BenQ92 Skrevet 30. januar 2010 Del Skrevet 30. januar 2010 Hei, internettet til pcen min har startet å gå ganske tregt den siste uken. Det er et trådløst nettverk fra Netgear. Jeg har kjørt Malwarebytes uten å finne noe. Har kjørt DSS som du kan se under. DDS (Ver_09-12-01.01) - NTFSX64 Run by Robin at 13:37:18,91 on 30.01.2010 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.47.1044.18.6143.4601 [GMT 1:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Program Files (x86)\AVG\AVG9\avgchsva.exe C:\Program Files (x86)\AVG\AVG9\avgrsa.exe C:\Windows\system32\lsm.exe C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Jensen\Common\RalinkRegistryWriter.exe C:\Program Files (x86)\Advanced Registry Doctor\RegManServ.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Packard Bell\SetupMyPC\SmpSys.exe C:\Program Files (x86)\Internet Download Manager\IDMan.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Packard Bell\AutoBackup\AutoBackup.exe C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe C:\Program Files (x86)\Jensen\Common\JensenUI.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files (x86)\AVG\AVG9\avgnsa.exe C:\Program Files (x86)\AVG\AVG9\avgtray.exe C:\Program Files (x86)\Java\jre6\bin\jusched.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe C:\Program Files (x86)\Packard Bell\AutoBackup\abDevDet.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\svchost.exe -k WindowsMobile C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Opera\opera.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Robin\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uSearch Bar = Preserve uStart Page = hxxp://startsiden.no/ uDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0414&s=1&o=vp64&d=0809&m=ixtreme_m5120 mLocal Page = c:\windows\syswow64\blank.htm uInternet Settings,ProxyOverride = local;*.local BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files (x86)\internet download manager\IDMIECC.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg9\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll BHO: Påloggingshjelp for Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\googletoolbar1.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\3.1.415.1646\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\googletoolbar1.dll TB: {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No File uRun: [smpcSys] c:\program files (x86)\packard bell\setupmypc\SmpSys.exe uRun: [iDMan] c:\program files (x86)\internet download manager\IDMan.exe /onboot uRun: [Packard Bell Auto Backup] "c:\program files (x86)\packard bell\autobackup\AutoBackup.exe" /run uRun: [Pando Media Booster] c:\program files (x86)\pando networks\media booster\PMB.exe mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime mRun: [AVG9_TRAY] c:\progra~2\avg\avg9\avgtray.exe mRun: [sunJavaUpdateSched] "c:\program files (x86)\java\jre6\bin\jusched.exe" StartupFolder: c:\users\robin\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files (x86)\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\jensen~1.lnk - c:\program files (x86)\jensen\common\JensenUI.exe StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0) mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Download all links with IDM - c:\program files (x86)\internet download manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files (x86)\internet download manager\IEGetVL.htm IE: Download with IDM - c:\program files (x86)\internet download manager\IEExt.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~3\office12\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~3\office12\REFIEBAR.DLL LSP: c:\windows\system32\idmmbc.dll DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} - hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} - hxxp://t.live.cctv.com/ieocx/CCTVUpdateInstall.dll DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files (x86)\avg\avg9\avgpp.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - c:\windows\syswow64\EZUPBH~1.DLL {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} {9030D464-4C02-4ABF-8ECC-5164760863C6} TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB-X64: {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No File mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe mRun-x64: [skytel] c:\program files\realtek\audio\hda\Skytel.exe mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE AppInit_DLLs-X64: avgrssta.dll ============= SERVICES / DRIVERS =============== R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc);c:\windows\system32\drivers\pe3ah4nc.sys [2007-5-18 72560] R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);c:\windows\system32\drivers\ps6ah4nc.sys [2007-5-18 77176] R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\PxHlpa64.sys [2009-5-9 52856] R1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\drivers\avgldx64.sys [2009-11-6 422920] R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\drivers\avgmfx64.sys [2009-11-6 34248] R1 AvgTdiA;AVG Free Network Redirector x64;c:\windows\system32\drivers\avgtdia.sys [2009-11-6 470024] R1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 59904] R2 avg9wd;AVG Free WatchDog;c:\program files (x86)\avg\avg9\avgwdsvc.exe [2009-11-6 285392] R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files (x86)\jensen\common\RalinkRegistryWriter.exe [2009-12-23 69632] R3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28ux.sys [2009-6-10 867328] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-6-26 83488] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 17920] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x64.sys [2009-9-28 395264] S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);c:\windows\system32\pr2ah4nc.exe svc --> c:\windows\system32\pr2ah4nc.exe svc [?] S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe [2009-11-18 25832] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\common files\macrovision shared\flexnet publisher\FNPLicensingService64.exe [2009-9-9 1038088] S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2009-8-14 269824] S4 ahcix64s;ahcix64s;c:\windows\system32\drivers\ahcix64s.sys [2009-5-9 225296] =============== Created Last 30 ================ 2010-01-29 16:22:35 0 d-----w- c:\users\robin\appdata\roaming\EA 2010-01-27 14:38:36 389632 ----a-w- c:\windows\system32\winlogon.exe 2010-01-27 14:38:36 2870272 ----a-w- c:\windows\explorer.exe 2010-01-27 14:38:36 2614272 ----a-w- c:\windows\syswow64\explorer.exe 2010-01-22 00:48:44 5961728 ----a-w- c:\windows\syswow64\mshtml.dll 2010-01-22 00:48:44 10976768 ----a-w- c:\windows\syswow64\ieframe.dll 2010-01-22 00:48:43 977920 ----a-w- c:\windows\syswow64\wininet.dll 2010-01-22 00:48:43 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll 2010-01-22 00:48:43 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll 2010-01-22 00:48:43 1224704 ----a-w- c:\windows\syswow64\urlmon.dll 2010-01-22 00:48:43 1192960 ----a-w- c:\windows\system32\wininet.dll 2010-01-17 13:38:56 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01009.Wdf 2010-01-16 19:11:53 0 d-----w- c:\users\robin\appdata\roaming\Wizards of the Coast 2010-01-16 19:11:34 0 d-----w- c:\program files (x86)\Wizards of the Coast 2010-01-13 05:37:56 70656 ----a-w- c:\windows\syswow64\fontsub.dll 2010-01-13 05:37:56 148480 ----a-w- c:\windows\system32\t2embed.dll 2010-01-13 05:37:56 108544 ----a-w- c:\windows\syswow64\t2embed.dll 2010-01-13 05:37:56 100864 ----a-w- c:\windows\system32\fontsub.dll 2009-12-31 14:07:21 0 d-----w- c:\programdata\PMB Files 2009-12-31 14:07:07 0 d-----w- c:\program files (x86)\Pando Networks ==================== Find3M ==================== 2010-01-26 15:25:18 73918 ----a-w- c:\windows\system32\perfc014.dat 2010-01-26 15:25:18 447972 ----a-w- c:\windows\system32\perfh014.dat 2009-12-03 15:13:58 22104 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-09 15:26:03 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2009-11-09 15:26:03 444952 ----a-w- c:\windows\syswow64\wrap_oal.dll 2009-11-09 15:26:03 121880 ----a-w- c:\windows\system32\OpenAL32.dll 2009-11-09 15:26:03 109080 ----a-w- c:\windows\syswow64\OpenAL32.dll 2009-11-06 22:26:19 12464 ----a-w- c:\windows\system32\avgrssta.dll 2009-07-14 09:15:51 36156 ----a-w- c:\windows\inf\perflib414\perfd.dat 2009-07-14 09:15:51 36156 ----a-w- c:\windows\inf\perflib414\perfc.dat 2009-07-14 09:15:51 298300 ----a-w- c:\windows\inf\perflib414\perfi.dat 2009-07-14 09:15:51 298300 ----a-w- c:\windows\inf\perflib414\perfh.dat 2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini 2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib000\perfi.dat 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib000\perfh.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib000\perfd.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib000\perfc.dat 2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 04:55:03 16384 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\index.dat 2009-07-14 04:55:03 32768 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat 2009-07-14 04:55:03 16384 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\roaming\microsoft\windows\cookies\index.dat 2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 13:37:52,12 =============== Håper noen kan hjelpe meg. Lenke til kommentar
norbat Skrevet 30. januar 2010 Del Skrevet 30. januar 2010 (endret) Er det flere pc'er som er koblet mot det trådløse og har de samme problem? Hjelper det om du flytter litt på pc'n din? Sjekk om det finnes oppdatert firmware til netgear-ruteren. DDS-loggen viser ikke noe malware, så problemet skyldes nok andre ting Endret 30. januar 2010 av norbat Lenke til kommentar
BenQ92 Skrevet 30. januar 2010 Forfatter Del Skrevet 30. januar 2010 Er det flere pc'er som er koblet mot det trådløse og har de samme problem? Hjelper det om du flytter litt på pc'n din? Sjekk om det finnes oppdatert firmware til netgear-ruteren. DDS-loggen viser ikke noe malware, så problemet skyldes nok andre ting Det er 2 pc'er til som er koblet til og de har ikke det samme problemet. Firmware til netgear-rutern er oppdatert. Lenke til kommentar
norbat Skrevet 4. februar 2010 Del Skrevet 4. februar 2010 Er det like tregt om du kobler deg til med kabel også? Lenke til kommentar
TJ91 Skrevet 7. februar 2010 Del Skrevet 7. februar 2010 Slett alle toolbars. Hvilken nettleser bruker du? Lenke til kommentar
Spaycer Skrevet 10. februar 2010 Del Skrevet 10. februar 2010 bytt til Safari eller Google Chrom .. Bruk CCleaner til å slette all unødvendig internett filer .. Du kan og bruke diskoprydning Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå