Notebook start traag op en werkt traag

[supernikje]

Hallo,

Mijn vriendin's notebook start traag op ; er verschijnt soms minutenlang een zwart scherm voor windows opent.

Ook tijdens het surfen op internet loopt alles veel trager dan vroeger.

Via taakbeheer merkte ik wel dat het ram-geheugen veel gebruikt (bijna maximum).

Regelmatig scant ze nochtans met antivirus, malwarebyte's + laat CC-cleaner even opschonen.

Ik durf niet onmiddellijk zomaar programma's uit te schakelen (ben ook niet zo bekend met windows 7 starter) en denk ook dat er programma's van HP zelf zijn geïnstalleerd die misschien niet echt nodig zijn.

Ik heb een RSIT-logje aangemaakt en hoop dat iemand kan helpen.

Dank bij voorbaat ;-)

Logfile of random's system information tool 1.09 (written by random/random)

Run by Mieke at 2014-01-15 20:02:49

Microsoft Windows 7 Starter Service Pack 1

System drive C: has 246 GB (86%) free of 286 GB

Total RAM: 1012 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:03:17, on 15/01/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\CyberLink\YouCam\YCMMirage.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Program Files\RegCleaner\RegCleanr.exe

C:\Program Files\RegCleaner\RegCleanr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Mieke\Downloads\RSIT.exe

C:\Program Files\trend micro\Mieke.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32

O4 - HKLM\..\Run: [GfxServiceInstall] C:\Windows\system32

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\RunOnce: [NCPluginUpdater] "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll

O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe

O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe

O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe

--

End of file - 7550 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\HPCeeScheduleForMieke.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Mieke\AppData\Roaming\Mozilla\Firefox\Profiles\1qg3txw3.default

prefs.js - "browser.search.useDBForOrder" - "false"

prefs.js - "browser.startup.homepage" - "http://www.google.be/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.170 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]

CIESpeechBHO Class - C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-10-22 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

HP Network Check Helper - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-11-11 2307368]

"IAStorIcon"=C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-05 283160]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2011-10-24 1433692]

"IgfxTray"=C:\Windows\system32 []

"HotKeysCmds"=C:\Windows\system32 []

"Persistence"=C:\Windows\system32 []

"GfxServiceInstall"=C:\Windows\system32 []

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"HP Quick Launch"=C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-12-20 684600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"=C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-01-14 21720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]

C:\Program Files\Bluetooth Suite\AthBtTray.exe [2011-10-22 694432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]

C:\Program Files\Bluetooth Suite\BtvStack.exe [2011-10-22 845984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]

C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPOSD]

C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefault]

C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [2011-11-22 37944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2011-12-30 224768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"msacm.siren"=sirenacm.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"wave1"=wdmaud.drv

"mixer1"=wdmaud.drv

"midi1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-01-15 20:02:52 ----D---- C:\Program Files\trend micro

2014-01-15 20:02:48 ----D---- C:\rsit

2014-01-04 17:15:27 ----A---- C:\Windows\system32\ie4uinit.exe

2014-01-04 17:15:25 ----A---- C:\Windows\system32\jsproxy.dll

2014-01-04 17:15:24 ----A---- C:\Windows\system32\ieui.dll

2014-01-04 17:15:24 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-01-04 17:15:22 ----A---- C:\Windows\system32\jscript9diag.dll

2014-01-04 17:15:22 ----A---- C:\Windows\system32\iesetup.dll

2014-01-04 17:15:22 ----A---- C:\Windows\system32\iernonce.dll

2014-01-04 17:15:22 ----A---- C:\Windows\system32\ieapfltr.dll

2014-01-04 17:15:21 ----A---- C:\Windows\system32\ieUnatt.exe

2014-01-04 17:15:21 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-01-04 17:15:20 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-01-04 17:15:17 ----A---- C:\Windows\system32\wininet.dll

2014-01-04 17:15:15 ----A---- C:\Windows\system32\urlmon.dll

2014-01-04 17:15:15 ----A---- C:\Windows\system32\iertutil.dll

2014-01-04 17:15:12 ----A---- C:\Windows\system32\ieframe.dll

2014-01-04 17:15:06 ----A---- C:\Windows\system32\mshtml.dll

2014-01-04 17:15:05 ----A---- C:\Windows\system32\jscript9.dll

2014-01-02 18:13:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2014-01-02 18:13:01 ----A---- C:\Windows\system32\elshyph.dll

2014-01-02 18:13:00 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2014-01-02 18:13:00 ----A---- C:\Windows\system32\msls31.dll

2014-01-02 18:13:00 ----A---- C:\Windows\system32\jsIntl.dll

2014-01-02 18:12:59 ----A---- C:\Windows\system32\msrating.dll

2014-01-02 18:12:59 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-01-02 18:12:59 ----A---- C:\Windows\system32\ieapfltr.dat

2014-01-02 18:12:59 ----A---- C:\Windows\system32\icardie.dll

2014-01-02 18:12:59 ----A---- C:\Windows\system32\dxtrans.dll

2014-01-02 18:12:59 ----A---- C:\Windows\system32\dxtmsft.dll

2014-01-02 18:12:58 ----A---- C:\Windows\system32\webcheck.dll

2014-01-02 18:12:58 ----A---- C:\Windows\system32\url.dll

2014-01-02 18:12:58 ----A---- C:\Windows\system32\mshtmlmedia.dll

2014-01-02 18:12:58 ----A---- C:\Windows\system32\licmgr10.dll

2014-01-02 18:12:58 ----A---- C:\Windows\system32\inseng.dll

2014-01-02 18:12:58 ----A---- C:\Windows\system32\iedkcs32.dll

2014-01-02 18:12:57 ----A---- C:\Windows\system32\wextract.exe

2014-01-02 18:12:57 ----A---- C:\Windows\system32\vbscript.dll

2014-01-02 18:12:57 ----A---- C:\Windows\system32\pngfilt.dll

2014-01-02 18:12:57 ----A---- C:\Windows\system32\occache.dll

2014-01-02 18:12:57 ----A---- C:\Windows\system32\mshtmled.dll

2014-01-02 18:12:57 ----A---- C:\Windows\system32\msfeeds.dll

2014-01-02 18:12:57 ----A---- C:\Windows\system32\iexpress.exe

2014-01-02 18:12:56 ----A---- C:\Windows\system32\MshtmlDac.dll

2014-01-02 18:12:56 ----A---- C:\Windows\system32\mshta.exe

2014-01-02 18:12:56 ----A---- C:\Windows\system32\msfeedsbs.dll

2014-01-02 18:12:56 ----A---- C:\Windows\system32\jscript.dll

2014-01-02 18:12:56 ----A---- C:\Windows\system32\imgutil.dll

2014-01-02 18:12:56 ----A---- C:\Windows\system32\iepeers.dll

2014-01-02 18:12:55 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2014-01-02 18:12:55 ----A---- C:\Windows\system32\mshtmler.dll

2014-01-02 18:12:55 ----A---- C:\Windows\system32\msfeedssync.exe

2014-01-02 18:12:55 ----A---- C:\Windows\system32\iesysprep.dll

2014-01-02 18:12:55 ----A---- C:\Windows\system32\IEAdvpack.dll

2013-12-20 17:17:42 ----D---- C:\Program Files\Mozilla Firefox

2013-12-12 18:16:47 ----A---- C:\Windows\system32\wmp.dll

2013-12-12 18:16:42 ----A---- C:\Windows\system32\wmploc.DLL

2013-12-11 16:56:15 ----A---- C:\Windows\system32\wscript.exe

2013-12-11 16:56:15 ----A---- C:\Windows\system32\scrrun.dll

2013-12-11 16:56:15 ----A---- C:\Windows\system32\cscript.exe

2013-12-11 16:56:11 ----A---- C:\Windows\system32\WMPhoto.dll

2013-12-11 16:56:08 ----A---- C:\Windows\system32\msieftp.dll

2013-12-11 16:56:06 ----A---- C:\Windows\system32\imagehlp.dll

2013-12-11 16:55:54 ----A---- C:\Windows\system32\tzres.dll

2013-12-11 16:55:05 ----A---- C:\Windows\system32\win32k.sys

2013-12-11 16:52:00 ----A---- C:\Windows\system32\drivers\portcls.sys

2013-12-11 16:52:00 ----A---- C:\Windows\system32\drivers\drmk.sys

2013-11-13 20:53:41 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll

2013-11-13 20:53:41 ----A---- C:\Windows\system32\credui.dll

2013-11-13 20:53:41 ----A---- C:\Windows\system32\authui.dll

2013-11-13 20:53:27 ----A---- C:\Windows\system32\schannel.dll

2013-11-13 20:53:26 ----A---- C:\Windows\system32\lsasrv.dll

2013-11-13 20:53:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys

2013-11-13 20:53:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys

2013-11-13 20:53:26 ----A---- C:\Windows\system32\drivers\cng.sys

2013-11-13 20:53:25 ----A---- C:\Windows\system32\sspisrv.dll

2013-11-13 20:53:25 ----A---- C:\Windows\system32\sspicli.dll

2013-11-13 20:53:25 ----A---- C:\Windows\system32\secur32.dll

2013-11-13 20:53:25 ----A---- C:\Windows\system32\ncrypt.dll

2013-11-13 20:53:25 ----A---- C:\Windows\system32\lsass.exe

2013-11-13 20:53:13 ----A---- C:\Windows\system32\gdi32.dll

2013-11-13 20:48:34 ----A---- C:\Windows\system32\crypt32.dll

2013-11-13 20:47:53 ----A---- C:\Windows\system32\IKEEXT.DLL

2013-11-13 20:47:52 ----A---- C:\Windows\system32\nshwfp.dll

2013-11-13 20:47:52 ----A---- C:\Windows\system32\FWPUCLNT.DLL

======List of files/folders modified in the last 3 months======

2014-01-15 20:02:58 ----D---- C:\Windows\Temp

2014-01-15 20:02:52 ----D---- C:\Program Files

2014-01-15 20:01:43 ----D---- C:\Windows\system32\drivers

2014-01-15 18:54:26 ----D---- C:\Windows\system32\config

2014-01-15 17:02:53 ----D---- C:\Windows\system32\catroot

2014-01-15 16:59:34 ----D---- C:\Windows\system32\catroot2

2014-01-15 16:54:39 ----SHD---- C:\System Volume Information

2014-01-14 23:13:12 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-01-07 21:00:29 ----D---- C:\Windows

2014-01-06 21:51:17 ----D---- C:\Windows\Panther

2014-01-06 21:51:17 ----D---- C:\Windows\inf

2014-01-06 21:51:13 ----D---- C:\Windows\Logs

2014-01-04 22:04:49 ----SHD---- C:\Windows\Installer

2014-01-04 22:04:47 ----HD---- C:\ProgramData

2014-01-04 17:24:26 ----D---- C:\Windows\winsxs

2014-01-04 17:20:52 ----D---- C:\Program Files\Internet Explorer

2014-01-04 17:20:51 ----D---- C:\Windows\System32

2014-01-02 22:13:30 ----D---- C:\Windows\system32\Tasks

2014-01-02 22:12:41 ----RD---- C:\Users

2014-01-02 22:09:13 ----D---- C:\Windows\system32\de-DE

2014-01-02 22:09:12 ----D---- C:\Windows\system32\fr-FR

2014-01-02 22:09:11 ----D---- C:\Windows\system32\nl-NL

2014-01-02 22:09:08 ----D---- C:\Windows\system32\migration

2014-01-02 22:09:08 ----D---- C:\Windows\PolicyDefinitions

2014-01-02 22:09:07 ----D---- C:\Windows\system32\en-US

2013-12-24 08:06:21 ----D---- C:\Windows\Tasks

2013-12-24 08:06:21 ----D---- C:\Windows\system32\wfp

2013-12-24 08:06:21 ----D---- C:\Windows\system32\wbem

2013-12-24 08:06:21 ----D---- C:\Windows\system32\DriverStore

2013-12-24 08:05:36 ----D---- C:\Windows\registration

2013-12-24 07:15:07 ----D---- C:\Windows\system32\LogFiles

2013-12-21 15:57:51 ----D---- C:\Program Files\Mozilla Maintenance Service

2013-12-15 14:59:04 ----D---- C:\Windows\SoftwareDistribution

2013-12-15 14:57:56 ----D---- C:\Windows\debug

2013-12-12 22:22:23 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-12-12 18:35:57 ----D---- C:\Program Files\Windows Media Player

2013-12-12 18:22:55 ----D---- C:\Windows\system32\MRT

2013-12-12 18:18:07 ----A---- C:\Windows\system32\MRT.exe

2013-12-11 21:12:22 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2013-11-28 21:51:29 ----D---- C:\Windows\system32\NDF

2013-11-19 03:33:38 ----N---- C:\Windows\system32\MpSigStub.exe

2013-11-02 18:11:46 ----D---- C:\Windows\Microsoft.NET

2013-11-02 18:11:44 ----RSD---- C:\Windows\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 354840]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-20 135648]

R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-12 37352]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2013-09-01 28520]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-20 90400]

R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-10-22 35488]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-08-21 2204160]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-10-22 290976]

R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-10-22 97440]

R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-10-22 25248]

R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-10-22 147616]

R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-10-22 60064]

R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-10-22 263968]

R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-10-22 445088]

R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]

R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]

R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2012-01-16 60416]

R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 27632]

R3 igddim32;igddim32; C:\Windows\system32\DRIVERS\igddim32.sys [2011-12-30 1338368]

R3 igdkmd32;igdkmd32; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-12-30 418816]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]

R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-02 197224]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]

R3 STHDA;@%SystemRoot%\system32\stlang.dll,-10305; C:\Windows\system32\DRIVERS\stwrt.sys [2011-10-24 444928]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-11-11 301744]

S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]

S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]

S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-13 1131008]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]

S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]

S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]

S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]

S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;Stuurprogramma voor VIA C7-processor; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-03 65640]

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2009-03-03 81920]

R2 AntiVirSchedulerService;Avira Planner; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-12-20 440376]

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-12-12 440376]

R2 AtherosSvc;AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [2011-10-22 85152]

R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]

R2 HPWMISVC;HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 STacSV;@%SystemRoot%\system32\stlang.dll,-10101; C:\Program Files\IDT\WDM\STacSV.exe [2011-10-24 290898]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]

R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent; C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe [2011-10-22 158880]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 108032]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S4 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 246840]

S4 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

[kape]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Quick Scan
  
  
• Firefox Look
  
  
• Chrome Look
  
  
• IE Defaults
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[supernikje]

Ik moest een paar keer het programma openen voor ik het venster kreeg, weet niet of dit normaal is en dus goed gelukt, maar

hier is het logje :

Zoek.exe v5.0.0.0 Updated 15-Januari-2014

Tool run by Mieke on do 16/01/2014 at 21:43:19,49.

Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Mieke\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

16/01/2014 21:48:58 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Users\Mieke\AppData\Roaming\Windows Live Writer deleted successfully

C:\Users\Mieke\AppData\Local\CrashDumps deleted successfully

C:\Users\Mieke\AppData\Local\MigWiz deleted successfully

[supernikje]

Sorry, ik denk dat het niet volledig was (de notebook herstartte automatisch voor updates van windows) en heb het nog eens opnieuw gedaan.

Deze lijkt vollediger

Zoek.exe v5.0.0.0 Updated 15-Januari-2014

Tool run by Mieke on do 16/01/2014 at 22:09:03,22.

Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Mieke\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-01-16-205114.log 672 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3838849466-2631331295-3800107439-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully

HKEY_USERS\S-1-5-21-3838849466-2631331295-3800107439-1000\Software\Microsoft\Internet Explorer\SearchScopes\{61B0FE32-744A-4B51-A076-066A12334661} deleted successfully

HKEY_USERS\S-1-5-21-3838849466-2631331295-3800107439-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully

HKEY_USERS\S-1-5-21-3838849466-2631331295-3800107439-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D0E89E23-EDAE-4A35-B5BF-E3D4A562624A} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\ProgramData\APN deleted

C:\Users\Public\sdelevURL.tmp deleted

C:\Users\Mieke\AppData\LocalLow\Softonic deleted

C:\user.js deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Mieke\AppData\Local\Temp ====

====== C:\Windows\system32 =====

2014-01-15 16:04:15 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\Windows\System32\win32k.sys

2014-01-04 16:15:28 C74500A1BCB4113A7310295DD3FA4440 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2014-01-04 16:15:27 A6B0B7F006F1CB84B48981499F6B7210 208896 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-01-04 16:15:25 3D43EAC957F2F797BE82CF6B04A933F8 43008 ----a-w- C:\Windows\System32\jsproxy.dll

2014-01-04 16:15:24 BE8480727660354B93E32B0ED709BF0E 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2014-01-04 16:15:24 355BF103E2CF862B00EEB3731E25E802 440832 ----a-w- C:\Windows\System32\ieui.dll

2014-01-04 16:15:22 491B4F34BA2CD7EFCAC934C7EFF48F52 61952 ----a-w- C:\Windows\System32\iesetup.dll

2014-01-04 16:15:22 36D150C4F80DF88ED97D14598C24692F 32768 ----a-w- C:\Windows\System32\iernonce.dll

2014-01-04 16:15:22 35DE59C975A0C97E8DBBE095BCC3644E 553472 ----a-w- C:\Windows\System32\jscript9diag.dll

2014-01-04 16:15:22 08881C59F795C356DE12067E44FFD260 703488 ----a-w- C:\Windows\System32\ieapfltr.dll

2014-01-04 16:15:21 7C7FF72C48AF9DD8CA7ABA2EA97A6670 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2014-01-04 16:15:21 3DE9521C90F7CC4413CBF6569A8B85B5 112128 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-01-04 16:15:20 C8AF3CF3030C3962B978FA3871D759FF 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-01-04 16:15:17 927FA6456AD6D7630F6854828D2FD16B 1820160 ----a-w- C:\Windows\System32\wininet.dll

2014-01-04 16:15:15 B2E1F7B212502BB49AAD4EFAD37C5CF5 2166784 ----a-w- C:\Windows\System32\iertutil.dll

2014-01-04 16:15:15 0763C5D8660436D4D961F72609E33BBE 1157632 ----a-w- C:\Windows\System32\urlmon.dll

2014-01-04 16:15:14 84EAF0A08C7742697816E148C066D757 1928192 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-01-04 16:15:12 4B638CE3DAA3A082E576C0DDF9D635D4 11221504 ----a-w- C:\Windows\System32\ieframe.dll

2014-01-04 16:15:06 BFAFE990C4A191E83843362B5AC64A9B 17112576 ----a-w- C:\Windows\System32\mshtml.dll

2014-01-04 16:15:05 A60A222D3126DD9E380F9D8B651BC13D 4243968 ----a-w- C:\Windows\System32\jscript9.dll

====== C:\Windows\system32\drivers =====

2014-01-15 16:04:11 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys

2014-01-15 16:04:09 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-01-15 16:04:09 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2014-01-15 16:04:08 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-01-15 16:04:08 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-01-15 16:04:08 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2014-01-15 16:04:08 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2014-01-15 16:04:08 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

====== C:\Windows\Tasks ======

2014-01-02 21:13:30 DA0F903663EA0D36E04F6810F1D84022 3958 ----a-w- C:\Windows\system32\Tasks\User_Feed_Synchronization-{2E770CFD-6B15-4450-BE2B-04EA7FA38E68}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-15 19:02:52 -------- d-----w- C:\Program Files\trend micro

======= C: =====

====== C:\Users\Mieke\AppData\Roaming ======

====== C:\Users\Mieke ======

2014-01-15 18:59:03 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Mieke\Desktop\RSIT.exe

====== C: exe-files ==

2014-01-15 19:02:54 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Mieke.exe

2014-01-15 18:59:03 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Mieke\Desktop\RSIT.exe

2014-01-14 22:12:17 FAF662699E5B406660BD85E514E73C45 27448 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_Darwin_US.exe

2014-01-14 22:12:17 F6D2EA7FCB0F094B53CB88480FB5E582 30424 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness_Ex.exe

2014-01-14 22:12:17 51D3A8E9A26EA3DE98A80BF117519F85 42712 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_EMEA.exe

2014-01-14 22:12:17 2EEE5D8BCE7D62C7A971FEC350209F0B 44344 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_Darwin_NSPOS.exe

2014-01-14 22:12:17 2DA14CADC35E8CAEC6D0FD7D3A5844C2 21208 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_GuestAccount.exe

=== C: other files ==

2014-01-15 16:04:15 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\Windows\System32\win32k.sys

2014-01-15 16:04:11 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys

2014-01-15 16:04:09 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbehci.sys

2014-01-15 16:04:09 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-01-15 16:04:09 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbccgp.sys

2014-01-15 16:04:09 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2014-01-15 16:04:08 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbhub.sys

2014-01-15 16:04:08 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbhub.sys

2014-01-15 16:04:08 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-01-15 16:04:08 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbport.sys

2014-01-15 16:04:08 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-01-15 16:04:08 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbohci.sys

2014-01-15 16:04:08 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2014-01-15 16:04:08 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbuhci.sys

2014-01-15 16:04:08 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2014-01-15 16:04:08 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbd.sys

2014-01-15 16:04:08 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"HP Quick Launch"="C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AthBtTray]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AthBtTray"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Bluetooth Suite\\AthBtTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AtherosBtStack]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AtherosBtStack"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Bluetooth Suite\\BtvStack.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Quick Launch]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HP Quick Launch"

"hkey"="HKLM"

"command"="C:\\Program Files\\Hewlett-Packard\\HP Quick Launch\\HPMSGSVC.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPOSD]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HPOSD"

"hkey"="HKLM"

"command"="C:\\Program Files\\Hewlett-Packard\\HP On Screen Display\\HPOSD.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SetDefault]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SetDefault"

"hkey"="HKLM"

"command"="C:\\Program Files\\Hewlett-Packard\\HP LaunchBox\\SetDefault.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HP Support Assistant Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HPClientSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HPDrvMntSvc.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\hpqwmiex]

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11/12/2013 21:12]

C:\Windows\tasks\HPCeeScheduleForMieke.job --a------ C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [15/07/2011 04:43]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\HPCeeScheduleForMieke" [C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\Windows\system32\tasks\MirageAgent" [C:\Program Files\CyberLink\YouCam\YCMMirage.exe]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{2E770CFD-6B15-4450-BE2B-04EA7FA38E68}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{3D6DE710-DBD3-4B7D-83EC-B4D5D1254F74}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

"C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

"C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Mieke\AppData\Roaming\Mozilla\Firefox\Profiles\1qg3txw3.default

F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash

04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

F556A64AB2DB1BD834E7C89CE211516B - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

0A1FF0B674E2F268799442A434A63BB3 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery

8006FC6A9A7C3168EF15DBA842C3AFC5 - c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll - Silverlight Plug-In

C04B0BCA15F30CF7D68E7733997EA90B - c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrlui.dll - Microsoft ® Silverlight

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://search.softonic.com/INF00047/tb_v1?SearchSource=15&cc="

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{D0E89E23-EDAE-4A35-B5BF-E3D4A562624A}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D0E89E23-EDAE-4A35-B5BF-E3D4A562624A}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPMTDF&pc=HPMTDF&src=IE-SearchBox"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}"

{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-111073-34115-5/4?mpre=http://www.benl.ebay.be/sch/i.html?_nkw={searchTerms}"

==== Empty IE Cache ======================

C:\Users\Mieke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Mieke\AppData\Local\Mozilla\Firefox\Profiles\1qg3txw3.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5 folders=6 2041964 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Mieke\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Mieke\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 16/01/2014 at 22:44:40,59 ======================

[kape]

Hoe draait de notebook nu ?

[supernikje]

Hey Kape,

De notebook start nog steeds traag op : na de "welkom" verschijnt zwart scherm (2,5 minuten lang) voordat het bureaublad verschijnt.

Blijkbaar verloopt het surfen via internet nog steeds traag

Het scrollen verliep iets sneller maar toch kwam er terug de melding dat Firefox niet meer reageert.

[kape]

Download ComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

• Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  
• Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  
• Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  
• Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  
• Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  
• Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  
• Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  
• Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  
• Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
  

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

• Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  
• Illegal operation attempted on a registry key that has been marked for deletion.
  

[supernikje]

Hier is het logje :

ComboFix 14-01-16.03 - Mieke 18/01/2014 15:57:25.1.4 - x86

Microsoft Windows 7 Starter 6.1.7601.1.1252.32.1043.18.1012.294 [GMT 1:00]

Gestart vanuit: c:\users\Mieke\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-12-18 to 2014-01-18 ))))))))))))))))))))))))))))))

.

.

2014-01-18 15:11 . 2014-01-18 15:11 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-01-18 14:58 . 2014-01-18 14:58 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{373F7E3A-0940-4FCF-9DD4-D10C0239A323}\offreg.dll

2014-01-17 16:53 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{373F7E3A-0940-4FCF-9DD4-D10C0239A323}\mpengine.dll

2014-01-16 21:40 . 2014-01-16 21:08 24064 ----a-w- c:\windows\zoek-delete.exe

2014-01-16 21:40 . 2014-01-18 15:11 -------- d-----w- c:\users\Mieke\AppData\Local\Temp

2014-01-16 20:43 . 2014-01-16 21:30 -------- d-----w- C:\zoek_backup

2014-01-15 19:02 . 2014-01-15 19:03 -------- d-----w- c:\program files\trend micro

2014-01-15 19:02 . 2014-01-15 19:03 -------- d-----w- C:\rsit

2014-01-15 16:04 . 2013-11-26 10:10 2349056 ----a-w- c:\windows\system32\win32k.sys

2014-01-15 16:04 . 2013-11-26 11:11 240576 ----a-w- c:\windows\system32\drivers\netio.sys

2014-01-15 16:04 . 2013-11-27 01:13 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2014-01-15 16:04 . 2013-11-27 01:13 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys

2014-01-15 16:04 . 2013-11-27 01:14 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys

2014-01-15 16:04 . 2013-11-27 01:13 284672 ----a-w- c:\windows\system32\drivers\usbport.sys

2014-01-15 16:04 . 2013-11-27 01:13 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys

2014-01-15 16:04 . 2013-11-27 01:13 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2014-01-15 16:04 . 2013-11-27 01:13 6016 ----a-w- c:\windows\system32\drivers\usbd.sys

2014-01-02 17:13 . 2014-01-02 17:13 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

2014-01-02 17:13 . 2014-01-02 17:13 194048 ----a-w- c:\windows\system32\elshyph.dll

2014-01-02 17:13 . 2014-01-02 17:13 806096 ----a-w- c:\program files\Internet Explorer\iexplore.exe

2014-01-02 17:13 . 2014-01-02 17:13 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2014-01-02 17:13 . 2014-01-02 17:13 645120 ----a-w- c:\windows\system32\jsIntl.dll

2014-01-02 17:13 . 2014-01-02 17:13 182272 ----a-w- c:\windows\system32\msls31.dll

2014-01-02 17:13 . 2014-01-02 17:13 126464 ----a-w- c:\program files\Internet Explorer\perfcore.dll

2014-01-02 17:13 . 2014-01-02 17:13 1052672 ----a-w- c:\program files\Internet Explorer\perf_nt.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-12-20 14:36 . 2013-09-01 12:37 69240 ----a-w- c:\windows\system32\drivers\avnetflt.sys

2013-12-20 14:36 . 2013-09-01 12:28 135648 ----a-w- c:\windows\system32\drivers\avipbb.sys

2013-12-20 14:36 . 2013-09-01 12:28 90400 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2013-12-12 22:33 . 2013-09-01 12:28 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2013-12-11 20:12 . 2012-12-25 21:02 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-12-11 20:12 . 2012-01-16 03:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-11-23 18:26 . 2013-12-11 15:56 417792 ----a-w- c:\windows\system32\WMPhoto.dll

2013-11-19 02:33 . 2013-05-12 12:02 230048 ------w- c:\windows\system32\MpSigStub.exe

2013-11-12 02:07 . 2013-12-11 15:55 2048 ----a-w- c:\windows\system32\tzres.dll

2013-10-30 02:19 . 2013-12-11 15:56 301568 ----a-w- c:\windows\system32\msieftp.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32" [X]

"HotKeysCmds"="c:\windows\system32" [X]

"Persistence"="c:\windows\system32" [X]

"GfxServiceInstall"="c:\windows\system32" [X]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-11-11 2307368]

"IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2011-10-24 1433692]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-12-20 684600]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="c:\program files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-01-14 21720]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]

2011-10-21 23:44 694432 ----a-w- c:\program files\Bluetooth Suite\AthBtTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]

2011-10-21 23:48 845984 ----a-w- c:\program files\Bluetooth Suite\BtvStack.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]

2012-03-05 11:38 578944 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPOSD]

2011-08-19 13:48 379960 ----a-w- c:\program files\Hewlett-Packard\HP On Screen Display\HPOSD.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefault]

2011-11-22 16:25 37944 ----a-w- c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe

.

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]

R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]

R4 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 246840]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-12-12 37352]

S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2009-03-03 81920]

S2 AntiVirSchedulerService;Avira Planner;c:\program files\Avira\AntiVir Desktop\sched.exe [2013-12-20 440376]

S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [2011-10-21 85152]

S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]

S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files\Bluetooth Suite\Ath_CoexAgent.exe [2011-10-22 158880]

S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-10-21 35488]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-10-21 290976]

S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-10-21 97440]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-10-21 25248]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-10-21 147616]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-10-21 60064]

S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-10-21 263968]

S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-10-21 445088]

S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 27632]

S3 igddim32;igddim32;c:\windows\system32\DRIVERS\igddim32.sys [2011-12-30 1338368]

S3 igdkmd32;igdkmd32;c:\windows\system32\DRIVERS\igdkmd32.sys [2011-12-30 418816]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-02 197224]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc

.

Inhoud van de 'Gedeelde Taken' map

.

2014-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-25 20:12]

.

2014-01-17 c:\windows\Tasks\HPCeeScheduleForMieke.job

- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

TCP: DhcpNameServer = 195.130.130.130 195.130.131.130

FF - ProfilePath - c:\users\Mieke\AppData\Roaming\Mozilla\Firefox\Profiles\1qg3txw3.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

.

- - - - ORPHANS VERWIJDERD - - - -

.

HKLM_ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec

AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2014-01-18 16:17:20

ComboFix-quarantined-files.txt 2014-01-18 15:17

.

Pre-Run: 257.748.373.504 bytes free

Post-Run: 258.583.154.688 bytes beschikbaar

.

- - End Of File - - 7590306A93F88611DD3174C99E14713C

A36C5E4F47E84449FF07ED3517B43A31

[supernikje]

Ik heb hem nog een paar keer laten heropstarten, maar nog steeds even traag en het zwarte scherm tussendoor.

Even het verbruik van het ramgeheugen nagekeken : met enkel facebook open op internet en tijdens het begin al scrollen komt hij boven de 900 mb uit (wat bijna het maximum is).

[kape]

Download en installeer Speccy.

Speccy is er ook in Nederlandstalige versie, bij de installatie (of update) kan je de taal wijzigen van Engels naar Nederlands ... als je op het driehoekje klikt, krijg je een uitrolmenu waarin je Nederlands kan selecteren.

Wanneer, tijdens het installeren van Speccy, de optie aangeboden wordt om Google Chrome of Google Toolbar "gratis" mee te installeren dien je de vinkjes weg te halen, tenzij dit een bewuste keuze is.

Start nu het programma en er zal een overzicht gemaakt worden van je hardware.

Als dit gereed is selecteer je bovenaan "Bestand - Publiceer Snapshot" en vervolgens bevestig je die keuze met " Ja ".

In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht. Zo krijgen we een gedetailleerd overzicht van je hardware.

Meer info over deze procedure lees je HIER.