Vraag & Antwoord

Beveiliging & privacy

TCP/IP network not installed

hier een hijackThis log met de meest recente: Logfile of HijackThis v1.99.0 Scan saved at 19:09:19, on 21-01-2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe E:\Alias\Maya6.0\docs\Wrapper.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Raxco\PerfectDisk\PDEngine.exe D:\Program Files\RemotelyAnywhere\RaMaint.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\Tablet.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Raxco\PerfectDisk\PDSched.exe C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe D:\BitDefender8\vsserv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\CTHELPER.EXE E:\Winamp\winampa.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe E:\PowerDVD\PDVDServ.exe C:\WINDOWS\livenote.exe d:\Program Files\Logitech\MouseWare\system\em_exec.exe E:\Program Files\D-Tools\daemon.exe E:\Brandprogramma\CloneCD\CloneCDTray.exe D:\Program Files\RemotelyAnywhere\ragui.exe D:\BitDefender8\bdmcon.exe D:\BitDefender8\bdoesrv.exe D:\BitDefender8\bdswitch.exe D:\Program Files\HP\Digital Imaging\Promotions\HPpromo.exe D:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Messenger\msmsgs.exe D:\Nikon\NkView6\NkvMon.exe C:\WINDOWS\system32\WTablet\TabUserW.exe N:\HijackThis.exe E:\Alias\Maya6.0\docs\jre\bin\java.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [WinampAgent] E:\Winamp\winampa.exe O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [RemoteControl] e:\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [LiveNote] livenote.exe O4 - HKLM\..\Run: [Jet Detection] "e:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [CloneCDTray] "E:\Brandprogramma\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [anvshell] anvshell.exe O4 - HKLM\..\Run: [RemotelyAnywhere GUI] "D:\Program Files\RemotelyAnywhere\ragui.exe" O4 - HKLM\..\Run: [BDMCon] D:\BitDefender8\\bdmcon.exe O4 - HKLM\..\Run: [BDOESRV] D:\BitDefender8\\bdoesrv.exe O4 - HKLM\..\Run: [BDNewsAgent] D:\BitDefender8\\bdnagent.exe O4 - HKLM\..\Run: [BDSwitchAgent] D:\BitDefender8\\bdswitch.exe O4 - HKLM\..\Run: [HPpromo psc 1300 series] "D:\Program Files\HP\Digital Imaging\Promotions\HPpromo.exe" /N "psc 1300 series" -r O4 - HKLM\..\Run: [HP Software Update] "D:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: NkvMon.exe.lnk = D:\Nikon\NkView6\NkvMon.exe O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - d:\Program Files\Microsoft ActiveSync\INETREPL.DLL O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - d:\Program Files\Microsoft ActiveSync\INETREPL.DLL O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - d:\Program Files\Microsoft ActiveSync\INETREPL.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O10 - Broken Internet access because of LSP provider 'c:\windows\system32\lsp.dll' missing O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by2fd.bay2.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093071589421 O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - http://www.bibliotheekrenkum.nl/catalogus/msrdp.cab O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Alias Documentation Server - Unknown - E:\Alias\Maya6.0\docs\Wrapper.exe O23 - Service: BitDefender Scan Server - Unknown - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe O23 - Service: Macromedia Licensing Service - Unknown - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Pacsptisvr.exe O23 - Service: pcAnywhere Install Service - Unknown - D:\Program Files\Symantec\pcAnywhere\pca_run.exe (file missing) O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: PDScheduler - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: RemotelyAnywhere Maintenance Service - 3am Labs, Inc. - D:\Program Files\RemotelyAnywhere\RaMaint.exe O23 - Service: RemotelyAnywhere - 3am Labs, Inc. - D:\Program Files\RemotelyAnywhere\RemotelyAnywhere.exe O23 - Service: Sony SPTI Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe O23 - Service: BitDefender Virus Shield - Unknown - D:\BitDefender8\vsserv.exe O23 - Service: BitDefender Communicator - Softwin - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe Harrie

Anoniem
Harrie
1 antwoord
  • Ik weet niet of ik hier goed zit maar ik probeer het toch maar even. Van de een op de andere dag krijg ik na het opstarten het bericht [b:05f6add313]The TCP/IP network transport [/b:05f6add313]is not installed.
    Ik heb er hitmanpro opgestart en kreeg een megahoeveelheid trojan etc verwijzingen terwijl ik de computer pas 2 dagen ervoor helemaal geschoond had. De eerste keren liep adaware vast op c:\system volume information, daarna niet meer. De hele zooi geschoond en opnieuw opgestart leverd dezelfde melding, TCP/IP not installed etc.
    Ik had nog een reserve netwerkkaart en heb die in de PC gehangen, kon toch zijn dat de andere kaart stuk was, maar ook dit had geen resultaat.
    Voordat ik opnieuw windows moet installeren vraag ik hier om hulp. Heeft er iemand enig idee wat er is gebeurt en weet iemand hoe ik dit probleem kan oplossen?
    ter informatie hieronder een hijackThis.log:

    Logfile of HijackThis v1.98.0
    Scan saved at 11:49:40, on 21-01-2005
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\CTHELPER.EXE
    E:\Winamp\winampa.exe
    C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    E:\PowerDVD\PDVDServ.exe
    D:\Program Files\RemotelyAnywhere\RaMaint.exe
    d:\Program Files\Logitech\MouseWare\system\em_exec.exe
    E:\Program Files\D-Tools\daemon.exe
    D:\Program Files\RemotelyAnywhere\ragui.exe
    D:\BitDefender8\bdmcon.exe
    D:\BitDefender8\bdoesrv.exe
    C:\WINDOWS\System32\svchost.exe
    D:\BitDefender8\bdswitch.exe
    D:\Program Files\HP\Digital Imaging\Promotions\HPpromo.exe
    D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\System32\Tablet.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Raxco\PerfectDisk\PDSched.exe
    C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
    D:\Nikon\NkView6\NkvMon.exe
    C:\WINDOWS\system32\WTablet\TabUserW.exe
    C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
    D:\BitDefender8\vsserv.exe
    E:\Downloads\APPS\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
    O4 - HKLM\..\Run: [WinampAgent] E:\Winamp\winampa.exe
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    O4 - HKLM\..\Run: [RemoteControl] e:\PowerDVD\PDVDServ.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [LiveNote] livenote.exe
    O4 - HKLM\..\Run: [Jet Detection] "e:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [CloneCDTray] "E:\Brandprogramma\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [anvshell] anvshell.exe
    O4 - HKLM\..\Run: [RemotelyAnywhere GUI] "D:\Program Files\RemotelyAnywhere\ragui.exe"
    O4 - HKLM\..\Run: [BDMCon] D:\BitDefender8\\bdmcon.exe
    O4 - HKLM\..\Run: [BDOESRV] D:\BitDefender8\\bdoesrv.exe
    O4 - HKLM\..\Run: [BDNewsAgent] D:\BitDefender8\\bdnagent.exe
    O4 - HKLM\..\Run: [BDSwitchAgent] D:\BitDefender8\\bdswitch.exe
    O4 - HKLM\..\Run: [HPpromo psc 1300 series] "D:\Program Files\HP\Digital Imaging\Promotions\HPpromo.exe" /N "psc 1300 series" -r
    O4 - HKLM\..\Run: [HP Software Update] "D:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: NkvMon.exe.lnk = D:\Nikon\NkView6\NkvMon.exe
    O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - d:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - d:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - d:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O10 - Broken Internet access because of LSP provider 'c:\windows\system32\lsp.dll' missing
    O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by2fd.bay2.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093071589421
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
    O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - http://www.bibliotheekrenkum.nl/catalogus/msrdp.cab
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
    O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
    O20 - AppInit_DLLs: sockspy.dll

    met vriendelijke groet Harrie

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.