ComboFix 14-05-19.01 - Bennink 20-05-2014  16:09:26.1.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.31.1043.18.3070.2246 [GMT 2:00]
Gestart vanuit: c:\users\Bennink\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWXD1FER\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Nieuw herstelpunt werd aangemaakt
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\FF5D531C50.sys
c:\windows\IsUn0407.exe
c:\windows\unin0413.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Run
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2014-04-20 to 2014-05-20  ))))))))))))))))))))))))))))))
.
.
2014-05-20 14:31 . 2014-05-20 15:37	--------	d-----w-	c:\users\Bennink\AppData\Local\temp
2014-05-20 14:31 . 2014-05-20 14:31	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-17 12:58 . 2010-08-30 06:34	536576	----a-w-	c:\windows\system32\sqlite3.dll
2014-05-17 12:57 . 2014-05-17 12:58	--------	d-----w-	C:\AdwCleaner
2014-05-17 00:19 . 2014-05-17 00:19	--------	d-----w-	c:\program files\SEGA
2014-05-16 13:18 . 2014-05-16 13:01	24064	----a-w-	c:\windows\zoek-delete.exe
2014-05-15 14:32 . 2014-05-16 13:14	--------	d-----w-	C:\zoek_backup
2014-05-14 18:54 . 2014-05-14 18:55	--------	d-----w-	c:\program files\trend micro
2014-05-14 18:54 . 2014-05-14 18:55	--------	d-----w-	C:\rsit
2014-05-12 21:51 . 2014-05-12 21:51	--------	d-----w-	c:\users\Bennink\AppData\Local\Macromedia
2014-05-12 21:49 . 2014-05-12 21:49	--------	d-----w-	c:\users\Bennink\AppData\Local\Mozilla
2014-05-12 21:49 . 2014-05-12 21:49	--------	d-----w-	c:\program files\Mozilla Maintenance Service
2014-05-09 00:00 . 2014-05-09 00:05	--------	d-----w-	C:\Games
2014-05-08 23:53 . 2014-05-08 23:53	--------	d-----w-	c:\program files\Goat Simulator
2014-04-22 12:59 . 2014-04-22 13:03	--------	d-----w-	c:\windows\system\KEEPER
2014-04-22 12:39 . 2014-04-22 12:39	--------	d-----w-	c:\users\Bennink\AppData\Local\DOSBox
2014-04-22 12:39 . 2014-04-22 16:19	--------	d-----w-	c:\program files\DOSBox-0.74
2014-04-22 12:10 . 2014-04-22 12:10	--------	d-----w-	c:\program files\Bullfrog
2014-04-22 12:06 . 1996-01-09 10:38	283648	----a-w-	c:\windows\uninst.exe
2014-04-22 11:56 . 2014-04-22 11:56	--------	d-----w-	c:\users\Bennink\AppData\Roaming\AVAST Software
2014-04-22 11:55 . 2014-05-15 14:36	777488	----a-w-	c:\windows\system32\drivers\aswsnx.sys
2014-04-22 11:55 . 2014-05-15 14:36	411680	----a-w-	c:\windows\system32\drivers\aswsp.sys
2014-04-22 11:55 . 2014-04-22 11:54	57672	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2014-04-22 11:55 . 2014-04-22 11:54	49944	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-04-22 11:55 . 2014-04-22 11:54	180632	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-04-22 11:55 . 2014-04-22 11:54	67824	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-04-22 11:55 . 2014-04-22 11:54	24184	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2014-04-22 11:54 . 2014-05-15 14:36	54832	----a-w-	c:\windows\system32\drivers\aswrdr.sys
2014-04-22 11:54 . 2014-04-22 11:54	26136	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2014-04-22 11:54 . 2014-04-22 11:54	271264	----a-w-	c:\windows\system32\aswBoot.exe
2014-04-22 11:54 . 2014-04-22 11:54	43152	----a-w-	c:\windows\avastSS.scr
2014-04-22 11:48 . 2014-04-22 11:48	--------	d-----w-	c:\program files\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-13 22:37 . 2013-05-01 17:20	70832	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-13 22:37 . 2013-05-01 17:20	692400	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2014-05-13 22:37 . 2014-03-12 15:37	17938608	----a-w-	c:\windows\system32\FlashPlayerInstaller.exe
2014-04-22 11:54 . 2014-04-22 11:55	776976	----a-w-	c:\windows\system32\drivers\aswsnx.sys.1400164575582
2014-04-22 11:54 . 2014-04-22 11:54	54832	----a-w-	c:\windows\system32\drivers\aswrdr.sys.1400164575582
2009-12-06 09:18	26624	--sh--w-	c:\windows\bfcs2.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-22 11:54	260976	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files\ATI Technologies\HydraVision\HydraDM.exe" [2013-03-28 389120]
"BitTorrent"="c:\users\Bennink\AppData\Roaming\BitTorrent\BitTorrent.exe" [2014-05-10 1238864]
"Akamai NetSession Interface"="c:\users\Bennink\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2013-05-01 438272]
"DAEMON Tools Ultra Agent"="c:\program files\DAEMON Tools Ultra\DTAgent.exe" [2013-05-23 3123744]
"Spotify Web Helper"="c:\users\Bennink\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-10-23 1140736]
"Spotify"="c:\users\Bennink\AppData\Roaming\Spotify\spotify.exe" [2013-10-23 4752384]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-04-19 18678376]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2013-05-13 3093624]
"MurGee.com Auto Clicker"="c:\users\Bennink\AppData\Local\Auto Clicker\AutoClicker.exe" [2014-03-11 100728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" [2013-12-06 747264]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
"Aeria Ignite"="c:\program files\Aeria Games\Ignite\aeriaignite.exe" [2013-06-06 1925656]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-22 3873704]
.
c:\users\Bennink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"301548880"= 504b0304ce5eec795045f9114d07000000300000e269f63d73594f6202c9694280cc96a28bbd63516fd3c2d5f7a2ff87ac3a990c3ec3b2ed7b07716237a0dfb1dfb651f67e31cb2e7649f98d5e55e9b25b1a579794989b176c357bdcc11226bd6ecb7de8a63ea216ab2a6f3bd651da5faa614c3ba48e87cc21c53a1354637b181014af26c92a0adbd1208eb42d8b55201d9d7b98423e41af179ddebe3ef4931015a2fc7b58a77630d30af187efca692a305fca408b0f84a60a0242fe94cf438cb216c9ad12c3969908df6593a382ef2f1fb27a6747d5e0867a216af309d7e397c00933f25264653e8824f1dfa27db2ec64c86f7403dd00d7db84bdd336e4f6ac5c84480b88d554e4a12fbf8d0b1e17061aadf7fa3ebe3e66f6e5193dd47dbe4b6fa2b5f36978356b8ec3fb66fcef4d7e5dd575dab2ed92efb281edf5083fba9393c06bed52f2a0bf7024b8f3ee5fa6e58247a1872dcf32345cc268be7090fc8bca9031ce0eb9835e98cc5da0ddb58b2aa38881d3b649600449633a0d1ea900691ffd79c68431a4a801fd923f9464b2cd1d7cf271b49db22b64bea8d763d7ed10441db4af5af2f14b3e2625806b35dc1e3370e7c9d948450ff997c32b477e51f3503508a858988495c1577c9c771f422ca4a3a34fc40202cab3ec70b9861a4c090fc11b8b97f2eb97c8e63d924903dc305a23c5af9ea18a5b5f2d31b3c93456598012280033381391f3714e6be80461f80a63a2b66a8c624a42d13b0d94d2a552018c2a92a847cb3d063165a6a65a3f6544c3e4eb3745828289dfe27f1709125c65538129efefd347436ec0e568af39425be10bab7d777d5c405b5e9f2a204c189d040050e7dbd8aae22d251c041b5ead104e43a5ec430568d8fa7123096ee44be719039204a44f19c41615dfef33586da39ac570127c6f6a6c593c105dd159f1fe27f684fe31d12e9d141ebbb9bccf1b9e4c709ec75bfdb65f65f59a61ec7f1281e74299e363b0c0b48f5c68b005479c7212b276c937f6e50086ff9fa01aeb3174439c531478633f9bb9710924b2445de3f019b959f073829327e6ec21810d0f75bb04b58e08e3cd2f76208402cc78a1baafee71dc5cd48116fdb03a45d03189b3f41b12430cf44702588cc854a2c01a4c46e0ea07fef803bd82a14f6118c1e15e1a6f3138bbe12b6fa9d040f35381380ab91715090c941ed1168429137b9bdfa5eb1933b2fc172df71dbb33693373709b05c504a50dda99cf6059f54d9bc8b3d578ca2507d1ab9c0331e8b11aa786a465722ef9b10824aecfc7972b670176153ee0342f14247363127c36a946a57610682f9c8294d14f9c11f6b8638510da26e64c255907262fd6b8699c23a4b817ba820461557a935f4f953183050c119291b573f483d4f23e4a76c34f3bd83ec3f4bd0e0af0c336982df6aa91d1f394a713b3f52fdd1a9c1f84bd764805d2b671500addd862b5fd461ca270fc2cebdc60cf12484818177f457e001042a034767f87c0f0f4e3bb561a405e839b327842e9a0902799efaf53ee7aa46f004df217838d944e4908d11c26191832c5bb5a32b62f64821f721538d361a6d2cf2dd96793005522b34f90b1d32e3120450827d3961c3c42cb618651ea41f727454047f1ba936fee2ef93b921add680c1b6888e93faa225b2dbba9265643860ab105ebfd430b381f0903825b75ede1d60bbc286d468bd031a0ad6f5c3bf6f0b92b17a41851fc3fb43773d51a7e07f46a95cced70778a8b5d3cc463242ebd0fe0f63e46f7934c48f27cae082b59476384482044b29e37c8cb1f39baf0d8ee95133c2340205f9daf18b2f9bd64f94bcc83987721b96451f4d8d83e71c916780cfbdb9f03b44dcb380b1a2e0da69ad52ce9c6c7afff2dd41b41c50c3e590bf830458a1fb3c4debf4e43aafd18e6a32cd7bf7aceaae18928629291820cd84f61a8cda2ddcc38a7fc3cda32d6580a36b92a668090931f54b28516eb6014d2e1ff2cb4d48d8cb17bd1e023d78ceeb25e9477205d8ab3501960dca31f1e521a3b35e20f95edc6d5c5806d784c118392608b2ff083a1d338d3266d60d0476c1cce2e7424ed2957529c4a49d5642b1400efe3550f5fad307a9bbb05b3b521b2430add241acb8e6726f03ebf803016643da16571c379841ed7bbef2dace29ae310fb921b7f662ae27dc7f3910a431144f0c14e35a72023a517510320e1b42d942736f05f9899566e8bce12bdda8ac87672e32fa899d56374cf9c2b11e1c1a6aec317965d467ea6f2d0e1a85d91e1ad6d8e6c00df00df68aa0e2cfdd0c85e85a0d5d832f917a4f21480294879e17641e9d752ea256d45f9168c612fc8f34052a9fd080c6a3302c77c558c7ce415d3436477694bd80c428ff160516271e44372e923d2432b8710a8a514fa30066bd5555d64e576be5a823407623749651380c5ce859b6f090a686155a2f2fd804af3bb7fd1ad171205233fa1047842804daf24d99bd0c371cfdfd2223a64d6f1f2af995240df3d62a7172ac416a980ee43ed005282243ce5a48d174192da3f0d1faacc4135685bc5e55afd4e56b03244213a492f88ea0b4a0e8342ecb2635698f193b44a5d16fb7c14fd6e2b41f319d0083cbfd22b0b1c3e193f9a62909ec6e7293ea9707c170a0441150d248a46bc1c
"3212083974"= 504b0304c239b7f8068374bfb511000000400000e269f63d73594f6202c9694280cc96a28bbd63516fe3c2d5f7a2ff87ac3a990c3ec3b2ed7b07716237a0dfb1dfb651f67e31cb2e7649f98d5e55e9b25b1a579794989b176c357bdcc11226bd6ecb7de8a63ea2165f6b31ead6b0a2a96a6e9d04b9b39f194ef52d48b088d4b6597f685a70ff6912914f86d8235681747da26cfd83223d3d248872c51095484634ebf976e4595f734bd35caf42b38dcf9e878af0be0a5e84b22940f721e8bbcdcbaa3e53607359252db16c0d6c38a142261bb4896d12a48c006cc3c21fdf717c155b2af0375d2545ee286c2aecb2955206ef25c82dc686f7eb83bb3072e94e1e59254b11a2e3628e1d98e177375b54e682a1c77f986e1907ffcb784accacb124189751d7ebbafc91d3a127f134a85e27f8c201d9082f621f5fffac09d2aab94a62f90bd74d6c96a8db6d42e4e98316449d202a4e24857673e2a50b7dfd9d5af72a21a19a922acc9675ba933a1c6ad4e0a11470fbb82eed7a79c5ca2dbb0bec5b2b43baa37373d3ef494726d7cf4a4aa8a3d6a5c206ced49148c0100bfa96b707be91b855151d8da8e0723dd1303325011b3951c9df7b10e9b153bced98376c4d7517f2e0e23a986914b2b0f978454441c47b5797d924ce9cd186d74d308099ee52f226e92de6b50e4a0691f75cfa9ce733494b8cafaeb4be4c65f6c9dffa34a3c2ed9d14f5844164be79b7a90495290350177b03aefa777ff519b624e3c75c219260ac447bba9a6db56f34b340a5f75837fab3c33831a3bc39c2914aeb87a39545bd7ed52450eb7e94d5380e2babce3f8ee6e3cdc9d4ed54d9889d9dbd0dc879caa2b121048a308a7f873252dad24ea8f8911ea0a3b202de930a9fc882cf1349ffe229016b2ebfd7821b8986d31deccbc296ba54fd6d864c915f1d77ac0734d96fe0ba43a669fab128026c7f90e9e1e0a7047f5a2378e4de0966eb6c217b3483194b2b21a3fa8a1cbef1d66a3fc8a5c863bcea6157981a11449bae3357f3287501cb9c24e0afb156f5ddfd6855cd8b7b43feabd9412c1c208b5de2330c469a59de5b490cc06bfd5a4900cb121eb967bc7185a9f00112a5b1e8d8028ca02b0f2b194af03cc1e172b70c9b88643e3c064b5406cf184ad9eba26736ef6feb30dac8ba400933a32a3c03230bd732fcbe16c4b3bdcc0b501616ce956d968b8da68b4a9a64238601e81e78095961580431361a4dd9fe963d3ceba5c21bba416c1cc9d94bb842c25b2fd12c8bf42c35948272965a3fecf6e9b92d32d7e84a402a0b6214a412a23427e4852ce607fd9f7ff8559bbb96a9ae577df0c19d108587d372470be0d3e27ed61feb442c2d65e55bac81c2786cf6b837eebc1b5af35634b29fd5d96347b5f9c747c8a9a83e7cb3c188d9042f08fbd4edeebd65de7c04b275b7fd74067a0ae3033752aa55a45a05355811416ea4a5101511e99305b700bd44742cbd6a9272b5cf4001505c4057866b57e4de5ef0ee9f88b41986a80119c962594972011fc0c39b4a74b74747f5116d896a0ebcbb4387685672899af54b80ae07008971ea1c997a898e33aab769e4e52fbbec97ebf199ce76454badbd4eab272f1d1caabb3b49b3aafc1e67d09ee8feb0580e414eb45f3f0c25fe88872312fec2341e7a6100b2e04ed25fce13a146098dce98446b2f3875ecb269a886795698619d337da612f19bf8d4fe3028e79a26548128d1595af0bf98ff320dc73d873f05ebd07c87cae28df067c00de3e53cc77e801e1304192ca7bf78ab28db40564328a108f9f0ddd8e1b0baeccf16bf1deb3cc5c4b5f5140f6b8a256e9128c203418aa3d93e3f08078977667dc02d830bb6869de92f29a65ac6d2689d0a5a90887a8643119dc9a68b5b00bd59d45da9d7ed5dae6ee6da6119243f77f51b263200f90abbb61cce9a951781ea2012a2c8d7200906439b08e7e76cf9c9536b2e6b560afd7cbaa5044791ee17ded45adfd9d359dac0a9f4ed15bf2cb2ea9b12b7cb11b597cf2e6e750a6c636fe2c4b144f6ff43ccffddae787be160b0a8b4282b35a6aeece165814e95ce7adbe416ef4e51860cb4f5d50af2a86aa4ee602a30aa54850e0cb4a38dc3a1c711b5d03b6a53ee102ac68e553d11e5fb3d0a8e0ef34266263ca4a3e0b76c55a92f75f921cd61a5363e5db7737874d57c653d63457260b67b1df330827b2921c29fda0045bbe7404e40985039f7db153f52b2c941a56e922dcfb60b89dbee327ed6f5c1e438270f766a6ed1730fc581a4aebcfe3b7726b27d6b092cf5a0b6954196cb4cc2788b8722338ee189d9e22692595f0d5b333b0f715cb8d94a08afb631dbb1be79a773e8f1a4eaf7220c24222dda431b91d9175dfa0c6ae81e8c4c879d64446cf56faefe1487ca6739a776aee42ef8be40a612f95cde3b1feeac1e1e41a24c92ed8b0152e247239e5a8bc903679ca8c7b94659ad5b1d10551f460d924fb60882fc90508c3723420f86f4cf100387e808133cc429883c0e3ace91651c075cd19d106e0b437b0363048ca1feaaf929b87aed90afde281edca0fa0cc7b5a7f03807fa5ac41b1ed73130eac1117c631c1818142f24d420f6776cb53d4d0326b9fc3008c3ca03fc649d87d37fa617b74f2865c75298bed54b7d8dc676e2210374d8bf194ae2feda62b4798933c764ccddf845330721fc21e68c0695ca73285103e22ae68da440326dfef9a80d17d0a7c3f920e7b0aa806ee9b7549ed9878b6cfb505ac69e8e8d3cfa718675764cfb03861d32afaae1d918be87f6a9ac0d815c57ad3e167d642f5fcddc25d4ba3ac3e67c26a4deaa17797b3c0654f271eaaa442a71cbe19372adcbde3df8b3fe491e5a76a79d1291a0de317ffbf927f42782fa48270f2c969563b183a4b0112f3497dd3c2a423ec83498bdbaac928910a9fb7fe5788e454c027a28f4a91af2bf09e261f85b0eee4f7929e63c4062496cb09534bb6d03ff69ed2915d0ea215b4fb3d1044e86eb87dfb4898bcbd50e5c4ddfbdb83b9410e1adf91446c43c959e0e341d67a5a7ef8712586de3b8b9c5b6f80f42f235bf68900ebfe6304bb0d9f67408b76201ec26180b4bd76500de4f0df86df4a063aececca69ddf8a162b67a4b9800fa7570d5b551ac2703adc0ffced00650a96cd81ec4187b90c6b2140ce99c1937c40587ea72899897e628115bcab73b3d9f425860b109a67347b8a121f65d0968d56a3dde6b8171cea61b08ae568b9d03c398977ce86f75055230ef370cabf67c9cf97c3223719555403f3e0bd2af0e1e8742decb05fadb0227f15d40ee2d6dc5a49fe1e6bc9e6cedde74294c3bb6fd5c5fedfad672df1dffd219bd8bc1ec39158eab507998755f553441d01cd26a5501f6fb2db4f3597510f85b93a542514c8013eedbbfc913dcce8b20a5759665bdfd9919eb22a89163d8656386d857c5bfc7c241c1d726cd94ab0f92d5b0fefcf1d4abdd26fbc6c17a4ccacf2d31e5e713059de93c59d3b8d3e8d03b5d663f9dfadb03e093cb84fcf500a1f0e2e5ba1c9d81db12cc799c6539af0cc35682d95cb789c745a452bd8b38e6cf08e0579da1ab43ad0858d0305f961b15a79c1090f4867040ea2bd36cf6512aab44ce5a1098efe039134f23bf057777fef3e68e45827b0487924cad4e5f0b1c3b4f5a0e3853b39640eb0782d78888fe92c3b68624e84ff6a5eded87be62d34ce858f34e5fffbba75f014df0f648988b51a72de1ff54d5c7a4b8ecb10c5e9ef51de98c01ef8c406f9824a0c15a29e16b5a53e3643b0065a4263ecae50d2cb976d3d2ea6255a65f1c6cc86167f1784a27b832037db4ce1e262475334f3b2430f86c7a24456eea82ab678aba91bb4c0cc82c877b80b6d3574007257272c3e126c17a8b36aa8aa9431ff01bf658f82d8153eddea6804cdc564a3f5e9967b08feeb823d3db9356a4acdd80e883ca58a1c661d01d145f80a3ab67e8036c0bae1bb7bc43204eb0cf38214bc74a9aef036a31d5a9c552d93a25c0e84057bce5437b1634680d04a77472d631432d2baa7a3acd64220efcf9e7848f8fd9801bef7561a470a1822032160eb59edc0f977882dce4fb2872d89d27ff076dba74a9672f86909956579c28853fa8de7002cc8458d09256d42a39f1a4bdb6b56d36d51488e7368686e54c1bbbfff48884e0d536be362e59bd7f18329a4b82aed396e4f92865f594d0da38f7cace7a4603af60c1a53bdfd19476094aac6e4a8f31fc1257d48d03bb0ef515d8460b9441532c8b5043d0531d5881adb6d997bb184fd8caf4d8e6c759c3f7143b9e32bc7a0ec6234b68adf4111ca1d136721438e5e6d7125d480ce982d84aea7703b4010cd27867d6ddc5e0c970385196f020e48eddb24c56972f9e61e6cc29c1712551583828f899534aacfffc66f99999ea2ba2731d52a7fd2fa262a22b075da52a5aa58f5b41aa9cdc9181406717f3f75e7c475090121966838125236e4dc6291ae3874968e8208b983aadb03ca60acd935e6da1b829407f70a77340e4439f22fdc2fc4218de0f25d2f886c0aaeb693c2b23db0eab9953bf806c2173e0bc9d0d7ef0e763775bc1432ff48d6035b1214294c81b71cd98c42831014090cd99cb74929ae853f88132e559104d4fea98ad40f17da4100a909a6981bad9efb240a79520927aa12232a56f4d8893bff92bfc2bd42cf3dc09bdc484dfdba3a10c609186104ce33e3024f44000be34814ff5dc9872d44b4157fb3a6655b985f6cc5ef4586f2abfee12dcbdb90181b396f95fe3213f094d1f3dd3d7fed800f4ed21290f613b62048e0fc1f1328d9f87a5653b489d36f727be9d755523def0472f1c1d5ac90ee665379ff39d06e863c244890f5333a0b89b92022c1a8198029fe5f8c203b3dd211d4398958ee190108dd50b7850e20d8abe2b927d53d28f3b8ca26be81bc6b83c0e2b3b1dda28066c63860cea89df82708ef21d4d36b84663e87b4385a3e37bd3ff1eb2bf64184c44723490669af4da092d45ba21a569a352e513d9a9b43e9cd4b812055822626efc55f950009232b8b3bb2d63d44a8b0bd9bd4e84c5a724496a2326f63c97dbcb235366ec0cf6096b5f4988d073c34bd3a084130cea8d6ee22e542b411c1e18599667b3fd6dde0669ad82c85a1c10ca5862213cb1bb277e6c4f6564f20a9bcea1b48170504c47235d78ed0a0441987c8c17d90d7b56cf487c46733ba4a6848fec42b97ce4048f3c6d9c493322f052ef93f02f142b3940a10921bd15c911e7a97aa4a20dc383c62cd288d252ba937b3f60761e6653568a01241bb573664de04811cf3f59b4c2d7e8a6c55da16f468383456aa751697697397c2a5e5abfa0f1099d80447d49da509aa1347f3943ee9baa1fdad2a0e69410b34253ad4991282d0e952260f52ab9f02a3d00b37098cf60354424f862066e45e92ac475c99a00e7380766e589abf66271619142795cf7a7fbd138a6cc5bd7e135122341d1f06eb5b436c59be0adedc71bc03d7c63c16751ad56c69e36decfe9e8214c719fcdf2e9fe2dc971f03c1c2ad6b6d368fe8b11d0389650c73d1c7e73708145fa05992a150e6a909656ea786e244bdf1cd71f4b0fd05b1335d703182ffa9d96c99108297b1fe327a83bf4f69d2a9c3d1eb73a9dd8cee2b3220904ac31011fd6407a5ba427facb46227fdedb13d1ca6443ded3dc3b6cf06a59dc9b9226fbf357334abf58412605fd206e7b6125fa19e5d68f75783fa08205b05c0a12d1830068317f6105958c4eb37bcb1beae6a401c267641aa58274a410d76b4d2a03e418020869b6886bb81964761b3fcd8ea68050ad6cff99649cde8fa53f04b0c96e271c0b092e24d81ea2d723775799e713ea9da6967ef57aaafe1c6732f2f047556027f021c65fc20c1c3bcb392acf8ff7a9e14d9728a5aaacd255fc3866b041e9c96dcf592083d78c9e405ddd7991d2e2536d2eb1ba0f0ece3dfb6a34c2665cfac2d1850fd478f617fdd4e9dd4492c553bd375cfd33f4744d642006f3a5216a1ff7d73643ed751caecdfdcb56247aa2f66fbcb8315daaa86006a99e0350a72d5d5260d6bb77ac53cdd7abacb859586c279b7facdf076c922ac27f3e907fb3b4ec977ca634a28df064162165222dcce674dab60a4e9d48e7fcea267abb1f8e0a2012aa6db532a4ce74fbaf583e2c292fa1b56be585d14ee073cdafe3fc0c19050e698ec41b9d27f5db41a779208118a5d3f8f74333b2ad2fe3cee273bbfea485ead817effedf1260c1a125070589b6f0f31984ed498cbd273e84a718f54c82cbc2747e678f8437dde23c9ea3c877823034b7c70731c2d01cc09d11d3364e7945b6480b9b416acb54cd1194b46c6d2e147619ac1c1fa915af80a5098647247ebcf0449634f69c96afc740bce61993228183d98d0f85406d8ffd934
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3379452383-879285089-2603850794-1000]
"EnableNotificationsRef"=dword:00000001
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-21 17:09	1150280	----a-w-	c:\program files\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2014-02-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-01 22:37]
.
2014-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-01-09 17:14]
.
2014-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-01-09 17:14]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
uInternet Settings,ProxyOverride = <local>
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
DPF: {89F434A7-4A49-4394-AC02-007480331AE2} - hxxp://download.netmarble.net/ActiveX/NMAutoUpdateX/SystemIDInfo/NMSystemIDInfo_1.0.0.3.cab
FF - ProfilePath - c:\users\Bennink\AppData\Roaming\Mozilla\Firefox\Profiles\aw8b9i9m.default\
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKCU-Run-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
HKCU-Run-AdobeBridge - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-BandiMPEG1 - c:\program files\BandiMPEG1\uninstall.exe
AddRemove-Better Surf Plus - c:\program files\BetterSurf\BetterSurfPlus\uninstall.exe
AddRemove-QWdlb2ZXb25kZXJzSUlJ_is1 - c:\program files\Age of Wonders III\unins000.exe
AddRemove-Webexp Enhanced - c:\program files\WebexpEnhancedV1\WebexpEnhancedV1alpha366\uninstall.exe
AddRemove-{22154f09-719a-4619-bb71-5b3356999fbf} - c:\programdata\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe
AddRemove-RIFT - c:\program files\RIFT\riftuninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-05-20 17:38
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ... 
.
scannen van verborgen autostart items ... 
.
scannen van verborgen bestanden ... 
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-3379452383-879285089-2603850794-1000\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'Explorer.exe'(3340)
c:\program files\ATI Technologies\HydraVision\HydraDMH.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\atiesrxx.exe
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\DAEMON Tools Ultra\DiscSoftBusService.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Voltooingstijd: 2014-05-20  17:45:51 - machine werd herstart
ComboFix-quarantined-files.txt  2014-05-20 15:45
.
Pre-Run: 57.143.173.120 bytes beschikbaar
Post-Run: 63.399.337.984 bytes beschikbaar
.
- - End Of File - - 0C7B600C1F6E4FD9FC6A0D354C00CD01
A36C5E4F47E84449FF07ED3517B43A31