3.8s C:\zoek_backup\C_Windows_System32_mjcm\5152\msvcr100.dll 3.8s C:\zoek_backup\C_Windows_System32_mjcm\5152\nsib.dll 4.0s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\ 4.1s C:\zoek_backup\C_Windows_system32_GroupPolicy_Machine\Registry.pol 4.1s C:\zoek_backup\C_Windows_system32_GroupPolicy_User\ 4.2s C:\zoek_backup\C_Windows_System32_searchplugins\ 4.3s C:\zoek_backup\C_Windows_System32_Extensions\ 4.4s C:\zoek_backup\C_Users_robke_AppData_Roaming_Mozilla_Firefox_Profiles_yr4xnxgp.default_GoogleToolbarData\ 4.8s C:\zoek_backup\C_awh382F.tmp.vir 4.8s C:\zoek_backup\C_awh388D.tmp.vir 4.8s C:\zoek_backup\C_awh3B99.tmp.vir 4.8s C:\zoek_backup\C_awh3C54.tmp.vir 4.8s C:\zoek_backup\C_awh3F41.tmp.vir 4.8s C:\zoek_backup\C_awh3FFC.tmp.vir 4.9s C:\zoek_backup\C_awh40B7.tmp.vir 4.9s C:\zoek_backup\C_awh427B.tmp.vir 4.9s C:\zoek_backup\C_awh4559.tmp.vir 4.9s C:\zoek_backup\C_awh4817.tmp.vir 4.9s C:\zoek_backup\C_awh4845.tmp.vir 4.9s C:\zoek_backup\C_awh6E33.tmp.vir 5.0s C:\zoek_backup\C_awhAB4C.tmp.vir 5.0s C:\zoek_backup\C_user.js.vir 5.0s C:\zoek_backup\C_Users_robke_AppData_Roaming_WB.CFG.vir 5.0s C:\zoek_backup\C_Users_robke_AppData_LocalLow_SkwConfig.bin.vir 5.0s C:\zoek_backup\C_Windows_system32_GroupPolicy_gpt.ini.vir 5.7s C:\Windows\Prefetch\ATTRIB.EXE-A990CB86.pf 13.4s C:\Windows\Prefetch\NIRCMD.EXE-78840431.pf Cookies _____________________________________________________________________ C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com [/code]