Iska
-
Items
8 -
Registratiedatum
-
Laatst bezocht
Iska's prestaties
-
Acer laptop met Wesern Digital harddisk WD6400 BEVT
Iska plaatste een topic in Archief Hardware algemeen
Enige tijd geleden weigerde mijn laptop alle dienst en kreeg ik alleen maar foutmeldingen. Een zoektocht op het web bracht me uiteindelijk bij een tool van Western Digital, deze tool controleerde mijn harddisk en herstelde een aantal fouten en bracht mijn laptop terug naar een stadium waar ik tal van windows 7 updates moest uitvoeren. Na alle updates werkt mijn laptop weer maar de snelheid laat nog steeds te wensen over. Wanneer ik nu met HD Tune Pro 5.5 een controle van de harddisk uitvoer zie ik dat niet minder dan 97 "unstable" sectors zijn. Ik heb de voorbije weken verscheidene malen een schijfcontrole uitgevoerd waarbij de files verplaatst werden naar niet beschadigde sectoren. Nietemin blijft de snelheid van mijn laptop beneden het niveau van voor mijn problemen. Het opstarten duurt langer en wanneer er dan blijkbaar geen activiteit meer is en ik start Google Chrome of Internet Explorer dan heeft hij opnieuw veel werk om alles opgestart te krijgen. bdw: omdat ik tijdens de update van windows 7 (64bit) problemen had, heb ik het programma "Malware Bytes" losgelaten die nogal wat files in quarantaine plaatse waarna de updates wel konden geïnstalleerd konden worden. Mijn vraag is nu: Naar mijn mening is het probleem met die slechte sectoren zoiets als een ongeneselijke ziekte. Je kan het wel behandelen maar het zal nooit genezen. De prijs van een nieuwe harddisk is nu ook niet echt een probleem. (alhoewel de originele 640Gb disk bijna niet meer te vinden is of enorm veel geld kost) vraag ik hier om bevestiging of ontkenning dat mijn harddisk "end of life" is en ik moet uitkijken naar vervanging. En toen kwam de vraag, kan ik deze Western Digital harddisk vervangen door een van Seagate? Alvast bedankt voor het lezen van dit epistel en nog meer bedankt voor uw reactie. bdw: ik heb voldoende backups zodat dataverlies hier geen item is. -
Ik werk altijd met het NEF files (RAW formaat Nikon) en na het installeren van Capture NX2 heb ik opeens het fenomeen dat wanneer ik de windows verkenner opstart en NEF files wil viewen ik een heel korte tijd de tumbnail van de foto zie die daarna vervangen wordt door het logo van Capture NX2. Mijn vermoeden is dat ik met een oudere versie van de Nikon Codec aan het werken ben en dus maar de update opgezocht en proberen installeren maar hier begint het probleem. De nieuwere versie ziet de oude versie staan en wil die verwijderen maar dat lukt niet. Heel waarschijnlijk ben ik te ijverig geweest bij het opschonen van mijn harde schijf en heb ik data verwijderd die nodig is voor het verwijderen van deze Codec. Nu de vraag: bestaat er een "work arround" om alsnog deze oude versie te verwijderen. (ik heb geprobeerd om het programma in de safe mode te verwijderen maar ook dat is niet gelukt.) Het is niet zo dat dit een echt probleem is, het is alleen handig dat je in de verkenner de inhoud van de NEF file kan zien. Alvast bedankt voor uw reactie. grtn
-
ComboFix 12-01-18.04 - Freddy 18/01/2012 20:19:57.1.4 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3325.2668 [GMT 1:00] Gestart vanuit: c:\users\Freddy\Desktop\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\animbigN.bmp c:\windows\animsmalN.bmp c:\windows\IsUn0413.exe c:\windows\pkunzip.pif c:\windows\pkzip.pif c:\windows\system32\drivers\etc\hosts.ics c:\windows\system32\rnaph.dll c:\windows\unin0413.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-18 to 2012-01-18 )))))))))))))))))))))))))))))) . . 2012-01-18 19:27 . 2012-01-18 19:30 -------- d-----w- c:\users\Freddy\AppData\Local\temp 2012-01-18 19:27 . 2012-01-18 19:27 -------- d-----w- c:\users\Josiane\AppData\Local\temp 2012-01-18 19:27 . 2012-01-18 19:27 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-18 17:58 . 2012-01-18 17:58 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{739EB1A6-2C21-45C9-A3C7-02EE8B2564F7}\offreg.dll 2012-01-18 17:58 . 2012-01-18 17:58 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{739EB1A6-2C21-45C9-A3C7-02EE8B2564F7}\MpKsl87d5b5bb.sys 2012-01-18 17:56 . 2012-01-05 19:19 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{739EB1A6-2C21-45C9-A3C7-02EE8B2564F7}\mpengine.dll 2012-01-18 16:20 . 2012-01-18 16:20 388096 ----a-r- c:\users\Freddy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-18 16:20 . 2012-01-18 16:20 -------- d-----w- c:\program files\Trend Micro 2012-01-18 15:23 . 2012-01-18 15:23 -------- d-----w- c:\program files\Speccy 2012-01-18 11:14 . 2012-01-18 11:14 -------- d-----w- c:\program files\ACR38_100_122 PCSC Driver 2012-01-18 11:06 . 2012-01-18 11:06 -------- d-----w- c:\windows\system32\beidpp 2012-01-18 11:06 . 2012-01-18 11:06 -------- d-----w- c:\windows\system32\siscardplugins 2012-01-18 11:06 . 2012-01-18 11:06 -------- d-----w- c:\program files\BeID Minidriver 2012-01-18 11:06 . 2012-01-18 11:06 -------- d-----w- c:\program files\Belgium Identity Card 2012-01-18 10:31 . 2012-01-02 16:15 51144 ----a-w- c:\windows\system32\drivers\Soluto.sys 2012-01-18 10:31 . 2012-01-18 10:31 -------- d-----w- c:\program files\Soluto 2012-01-13 19:04 . 2012-01-13 19:05 -------- d-----w- c:\users\Freddy\AppData\Roaming\Uniblue 2012-01-11 20:22 . 2012-01-11 20:22 -------- d-----w- C:\ATI 2012-01-11 10:18 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll 2012-01-11 10:18 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll 2012-01-11 10:18 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll 2012-01-11 10:18 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll 2012-01-11 10:18 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll 2012-01-11 10:18 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll 2012-01-11 10:18 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll 2012-01-11 10:18 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2012-01-05 16:00 . 2009-12-14 11:33 53248 ----a-w- c:\windows\system32\CSVer.dll 2012-01-05 15:33 . 2008-04-04 17:34 14208 ----a-w- c:\windows\system32\drivers\disksec.sys 2012-01-05 15:31 . 2012-01-05 15:31 -------- d-----w- c:\program files\Common Files\MAGIX Services 2012-01-03 07:22 . 2012-01-03 07:22 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll 2011-12-28 15:22 . 2011-12-28 15:22 -------- d-----w- c:\users\Freddy\.jnlp-applet 2011-12-27 11:00 . 2011-12-27 11:00 -------- d-----w- c:\users\Freddy\AppData\Local\Xenocode 2011-12-25 09:23 . 2011-10-27 08:01 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-12-25 09:23 . 2011-10-27 08:01 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-12-25 09:23 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll 2011-12-25 09:23 . 2011-11-23 13:37 2043904 ----a-w- c:\windows\system32\win32k.sys 2011-12-25 09:23 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-25 09:23 . 2011-11-08 14:42 2048 ----a-w- c:\windows\system32\tzres.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-05 19:19 . 2009-12-13 12:41 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-01-04 12:14 . 2009-03-03 20:10 900 --sha-w- c:\programdata\KGyGaAvL.sys 2011-12-07 15:51 . 2011-12-07 15:51 360448 ----a-w- c:\windows\system32\beid35applayer.dll 2011-12-07 15:50 . 2011-12-07 15:50 94208 ----a-w- c:\windows\system32\Belgium Identity Card PKCS11.dll 2011-12-07 15:50 . 2011-12-07 15:50 94208 ----a-w- c:\windows\system32\beidpkcs11.dll 2011-12-07 15:50 . 2011-12-07 15:50 200704 ----a-w- c:\windows\system32\beid35cardlayer.dll 2011-12-07 15:50 . 2011-12-07 15:50 200704 ----a-w- c:\windows\system32\eidlib.dll 2011-12-07 15:50 . 2011-12-07 15:50 200704 ----a-w- c:\windows\system32\beidlib.dll 2011-12-07 15:50 . 2011-12-07 15:50 266240 ----a-w- c:\windows\system32\beid35DlgsWin32.dll 2011-12-07 15:49 . 2011-12-07 15:49 126976 ----a-w- c:\windows\system32\beid35common.dll 2011-12-06 15:18 . 2011-12-06 15:18 116224 ----a-w- c:\windows\system32\beidmdrv32.dll 2011-11-19 12:09 . 2011-05-17 17:51 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-06 17:54 . 2011-11-06 17:54 81936 ----a-w- c:\windows\system32\drivers\AtihdLH3.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sticky Pad"="c:\program files\StickyPad\StickyPad.exe" [2007-04-23 528441] "PowerSuite"="c:\progra~1\Uniblue\POWERS~1\launcher.exe" [2011-11-01 67448] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920] . c:\users\Josiane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2009-02-22 15:52 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk] backup=c:\windows\pss\PDFCreator.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Freddy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2008-01-22 09:13 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor] 2008-08-08 16:30 16712 ----a-r- c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader] 2008-08-08 16:30 532808 ----a-r- c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] 2008-12-04 11:24 665424 ------w- c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2008-05-28 06:27 570664 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer] 2008-01-30 12:07 90112 ----a-w- c:\progra~1\MAGIX\FILM_O~1\Trayserver.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [2010-04-22 87968] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2009-12-15 37632] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSL87D5B5BB . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-06-20 11:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-02 20:09] . 2012-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-02 20:09] . 2011-12-25 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09] . 2012-01-18 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.zita.be/ mStart Page = hxxp://www.telenet.be mWindow Title = Telenet Internet uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.2.1 195.130.131.5 195.130.130.133 . . ------- Bestandsassociaties ------- . .txt= . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-beid - c:\program files\Belgium Identity Card\beid35gui.exe MSConfigStartUp-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe MSConfigStartUp-HP Update 3400C - c:\sj652\hpupdate.exe AddRemove-_{707EB912-C597-49D8-9460-46CC9AB03EBE} - c:\program files\Corel\Corel Painter Photo Essentials 4\MSILauncher {707EB912-C597-49D8-9460-46CC9AB03EBE} . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-18 20:30 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8d,db,47,d9,c5,9e,a6,45,a0,03,ff,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8d,db,47,d9,c5,9e,a6,45,a0,03,ff,\ . Voltooingstijd: 2012-01-18 20:31:48 ComboFix-quarantined-files.txt 2012-01-18 19:31 . Pre-Run: 117.752.492.032 bytes beschikbaar Post-Run: 118.044.839.936 bytes beschikbaar . - - End Of File - - 98B46A3CB8118BBC6C74BF6C530698CE ---------- Post toegevoegd om 19:47 ---------- Vorige post was om 19:43 ---------- Heb vandaag de service superfetch afgevinkt, daarna werdt het cache niet meer volgestouwd en bleef er geheugen vrij. Daarna heb ik ook volgend commando doorgevoerd "BCDedit /set PAE forceenable". Blijkbaar help dit alles want ik heb ruim 1h30 met Phase One gewerkt zonder enig probleem. Blijkbaar geen last van ongewenste software maar een basis service die de verkeerde kant uitgroeide.
-
Oeps. Hier de juiste log ComboFix 12-01-18.04 - Freddy 18/01/2012 20:19:57.1.4 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3325.2668 [GMT 1:00] Gestart vanuit: c:\users\Freddy\Desktop\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\animbigN.bmp c:\windows\animsmalN.bmp c:\windows\IsUn0413.exe c:\windows\pkunzip.pif c:\windows\pkzip.pif c:\windows\system32\drivers\etc\hosts.ics c:\windows\system32\rnaph.dll c:\windows\unin0413.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-12-18 to 2012-01-18 )))))))))))))))))))))))))))))) . . 2012-01-18 19:27 . 2012-01-18 19:30 -------- d-----w- c:\users\Freddy\AppData\Local\temp 2012-01-18 19:27 . 2012-01-18 19:27 -------- d-----w- c:\users\Josiane\AppData\Local\temp 2012-01-18 19:27 . 2012-01-18 19:27 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-18 17:58 . 2012-01-18 17:58 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{739EB1A6-2C21-45C9-A3C7-02EE8B2564F7}\offreg.dll 2012-01-18 17:58 . 2012-01-18 17:58 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{739EB1A6-2C21-45C9-A3C7-02EE8B2564F7}\MpKsl87d5b5bb.sys 2012-01-18 17:56 . 2012-01-05 19:19 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{739EB1A6-2C21-45C9-A3C7-02EE8B2564F7}\mpengine.dll 2012-01-18 16:20 . 2012-01-18 16:20 388096 ----a-r- c:\users\Freddy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-18 16:20 . 2012-01-18 16:20 -------- d-----w- c:\program files\Trend Micro 2012-01-18 15:23 . 2012-01-18 15:23 -------- d-----w- c:\program files\Speccy 2012-01-18 11:14 . 2012-01-18 11:14 -------- d-----w- c:\program files\ACR38_100_122 PCSC Driver 2012-01-18 11:06 . 2012-01-18 11:06 -------- d-----w- c:\windows\system32\beidpp 2012-01-18 11:06 . 2012-01-18 11:06 -------- d-----w- c:\windows\system32\siscardplugins 2012-01-18 11:06 . 2012-01-18 11:06 -------- d-----w- c:\program files\BeID Minidriver 2012-01-18 11:06 . 2012-01-18 11:06 -------- d-----w- c:\program files\Belgium Identity Card 2012-01-18 10:31 . 2012-01-02 16:15 51144 ----a-w- c:\windows\system32\drivers\Soluto.sys 2012-01-18 10:31 . 2012-01-18 10:31 -------- d-----w- c:\program files\Soluto 2012-01-13 19:04 . 2012-01-13 19:05 -------- d-----w- c:\users\Freddy\AppData\Roaming\Uniblue 2012-01-11 20:22 . 2012-01-11 20:22 -------- d-----w- C:\ATI 2012-01-11 10:18 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll 2012-01-11 10:18 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll 2012-01-11 10:18 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll 2012-01-11 10:18 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll 2012-01-11 10:18 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll 2012-01-11 10:18 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll 2012-01-11 10:18 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll 2012-01-11 10:18 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2012-01-05 16:00 . 2009-12-14 11:33 53248 ----a-w- c:\windows\system32\CSVer.dll 2012-01-05 15:33 . 2008-04-04 17:34 14208 ----a-w- c:\windows\system32\drivers\disksec.sys 2012-01-05 15:31 . 2012-01-05 15:31 -------- d-----w- c:\program files\Common Files\MAGIX Services 2012-01-03 07:22 . 2012-01-03 07:22 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll 2011-12-28 15:22 . 2011-12-28 15:22 -------- d-----w- c:\users\Freddy\.jnlp-applet 2011-12-27 11:00 . 2011-12-27 11:00 -------- d-----w- c:\users\Freddy\AppData\Local\Xenocode 2011-12-25 09:23 . 2011-10-27 08:01 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-12-25 09:23 . 2011-10-27 08:01 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-12-25 09:23 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll 2011-12-25 09:23 . 2011-11-23 13:37 2043904 ----a-w- c:\windows\system32\win32k.sys 2011-12-25 09:23 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-25 09:23 . 2011-11-08 14:42 2048 ----a-w- c:\windows\system32\tzres.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-05 19:19 . 2009-12-13 12:41 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-01-04 12:14 . 2009-03-03 20:10 900 --sha-w- c:\programdata\KGyGaAvL.sys 2011-12-07 15:51 . 2011-12-07 15:51 360448 ----a-w- c:\windows\system32\beid35applayer.dll 2011-12-07 15:50 . 2011-12-07 15:50 94208 ----a-w- c:\windows\system32\Belgium Identity Card PKCS11.dll 2011-12-07 15:50 . 2011-12-07 15:50 94208 ----a-w- c:\windows\system32\beidpkcs11.dll 2011-12-07 15:50 . 2011-12-07 15:50 200704 ----a-w- c:\windows\system32\beid35cardlayer.dll 2011-12-07 15:50 . 2011-12-07 15:50 200704 ----a-w- c:\windows\system32\eidlib.dll 2011-12-07 15:50 . 2011-12-07 15:50 200704 ----a-w- c:\windows\system32\beidlib.dll 2011-12-07 15:50 . 2011-12-07 15:50 266240 ----a-w- c:\windows\system32\beid35DlgsWin32.dll 2011-12-07 15:49 . 2011-12-07 15:49 126976 ----a-w- c:\windows\system32\beid35common.dll 2011-12-06 15:18 . 2011-12-06 15:18 116224 ----a-w- c:\windows\system32\beidmdrv32.dll 2011-11-19 12:09 . 2011-05-17 17:51 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-06 17:54 . 2011-11-06 17:54 81936 ----a-w- c:\windows\system32\drivers\AtihdLH3.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sticky Pad"="c:\program files\StickyPad\StickyPad.exe" [2007-04-23 528441] "PowerSuite"="c:\progra~1\Uniblue\POWERS~1\launcher.exe" [2011-11-01 67448] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920] . c:\users\Josiane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2009-02-22 15:52 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk] backup=c:\windows\pss\PDFCreator.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Freddy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2008-01-22 09:13 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor] 2008-08-08 16:30 16712 ----a-r- c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader] 2008-08-08 16:30 532808 ----a-r- c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] 2008-12-04 11:24 665424 ------w- c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2008-05-28 06:27 570664 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer] 2008-01-30 12:07 90112 ----a-w- c:\progra~1\MAGIX\FILM_O~1\Trayserver.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [2010-04-22 87968] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2009-12-15 37632] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSL87D5B5BB . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-06-20 11:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-02 20:09] . 2012-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-02 20:09] . 2011-12-25 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09] . 2012-01-18 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.zita.be/ mStart Page = hxxp://www.telenet.be mWindow Title = Telenet Internet uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.2.1 195.130.131.5 195.130.130.133 . . ------- Bestandsassociaties ------- . .txt= . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-beid - c:\program files\Belgium Identity Card\beid35gui.exe MSConfigStartUp-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe MSConfigStartUp-HP Update 3400C - c:\sj652\hpupdate.exe AddRemove-_{707EB912-C597-49D8-9460-46CC9AB03EBE} - c:\program files\Corel\Corel Painter Photo Essentials 4\MSILauncher {707EB912-C597-49D8-9460-46CC9AB03EBE} . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-18 20:30 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8d,db,47,d9,c5,9e,a6,45,a0,03,ff,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8d,db,47,d9,c5,9e,a6,45,a0,03,ff,\ . Voltooingstijd: 2012-01-18 20:31:48 ComboFix-quarantined-files.txt 2012-01-18 19:31 . Pre-Run: 117.752.492.032 bytes beschikbaar Post-Run: 118.044.839.936 bytes beschikbaar . - - End Of File - - 98B46A3CB8118BBC6C74BF6C530698CE
-
Halo Kape Bedankt voor uw reactie. Het report van Combofix heb ik hierbij gevoegd. Misschien nog het volgende. Ik ben de hele avond aan het werken met Phase One en regelmatig moet ik het pragramma opnieuw opstarten. (krijg de melding memory out) als ik dan kijk naar taakbeheer/prestaties/fysiek geheugen dan heb ik een aantal seconden na het afsluiten van Phase One plots maar dan 2Gb beschikbaar geheugen maar bijna meteen begint het opsouperen opnieuw, op het ritme van de klok zie ik het beschikbaar geheugen verdwijnen naar "In Cache". Is het mogelijk dat de aanmaak van tumbnails hier voor iets tussen zit. Ik weet het niet maar zou graag Phase One zonder problemen kunnen gebruiken. Alvast mijn dank voor uw reactie. Het Combo Fixreport Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:35:04, on 18/01/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files\Soluto\soluto.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\StickyPad\StickyPad.exe C:\Windows\system32\conime.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\taskmgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [sticky Pad] C:\Program Files\StickyPad\StickyPad.exe O4 - HKCU\..\Run: [PowerSuite] "C:\PROGRA~1\Uniblue\POWERS~1\launcher.exe" delay 20000 -m O4 - HKCU\..\Run: [beid] C:\Program Files\Belgium Identity Card\beid35gui.exe O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.euro.dell.com/systemprofiler/SysProExe.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6156/mcfscan.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 7792 bytes
-
Het rapport van HijackThis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:35:04, on 18/01/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files\Soluto\soluto.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\StickyPad\StickyPad.exe C:\Windows\system32\conime.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\taskmgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [sticky Pad] C:\Program Files\StickyPad\StickyPad.exe O4 - HKCU\..\Run: [PowerSuite] "C:\PROGRA~1\Uniblue\POWERS~1\launcher.exe" delay 20000 -m O4 - HKCU\..\Run: [beid] C:\Program Files\Belgium Identity Card\beid35gui.exe O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.euro.dell.com/systemprofiler/SysProExe.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6156/mcfscan.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 7792 bytes
-
Hallo Asus bedankt voor uw reactie. Ik gebruik momenteel Phase One versie 6.3.3 (32 bit) de link van speccy http://speccy.piriform.com/results/aMlTjfbS7FQTeEwHa135LyF grtjs
-
Mijn besturingssysteem is windows vista service pack 2. Bij een foto bewerkings applicatie Phase One heb ik regelmatig de melding "out of memory". Ik weet dat het programma nogal wat geheugen gebruikt maar ik heb volgende vraag. Wanneer ik mijn (desktop) PC opstart dan zie ik kort na het opstarten in het venster windows taakbeheer het volgende. Fysiek geheugen (in cache en beschikbaar bij benadering) Totaal 3325 In cache 625 Beschikbaar 2067 Na een aantal minuten krimt het beschikbaar geheugen snel totdat na een tiental minuten het Cache op 2222 staat en het beschikbaar op 66. Als ik het goed voor heb betekent In Cache -> geheugen dat in gebruik is door het systeem. Ik heb soluto op mijn pc geinstalleerd om alle overbodige services uit te sluiten maar er veranderd niets aan mijn vrij geheugen. Ik denk niet dat dit een normale gang van zaken is maar kan de boosdoener niet vinden. Alvast dank voor uw reactie. Vriendelijk groet Iska
