PC running slow..

quindoo · 06-22-2009, 03:21 PM

Dear TSF,

My computer seems to be running slow lately and the greatest issue is Internet Explorer and Mozilla Firefox who are running slow.

I just finished clearing up some programs that I didn't use anymore, so I deleted those, which resulted in a small improvement. But I think some kind of trojan or something is causing this.

So I followed the First Steps from TSF and made my logs, just to check out.

( My antivirus seemed to stop working since a week ago, so I deleted it aswell today )

DDS (Ver_09-05-14.01) - NTFSx86
Run by Bram Buermans at 10:35:57,84 on vr 19-06-2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1033.18.3327.2684 [GMT 2:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Curse\CurseClient.exe
C:\Program Files\Hamachi\hamachi.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Documents and Settings\Bram Buermans.QUINDOO\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.nl/
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
uRun: [CurseClient] c:\program files\curse\CurseClient.exe -silent
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [36X Raid Configurer] c:\windows\system32\xRaidSetup.exe boot
mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SoundMax] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\brambu~1.qui\startm~1\programs\startup\hamachi.lnk - c:\program files\hamachi\hamachi.exe
StartupFolder: c:\docume~1\brambu~1.qui\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/binary/MJSS.cab69309.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://play.battlefield-heroes.com/static/updater/BFHUpdater_4.0.15.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: {A82DD318-5910-4256-8308-27C94DEA2CA5} = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\brambu~1.qui\applic~1\mozilla\firefox\profiles\japd062o.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
FF - plugin: c:\documents and settings\bram buermans.quindoo\application data\mozilla\firefox\profiles\japd062o.default\extensions\battlefieldheroespatcher@ea.com\platform\winnt_x86-msvc\plugins\npBFHUpdater.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-8 325896]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-2-8 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-8 108552]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe --> c:\progra~1\avg\avg8\avgwdsvc.exe [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-8-2 32512]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2008-6-27 332928]

=============== Created Last 30 ================

2009-06-16 13:12 <DIR> --d----- c:\temp\Windows 7 Ultimate RC (x64) - DVD (English)
2009-06-10 15:41 <DIR> --d----- c:\docume~1\brambu~1.qui\applic~1\LimeWire
2009-06-04 00:04 <DIR> --d----- c:\program files\Codemasters
2009-05-27 12:12 <DIR> --d----- c:\windows\system32\js
2009-05-27 12:12 <DIR> --d----- c:\windows\system32\images
2009-05-27 12:12 <DIR> --d----- c:\windows\system32\html
2009-05-27 12:12 <DIR> --d----- c:\windows\system32\css
2009-05-27 12:12 <DIR> --d----- c:\program files\Business Objects
2009-05-27 12:08 <DIR> --d----- c:\program files\Windows Mobile 5.0 SDK R2
2009-05-27 12:08 <DIR> --d----- c:\program files\Microsoft Synchronization Services
2009-05-27 12:08 <DIR> --d----- c:\program files\Microsoft SQL Server Compact Edition
2009-05-27 12:03 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\PreEmptive Solutions
2009-05-27 11:57 <DIR> --d----- c:\program files\Microsoft Web Designer Tools

==================== Find3M ====================

2009-05-07 17:32 345,600 a------- c:\windows\system32\localspl.dll
2009-05-02 19:08 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-02 19:08 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-02 19:08 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-04-29 06:56 827,392 a------- c:\windows\system32\wininet.dll
2009-04-29 06:55 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-22 00:20 14,311,680 a------- c:\windows\system32\xlive.dll
2009-04-22 00:20 13,642,496 a------- c:\windows\system32\xlivefnt.dll
2009-04-19 16:45 2,098 a--sh--- c:\windows\system32\KGyGaAvL.sys
2009-04-17 14:26 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-15 16:51 585,216 a------- c:\windows\system32\rpcrt4.dll
2009-04-12 20:58 625,152 a------- c:\windows\system32\mp3tsshx.dll
2009-04-12 14:13 103,736 a------- c:\windows\system32\PnkBstrB.exe
2009-04-11 16:03 66,872 a------- c:\windows\system32\PnkBstrA.exe
2009-04-11 15:11 22,328 a------- c:\docume~1\brambu~1.qui\applic~1\PnkBstrK.sys
2009-03-28 02:02 2,337,865 a------- c:\windows\system32\pbsvc.exe
2009-03-27 08:14 453,152 a------- c:\windows\system32\NVUNINST.EXE
2006-06-23 08:48 32,768 a----r-- c:\windows\inf\UpdateUSB.exe
2008-08-16 12:01 56 ---shr-- c:\windows\system32\DC038C81BD.sys
2008-11-02 20:32 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008110220081103\index.dat

============= FINISH: 10:36:23,31 ===============

Thanks in advance,

Quindoo

quindoo · 06-27-2009, 11:25 AM

[b]oosting [u]p [m]y [p]ost

Can anyone please help me? still suffering from a slow computer.

quindoo · 07-03-2009, 07:56 AM

[b]oosting [u]p [m]y [p]ost

Can anyone please help me? still suffering from a slow computer.

quindoo · 07-10-2009, 01:49 PM

[b]oosting [u]p [m]y [p]ost

Can anyone please help me? still suffering from a slow computer.

06-27-2009, 11:25 AM	#2 (permalink)
quindoo Registered User Join Date: Aug 2005 Posts: 115 OS: XP Pro SP2	Re: PC running slow.. [b]oosting [u]p [m]y [p]ost Can anyone please help me? still suffering from a slow computer.

07-03-2009, 07:56 AM	#3 (permalink)
quindoo Registered User Join Date: Aug 2005 Posts: 115 OS: XP Pro SP2	Re: PC running slow.. [b]oosting [u]p [m]y [p]ost Can anyone please help me? still suffering from a slow computer.

07-10-2009, 01:49 PM	#4 (permalink)
quindoo Registered User Join Date: Aug 2005 Posts: 115 OS: XP Pro SP2	Re: PC running slow.. [b]oosting [u]p [m]y [p]ost Can anyone please help me? still suffering from a slow computer.