Jump to content

Hoggorm - Log 01


Recommended Posts

Hi,

About two weeks ago my computer started to run very slow. I have only one PC game that requires a lot from my computer but two weeks ago it suddenly started to lag a lot. I asked for help on that game's forum, and the users there suggested me to post the problem here after trying to solve the problem with various methods.

Unfortunately it is not only the game mentioned that is lagging. The entire computer is, and even writing a note on a forum like this can take ages, since the letters does not appear on the screen the moment I type them. I'm having a hard time explaining exactly what the problem is, but when I start typing a word, nothing is displayed on screen until I finish typing. It is as if the computer has to catch his breath or something. When I stop typing the word appear. When I scroll on an internet webpage, the entire page is lagging and "jumping" down in steps, while before the problem appeared two weeks ago, the webpage would scroll evenly and without the lag.

Also - when I press different buttons or options in various programs, there are often some time delay before the mouse click opens the option I asked for. For example if I want to open the Options menu in a specific program, it will take up to several seconds before the option menu is displayed.

If there is any more information I can provide I will be happy to do so. I followed the steps in the PC Cleanup Wiki page, but the problem is still there...

Here is a copy of my HijackThis Log:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:25:20, on 10.05.2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\OEM02Mon.exe

C:\Program Files\Microsoft Security Essentials\msseces.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\iTunes\iTunes.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files\eMule\emule.exe

C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe

C:\Windows\system32\conime.exe

C:\Program Files\EuroScope\EuroScope.exe

C:\Program Files\ServInfo\ServInfo.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Temp\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Påloggingshjelp for Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe

O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETTVERKSTJENESTE')

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe

O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe

O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe

O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--

End of file - 7065 bytes

Link to comment
Share on other sites

  • Administrator

Welcome to Lunarsoft Hoggorm. I'm not seeing anything suspicious, though there are a few recommendations.

Recommendations:

  • Uninstall any/all toolbars.
  • Uninstall Ad-Aware if you didn't purchase it.
  • Uninstall eMule.
  • After all of this, reboot and then defragment your computer. You may also wish to open your case and use canned air to remove any dust from inside.

Also, please post a log from Malwarebytes if it found anything.

Link to comment
Share on other sites

Welcome to Lunarsoft Hoggorm. I'm not seeing anything suspicious, though there are a few recommendations.

Recommendations:

  • Uninstall any/all toolbars.
  • Uninstall Ad-Aware if you didn't purchase it.
  • Uninstall eMule.
  • After all of this, reboot and then defragment your computer. You may also wish to open your case and use canned air to remove any dust from inside.

Also, please post a log from Malwarebytes if it found anything.

Thank you Tarun.

How can I delete the toolbars? As far as I know I do not have any at all, but when I search the log I see these lines containing toolbar:

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

and

O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll

I need Internet Explorer, so I should not uninstall that, and TextAloud does not have any toolbars as far as I know?

I've been using eMule for many years without the lagging problem, but I'll try to uninstall it together with Ad-Aware.

I have a laptop that I try to keep as clean as possible, and among other things I use compressed air in the air outlet all the time. When the lagging occurs, the fan is not running at an higher than normal speed, but I'll try to open the computer and give it a more in depth cleaning.

Thank you so far.

Link to comment
Share on other sites

  • Administrator

You'll want to check Programs and Features for either the toolbar or the associated application. You may be able to change the installed application to remove the toolbar.

Should that not work, try entering this in the Run box:

regsvr32 /u C:\PROGRA~1\TEXTAL~1\TAForIE.dll

Link to comment
Share on other sites

Hi again,

I tried your recomendations (and was able to remove the Textaloud toolbar using the Run box comman) but unfortunately the problem is still there...

Malwarebytes did not report any problems either...

Do you have any further suggestions?

Link to comment
Share on other sites

does this behavior persist in Safemode?

No, it does not. That said, I was only able to test the problem when writing at forums (and that problem was gone). I was not able to test the game related problem as the game would not run in Safe Mode...

Link to comment
Share on other sites

Roughly when did this begin? Have you tried a System Restore to the point before these symptoms first occurred?

It started about two weeks ago. Unfortunately I do not have a system restore point that is prior to the lagging started... :( I've checked that and the latest I have available is two or three days after the problem first started.

Maybe I need to format the entire computer and install everything from scratch?

Link to comment
Share on other sites

If I were trying to track this down on one of my own computers, I would start up Task Manager on the Performance tab and see

(a) how much my CPU usage is

(b) how much memory is available (Physical Memory -> Total & Available) also (Commit Charge -> Total & Peak)

because delays in typing can be due to high CPU usage or shortage of memory/swap file thrashing.

.

Link to comment
Share on other sites

Did you install or update anything around the time this started?

Well, I try to keep my computer updated so I can't say I didn't. But I can't say I remember I did either... The problem is that I can't tell exactly when the problem started. I just discovered it thinking "that was strange with all that lagging", but I did not investigate any further. It was the next day I realised I had an issue...

how much my CPU usage is

I've been doing this a lot lately and I can't say I see any unknown programs running. When the computer is idling about 95% of the resources are marked as free, but still there are sudden "jumps" when a program is using CPU and then they will use up 70% of my CPU (some even more).

Those programs can be Internet Explorer (usually when I start a new page or open for the first time - i.e. not now when I'm just typing)

It can be Task manager itself using about 5%, Microsoft Security Essentials also 5% and so forth.

how much memory is available (Physical Memory -> Total & Available) also (Commit Charge -> Total & Peak)

Now this I have not looked at since the problem started. I don't know if there might be a problem here but free memory seem very low..?

As I have a Norwegian Windows version I'll try to translate but I might get it wrong as I do not know all the terms. This is what I see in the Performance tab after a restart and with only Internet Explorer running (started manually by me):

Physical Memory (MB)

Total: 3581

Speed buffer(?): 2783

Free: 37

Core Memory (MB)

Total: 203

Swap file(?): 113

Not in Swap file:(?): 89

Can this be correct? Only 37 MB free memory? In the lower part of the Task manager I have the following numbers:

Processes: 54

CPU Usage: Variating; but normally around 5-10%

Physical memory: 29%

Yesterday I ran Malwarebyte again without finding any problems, however I noticed that when I opened Internet Explorer later that day the font size seem to have changed. All letters are somewhat smaller now than what they were on Friday! :(

I feel something is going on here...

Hope you can assist.

Thank you.

Link to comment
Share on other sites

Sorry for the late response.

Does this only happen after playing the game? Or is your computer always behaving like this?

Only after playing:

- Does the game use any anti-cheating software that you know of?

- Name of the game?

If it's always like that:

- I'd say go through and run the computer with as little as possible.. start -> run -> msconfig -> switch to "Diagnostic Startup"

If Diagnostic Startup resolves it, I would check for anything that could possibly interact with the keyboard..

For example laptops usually have some ThinkPad app running, Screenshot apps hook the keyboard, ATI hooks the keyboard for the ATI Hotkey Poller service, etc.

I'd also clean your comp as best as you can.. It could be a badly programmed keylogger thats hooked to your keyboard for all i know.

I've even heard of removing the battery from laptops fixing this.. so it's a very wide issue.. which is very hard to pindown.

Link to comment
Share on other sites

  • 4 weeks later...
  • Administrator

The issue this thread has been opened for has been resolved.

If you need continued support, please start a new thread and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here: PC Cleanup

It is recommended that you review our PC Security wiki page to help secure your computer and protect it.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...