Vraag & Antwoord
missing windows files
10 antwoorden
- hallo,
Ik ging gister maar eens checken waarom mijn systeem ineens zo sloom ging(vooral tijdens het opstarten). en af en toe een blue screen gaf…
proc: E6600
mobo: MSI 965 neo-F
vcard: EVGA 8800 GTS 640 mb
RAM: 4 gig(4x pc2-6400, me bios is geflashed zodat hij deze ook goed aankan)
hd: 2x 320 gig WD
Windows vista ultimate x64(met alle updates) + NOD32 geupdate
Aan de hardware kon het niet echt liggen dus toen heb ik maar hijackthis gedraait…
Deze gaf mij een een prachtige log:
[quote:a333929f89]Logfile of Trend Micro HijackThis v2.0.2
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Nero\PhotoShow 5\data\Xtras\mssysmgr.exe
C:\Program Files (x86)\BitTorrent_DNA\dna.exe
C:\Program Files (x86)\ESET\nod32kui.exe
C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
[b:a333929f89]O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)[/b:a333929f89]
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files (x86)\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Norton Ghost 12.0] "C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [AceGain LiveUpdate] "C:\Program Files (x86)\Games\Battlefield Vietnam\AceGain-LiveUpdate\LiveUpdate.exe"
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~2\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files (x86)\BitTorrent_DNA\dna.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
[i:a333929f89]O13 - Gopher Prefix: [/i:a333929f89]
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
[b:a333929f89]O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)[/b:a333929f89]
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: [i:a333929f89]##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe[/i:a333929f89]
[b:a333929f89]O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)[/b:a333929f89]
[b:a333929f89]O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)[/b:a333929f89]
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
[i:a333929f89]O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe[/i:a333929f89]
[b:a333929f89]O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)[/b:a333929f89]
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
[b:a333929f89]O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)[/b:a333929f89]
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
[b:a333929f89]O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)[/b:a333929f89]
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files (x86)\Eset\nod32krn.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
[b:a333929f89]O23 - Service: Instinct Drivers Auto Removal (pr2ae5eb) (pr2ae5eb) - Unknown owner - C:\Windows\system32\pr2ae5eb.exe (file missing)[/b:a333929f89]
[b:a333929f89]O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)[/b:a333929f89]
[b:a333929f89]O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)[/b:a333929f89]
[b:a333929f89]O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)[/b:a333929f89]
[b:a333929f89]O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) [/b:a333929f89](
[b:a333929f89]O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)[/b:a333929f89]
[b:a333929f89]O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)[/b:a333929f89]
[b:a333929f89]O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)[/b:a333929f89]
[b:a333929f89]O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)[/b:a333929f89]
[b:a333929f89]O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)[/b:a333929f89]
[b:a333929f89]O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)[/b:a333929f89]
[b:a333929f89]O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)[/b:a333929f89]
[b:a333929f89]O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)[/b:a333929f89]
–
End of file - 11607 bytes[/quote:a333929f89]
Hieruit werd ik een stukje wijzer, want hij verteld mij dat een deel van mijn windows files gewoon verdwenen zijn??? :o (zie dik gedrukte zinnen :wink: )
met een klein beetje kennis weet ik dat een aantal van deze processen nog aardig belangrijk zijn voor het goed draaien van mijn systeem :evil: .
Toen heb ik in een ander artikel toevallig iemand met hetzelfde probleem gevonden, echter heeft deze een advies gekregen maar heeft nooit meer gereageert :evil:
(http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=1239563#1239563)
Echter heeft deze oplossing voor mij geen nut aangezien als ik het gegeven scan tooltje gebruik ik tijdens de laatste scan vastloop op een bepaalde file/directory… :-?
(na zo'n 70 min. heb ik dit opgegeven en de scan gestopt, ik weet dat hij op die file bleef haken aangezien het getal onderaan het scanprogr niet veranderde eveneens als de scan directory. :wink: )
Daarom wil ik vragen of iemand mij hiermee nog kan helpen en een ander tooltje kan aanraden of iets dergelijks… :oops:
Want om mijn hd opnieuw te installeren zou heel veel tijd inbeslag nemen… :evil: met het risico dat ik weer in dezelfde rotzooi terecht kom(niet dat ik op echt veel onbetrouwbare sites terecht kom, maarja soms loop je toch iets op op de normaalste sites… :x )
[quote:a333929f89]Daarnaast heb ik ook nog de vraag of mensen weten wat de drie schuingedrukte processen zijn?[/quote:a333929f89]
Ik hoop dat iemand mij hierbij kan helpen
,
Mvg,
Andries - Omdat Vista vrij nieuw is herkent Hijackthis niet alle entry's. In jou geval is de (file missing) bij de regels een 'foutje' van Hijackthis, niks om je
zorgen over te maken dus.
Ik zie verder geen rare dingen in je log, doe het volgende eens:
Download Deckard's System Scanner naar je [b:d580db47ec]Bureaublad[/b:d580db47ec]
[list:d580db47ec]
Sluit alle toepassingen en vensters.
[b:d580db47ec]Dubbelklik[/b:d580db47ec] op [b:d580db47ec]dss.exe[/b:d580db47ec] om het te activeren, en volg de aanwijzingen.
Wanneer de scan volledig is, zal een tekstbestand - [b:d580db47ec]main.txt[/b:d580db47ec] - openen.
Kopiëer [b:d580db47ec]Ctrl+A gevolgd door Ctrl+C[/b:d580db47ec]) en plak ([b:d580db47ec]Ctrl+V[/b:d580db47ec]) de inhoud van [b:d580db47ec]main.txt[/b:d580db47ec] in je volgende antwoord.
[/list:u:d580db47ec] - ok, dat klinkt goed opzich
Bedankt tot nog toe alvast
Dat verklaard dan nog niet waarom ik BSOD's krijg… en IE zichzelf soms herstart vanwege een fout?
Maarre hier is de uitslaf van main.txt:
[quote:8bc02cc4eb]Deckard's System Scanner v20070905.67
Run by andries on 2007-09-27 19:24:13
Computer is in Normal Mode.
——————————————————————————–
– Last 5 Restore Point(s) –
16: 2007-09-27 14:29:43 UTC - RP132 - Made by Registry Mechanic
15: 2007-09-27 14:28:14 UTC - RP131 - Shockwave Player
14: 2007-09-27 14:27:52 UTC - RP130 -
13: 2007-09-27 14:14:57 UTC - RP129 - Installed EA Download Manager
12: 2007-09-27 10:42:39 UTC - RP128 - Windows Update
– First Restore Point –
1: 2007-09-24 16:48:44 UTC - RP117 - Installed Tom Clancy's Splinter Cell Double Agent
Backed up registry hives.
Performed disk cleanup. - vanwege een limiet hier is extra.txt er ook bij:
[quote:ed4e47c615]Deckard's System Scanner v20070905.67
Extra logfile - please post this as an attachment with your post.
——————————————————————————–
– System Information ———————————————————-
Microsoft® Windows Vista™ Ultimate (build 6000)
Architecture: X64; Language: English
CPU 0: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz
Percentage of Memory in Use: 48%
Physical Memory (total/avail): 4093.69 MiB / 2110.96 MiB
Pagefile Memory (total/avail): 8340.94 MiB / 6845.8 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1923.57 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 298.09 GiB total, 35.99 GiB free.
D: is Fixed (NTFS) - 298.09 GiB total, 132.69 GiB free.
E: is CDROM (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
\\.\PHYSICALDRIVE1 - WDC WD3200AAJS-65RYA0 ATA Device - 298.09 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 298.09 GiB - C:
\\.\PHYSICALDRIVE0 - WDC WD3200AAKS-00SBA0 ATA Device - 298.09 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 298.09 GiB - D:
\\.\PHYSICALDRIVE3 - Generic USB CF Reader USB Device
\\.\PHYSICALDRIVE5 - Generic USB MS Reader USB Device
\\.\PHYSICALDRIVE2 - Generic USB SD Reader USB Device
\\.\PHYSICALDRIVE4 - Generic USB SM Reader USB Device
– Security Center ————————————————————-
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
AV: ESET NOD32 antivirus system 2.70 v2.70 (ESET, spol. s r.o.)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
[HKEY_LOCAL_MACHINE64\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE64\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files (x86)\\BitTorrent\\bittorrent.exe"="C:\\Program Files (x86)\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
– Environment Variables ——————————————————-
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\andries\AppData\Roaming
CLASSPATH=.;C:\Program Files (x86)\Java\jre1.6.0_02\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files (x86)\Common Files
CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
CommonProgramW6432=C:\Program Files\Common Files
COMPUTERNAME=PC-ANDRIES
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HellgateEnv64=C:\Program Files (x86)\Games\Hellgate London Beta\
HOMEDRIVE=C:
HOMEPATH=\Users\andries
LOCALAPPDATA=C:\Users\andries\AppData\Local
LOGONSERVER=\\PC-ANDRIES
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\Common Files\Adobe\AGL;C:\Program Files (x86)\QuickTime\QTSystem\;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_ARCHITEW6432=AMD64
PROCESSOR_IDENTIFIER=EM64T Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files (x86)
ProgramFiles(x86)=C:\Program Files (x86)
ProgramW6432=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files (x86)\Java\jre1.6.0_02\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\andries\AppData\Local\Temp
TMP=C:\Users\andries\AppData\Local\Temp
USERDOMAIN=PC-andries
USERNAME=andries
USERPROFILE=C:\Users\andries
VS90COMNTOOLS=C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\Tools\
windir=C:\Windows
– User Profiles —————————————————————
andries [i:ed4e47c615](admin)[/i:ed4e47c615]
– Add/Remove Programs ———————————————————
µTorrent –> "C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
64 Bit HP CIO Components Installer –> MsiExec.exe /I{9F560BEB-021F-43AC-825F-AA60442D8DE4}
Adobe Flash Player 9 ActiveX –> C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
BitTorrent –> "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /UNINSTALL
BitTorrent DNA –> "C:\Program Files (x86)\BitTorrent_DNA\dna.exe" /UNINSTALL
Crystal Reports Runtime for Visual Studio 2008 Beta2 (x64) –> MsiExec.exe /I{7D5638D0-5201-46E9-B7BA-B611E37850AF}
Hellgate: London Beta –> MsiExec.exe /X{DBB0C0DD-5AB5-4B2A-944C-B2E78551FEEE}
HP Customer Participation Program 8.0 –> C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr40.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 8.0 –> C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr40.exe -datfile hpqbud01.dat
HP OCR Software 8.0 –> C:\Program Files (x86)\HP\Digital Imaging\OCR\hpzscr40.exe -datfile hpqbud11.dat
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B –> C:\Program Files (x86)\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr40.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Solution Center 8.0 –> C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr40.exe -datfile hpqbud05.dat
Microsoft .NET Framework 3.5 (Pre-Release Version) –> C:\Windows\Microsoft.NET\Framework64\v3.5\Microsoft .NET Framework 3.5 (Pre-Release Version)\setup.exe
Microsoft .NET Framework 3.5 (Pre-Release Version) –> MsiExec.exe /I{8E7D9374-438A-3E7F-95A2-99B7D67838EB}
Microsoft Device Emulator (64 bit) version 3.0 - ENU –> MsiExec.exe /X{68BBA687-FEE3-30BC-9DBA-9DC9D1DFF2B6}
Microsoft Office Office 64-bit Components 2007 –> MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (English) 2007 –> MsiExec.exe /X{90120000-002A-0409-1000-0000000FF1CE}
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 –> MsiExec.exe /X{90120000-0116-0409-1000-0000000FF1CE}
Microsoft SQL Server Native Client –> MsiExec.exe /I{6E740973-8E71-42F9-A910-C18452E60450}
Microsoft SQL Server VSS Writer –> MsiExec.exe /I{50822200-2E95-4E62-A8D8-41C3B308DF5E}
Microsoft Visual C++ 2005 Redistributable (x64) –> MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual Studio 2008 Remote Debugger - ENU –> C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Studio 2008 Remote Debugger - ENU\install.exe
NVIDIA Drivers –> C:\Windows\system32\NVUNINST.EXE UninstallGUI
Visual Studio .NET Prerequisites - English –> MsiExec.exe /X{5AC6E3BE-83DE-3330-94D9-B390DA5B5E4A}
– Application Event Log ——————————————————-
Event Record #/Type8879 / Error
Event Submitted/Written: 09/27/2007 07:23:46 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16512, time stamp 0x46807103, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdf8, exception code 0xc0000005, fault offset 0x0003d058,
process id 0x80c, application start time 0xiexplore.exe0.
Event Record #/Type8869 / Success
Event Submitted/Written: 09/27/2007 05:21:26 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type8863 / Error
Event Submitted/Written: 09/27/2007 04:41:28 PM
Event ID/Source: 78 / SideBySide
Event Description:
Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest.
Event Record #/Type8862 / Error
Event Submitted/Written: 09/27/2007 04:41:28 PM
Event ID/Source: 78 / SideBySide
Event Description:
Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest.
Event Record #/Type8861 / Error
Event Submitted/Written: 09/27/2007 04:41:10 PM
Event ID/Source: 78 / SideBySide
Event Description:
Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest.
– Security Event Log ———————————————————-
No Errors/Warnings found.
– System Event Log ————————————————————
Event Record #/Type31746 / Warning
Event Submitted/Written: 09/27/2007 07:32:47 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%%8271.1.1505.0{02CF8070-34BB-445C-AFEA-3EDCE0C4B6D2}PC-andriesandriesS-1-5-21-1887023637-2835658961-1265127688-1000Unknown%%832service:xpdt0%%807
Event Record #/Type31745 / Warning
Event Submitted/Written: 09/27/2007 07:32:47 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%%8271.1.1505.0{20E25DD5-AA10-410C-9532-B5F27177C778}PC-andriesandriesS-1-5-21-1887023637-2835658961-1265127688-1000Unknown%%832driver:xpdt0%%807
Event Record #/Type31744 / Warning
Event Submitted/Written: 09/27/2007 07:32:47 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%%8271.1.1505.0{7C2321BF-2BCA-4F8B-8E49-F041857683ED}PC-andriesandriesS-1-5-21-1887023637-2835658961-1265127688-1000Unknown%%832driver:huy320%%807
Event Record #/Type31743 / Warning
Event Submitted/Written: 09/27/2007 07:32:45 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%%8271.1.1505.0{A442AB02-4629-44EF-8272-078FCF63F41B}PC-andriesandriesS-1-5-21-1887023637-2835658961-1265127688-1000Unknown%%832service:lzx320%%807
Event Record #/Type31742 / Warning
Event Submitted/Written: 09/27/2007 07:32:45 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%%8271.1.1505.0{BAE6CE1A-6A3D-4A66-90EB-0442F60042AF}PC-andriesandriesS-1-5-21-1887023637-2835658961-1265127688-1000Unknown%%832driver:msguard0%%807
– End of Deckard's System Scanner: finished at 2007-09-27 19:34:48 ————[/quote:ed4e47c615]
1. Ik hoop dat je hier wat mee kan
2. weet je toevallig ook zeker of die 3 schuingedrukte processen in mijn eerste post echt normaal zijn?
3. iemand een reg check tool heeft voor windows vista(x64), want dat is toch wel handig - Graag gedaan alvast
Je logjes zien er allemaal schoon uit. BSOD's kunnen een heleboel oorzaken hebben, om de juiste oorzaak vast te stellen hebben we de juiste foutcode nodig. Kijk eens in je logboeken op het moment dat je een BSOD krijgt, kopieer die tekst in je volgende bericht.
Logboek kan je terugvinden hier:
start –> uitvoeren –> [b:3bde4978d0]eventvwr.msc[/b:3bde4978d0]
Succes! - [b:451940b35b]oke nogmaals bedankt,[/b:451940b35b]
naar de BSOD heb ik al eerder gekeken, en elke keer is het een andere foute code, ik heb ze ergens opgeschreven maar kan het blaadje niet meer vinden :cry: maar das een ander verhaal…
Aan de eventviewer zijn wel wat kleine probleempjes….
Maar daar heb ik nu even geen tijd voor…
Daar heb ik het morgen nog wel over :wink: - Ik zie het wel verschijnen, ben van het weekend niet zoveel online :wink:
- oke, hoop dat ik binnenkort wel weer op je hulp kan rekenen
ben ff event viewer uitgezocht en de problemen die ik kan vinden:
1.
[quote:6a45a6cd86]Faulting application iexplore.exe, version 7.0.6000.16512, time stamp 0x46807103, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0x00000000, fault offset 0x00000000, process id 0x129c, application start time 0x01c801eba486ef41.
Event ID: 1000
Application Error
user: N/A
Task Category: (100)
hoevaak?, heel vaak…[/quote:6a45a6cd86]
Ik kan niets op internet vinden over deze melding…
2.
[quote:6a45a6cd86]The following boot-start or system-start driver(s) failed to load:
i8042prt
Application Error
Event ID: 1000
User: N/A
Task Category: (100)
hoevaak?, schijnt zo te zijn bij elke keer als ik opstart[/quote:6a45a6cd86]
Ik heb gehoord dat dit iets met je keyboard/mouse driver?, maar voglens device manager heb ik geen problemen. en ik heb Microsoft Wireless Optical Desktop 2000, microsoft dus het zou goed moeten werken…
3.
[quote:6a45a6cd86]The description for Event ID 0 from source cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
(allemeldingen ff samen)
- GPClient
- SQLServerEventProvider
root\Microsoft\SqlServer\ServerEvents\SQLEXPRESS
- OffProv12
Root\MSAPPS12
- Sens
- TrustedInstaller
CreateSession
- TrustedInstaller
107
CreateSession
- 2147944003
Dutch Language Pack
EV_RenderedValue_2.00
102
(en alle andere language pakketen die ik heb geprobeerd te installeren)
- %%827
1.1.1505.0
{9FC14940-44B2-4AF8-98CD-45267B977CEE}
PC-andries
andries
S-1-5-21-1887023637-2835658961-1265127688-1000
Unknown
%%832
process:pid:2680;servicenkBstrA;file:C:\Windows\SysWOW64
\PnkBstrA.exe
0
%%807
[i:6a45a6cd86](pnkbstrB.exe zelfde probleem NET Als zo'n 50 andere .exes, .dll etc…
Deze meldingen vallen onder:
- aplication error(50x)
- application hang(10x)
- applicationExperienceInfrastructure(10x)
- ASP.NET 1.1.4322.0(1x)
- BROWSER(2x)
- CD-rom(paar honderd maal)
- certivicateServicesClient(2x)
- Dhcp client(3x)
- Display(7x)
- DistributedCOM(14x))[/i:6a45a6cd86]
[/quote:6a45a6cd86]
[b:6a45a6cd86]paar duizend maal[/b:6a45a6cd86], over verschillende processen, zie hierboven
[quote:6a45a6cd86]laten we het hier maar [u:6a45a6cd86]even[/u:6a45a6cd86] bij houden, dit koste me al ruim een halfuur…[/quote:6a45a6cd86] - hier het vervolg:
5.
[quote:27d84a6283]The description for Event ID 6008 from source EventLog cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
WUClient-SelfUpdate-Aux-lt-LT-LP-Toplevel
WUClient-SelfUpdate-Aux
Feature Pack
Staging
Staging
WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.0.6000.381
Staged
False
0x80070002
False
the message resource is present but the message is not found in the string/message table
zo’n 50x met verschillende processen, .exe’s etc….
onder:
- Eventlog(heel vaak)
- Languagepacksetup(10x)
- Msiinstaller(~25x)
- Plugandplaymanager(8x)
- Restartmanager(1X)
- Print(4x)
- Search(2x)
- Service control manager eventlog provider(~50x)
- Servicing[b:27d84a6283](HONDERDEN MALEN, gok zo’n 5000x)[/b:27d84a6283]
- Windowsupdateclient(10X)
- Winlogon(8x)
- WMI(7x) [/quote:27d84a6283]
6.
[quote:27d84a6283]iexplore.exe scan has started.
Scan ID: 46807103
Scan Type: 6.0.6000.16386
Scan Parameters: c0000005
User: 0003d058\12f0[/quote:27d84a6283]
Scan van windowsdefender, echter heb ik nooit iexplore.exe gedownload?, of geïnstalleerd etc… - nvm, systeem opnieuw geinstalleerd, nog steeds niet optimaal… die mensen bij microsoft moeten is wat aan hun eventviewer gaan doen, door alleen al de eerste te updaten na installatie heb je al 500 errors volgens hun event viewer, das toch bullshit…
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.
