Computer Lag Issues (Please Help)

M

MrBowzer

New Member
Recently I have been receiving lots of lag issues. I am on a network with a few other computers but it is just me who is getting this lag. I am thinking it is a Virus or some sort of Malware issue.

I can give other information if it is needed, but the sooner the help the better.


p.s I will give logs, information, and other specs if requested.

-MrBowzer
 
I am sorry about the title: It is not a computer lag issue it is a Network/Internet lag issue.

It goes on for about a few minutes then shuts off/lags for a few minutes and does this all day long.
 
Here are the HIJACKTHIS logs:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:22:47, on 8/26/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\MrBowzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MrBowzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MrBowzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MrBowzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MrBowzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MrBowzer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Google Update] "C:\Users\MrBowzer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm
O8 - Extra context menu item: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7367 bytes
 
I don't see any issues in your log. Please do the following.

Please download Malwarebytes' Anti-Malware from here or here and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.
 
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.27.08

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
MrBowzer :: MRBOWZER-PC [administrator]

Protection: Enabled

8/27/2012 4:59:30
mbam-log-2012-08-27 (04-59-30).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 190627
Time elapsed: 1 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 
I really do not get what is going on. I will try and see if I need any updates for hardware/software, but I have done this already so I do not expect much.

I really need this fixed, and if you have any ideas/suggestions please let me know.
 
Have you downloaded and ran Ccleaner lately? It could be you have way too many temporary internet files slowing you down.
 
I have run Ccleaner. And the problem is still ongoing.

Side note: I did a full reformat of my computer just the other day (after the problem began) and it still is having this problem. Not at all sure what is going on.
 
How are you connected to the network? via a router? Have you tried a different port on the router or possibly a different cable?
 
I am connected using a USB Wifi. (Realtek RTL8188SU Wireless LAN 802.11n USB 2.0 Network Adapter.)

Via a router (Netgear Smart Wizard Router N600 Wireless Dual Band Gigabit Router: Model WNDR3700)
 
How about posting specs lol?

Please download PC wizard, install it and go to FILE, SAVE AS and click OK. Save the text file and copy its contents into this thread.
 
PC Wizard 2010 Version 1.96
------------------------------------------------------------------------------------------

Owner: MrBowzer
User: MrBowzer
Computer Name: MRBOWZER-PC
Operating System: Windows 7 Professional Professional Media Center 6.01.7600
Report Date: Tuesday 28 August 2012at 16:00

------------------------------------------------------------------------------------------


<<< System Summary >>>
> Mainboard : Asus M4A785T-M
> Chipset : AMD 785G
> Processor : AMD Phenom II X4 965e @ 800MHz
> Physical Memory : 12288MBDDR3-SDRAM
> Video Card : ATI Radeon HD 5700 Series
> Hard Disk : Western Digital WD2500KS-00MJB0 ATA Device (250GB)
> Hard Disk : Western Digital WD5001AALS-00L3B2 ATA Device (500GB)
> DVD-Rom Drive : HL-DT-ST DVDRAM GH22NS90
> Monitor Type : Dell Computer DELL E173FP - 17 inches
> Monitor Type : VW246 - 24 inches
> Network Card : Realtek Semiconductor RTL8168/8111 PCIe Gigabit Ethernet Adapter
> Operating System : Windows 7 Professional Professional Media Center 6.01.7600 (64-bit)
> DirectX : Version 11.00
> Windows Performance Index : 5.9 on 7.9

------------------------------------------------------------------------------------------
***** End of report *****
 
Another side note: My internet runs quickly later on at night, but during the day it lags/locks up allot.

So I figured it out, it is not my computer itself, it has something to do with my router. Thus either a person is DDos'ing my router during the day or someone is downloading something, but again I have asked everyone in my household and no one is downloading anything. So it must be someone who is accessing my router without permission. I do have a password on it so someone must have hacked into it or something.

I reset my router a few times, changing my Int. Ip and my Ext IP. Along with my Mac.
No one else is getting this lag, just me. And it is only during day hours, my time. Maybe someone is ddos'ing me and me alone, but I am not sure.

ANy ideas?
 
Here is my Log in my router.
________________________________________________________________________

[DHCP IP: 192.168.1.8] to MAC address 1c:65:9d:c0:3c:67, Tuesday, August 28,2012 10:15:09
[Internet connected] IP address: 74.78.50.217, Tuesday, August 28,2012 08:41:16
[DHCP IP: 192.168.1.4] to MAC address f8:78:8c:00:53:3d, Tuesday, August 28,2012 08:18:07
[DHCP IP: 192.168.1.8] to MAC address 1c:65:9d:c0:3c:67, Tuesday, August 28,2012 04:55:24
[DHCP IP: 192.168.1.7] to MAC address cc:af:78:0f:0f:90, Tuesday, August 28,2012 03:23:09
[Internet connected] IP address: 74.78.50.217, Tuesday, August 28,2012 02:44:34
[DHCP IP: 192.168.1.6] to MAC address 00:23:4e:c7:66:7b, Tuesday, August 28,2012 01:48:24
[DHCP IP: 192.168.1.5] to MAC address 88:25:2c:ba:5c:a5, Tuesday, August 28,2012 01:42:13
[DoS Attack: RST Scan] from source: 68.0.18.208, port 60757, Monday, August 27,2012 23:18:59
[DoS Attack: RST Scan] from source: 72.42.155.19, port 50164, Monday, August 27,2012 22:26:31
[DoS Attack: RST Scan] from source: 70.74.252.108, port 23692, Monday, August 27,2012 22:21:48
[DoS Attack: RST Scan] from source: 72.42.155.19, port 49815, Monday, August 27,2012 22:18:43
[DoS Attack: RST Scan] from source: 174.66.142.165, port 2710, Monday, August 27,2012 21:51:37
[DoS Attack: RST Scan] from source: 201.202.120.86, port 55007, Monday, August 27,2012 21:49:54
[DoS Attack: RST Scan] from source: 69.245.67.226, port 54782, Monday, August 27,2012 21:45:26
[DoS Attack: RST Scan] from source: 98.210.48.23, port 57287, Monday, August 27,2012 21:37:55
[DoS Attack: RST Scan] from source: 71.84.241.91, port 52940, Monday, August 27,2012 21:34:19
[DoS Attack: RST Scan] from source: 184.91.85.84, port 5751, Monday, August 27,2012 21:32:47
[DoS Attack: RST Scan] from source: 201.252.162.21, port 57289, Monday, August 27,2012 21:25:21
[DoS Attack: RST Scan] from source: 69.23.218.11, port 56956, Monday, August 27,2012 20:41:51
[DoS Attack: RST Scan] from source: 70.162.224.244, port 57251, Monday, August 27,2012 20:41:46
[DoS Attack: RST Scan] from source: 71.195.66.97, port 56888, Monday, August 27,2012 20:40:23
[DoS Attack: RST Scan] from source: 24.6.108.72, port 54676, Monday, August 27,2012 20:04:29
[DoS Attack: RST Scan] from source: 24.6.108.72, port 54516, Monday, August 27,2012 19:57:53
[DoS Attack: RST Scan] from source: 98.247.238.48, port 56535, Monday, August 27,2012 19:44:47
[DoS Attack: RST Scan] from source: 173.26.122.143, port 56808, Monday, August 27,2012 19:42:46
[DoS Attack: RST Scan] from source: 173.89.226.52, port 60134, Monday, August 27,2012 19:41:58
[DHCP IP: 192.168.1.6] to MAC address 00:23:4e:c7:66:7b, Monday, August 27,2012 19:27:32
[admin login] from source 192.168.1.4, Monday, August 27,2012 18:27:47
[DHCP IP: 192.168.1.4] to MAC address f8:78:8c:00:53:3d, Monday, August 27,2012 18:26:16
[WLAN access rejected: incorrect security] from MAC address 7c:ed:8d:3a:d4:79, Monday, August 27,2012 18:15:08
[DoS Attack: RST Scan] from source: 65.54.186.107, port 443, Monday, August 27,2012 17:48:12
[DHCP IP: 192.168.1.3] to MAC address 7c:ed:8d:3a:d4:79, Monday, August 27,2012 17:45:34
[DoS Attack: RST Scan] from source: 68.226.86.148, port 4853, Monday, August 27,2012 16:31:01
[DoS Attack: RST Scan] from source: 68.226.86.148, port 4755, Monday, August 27,2012 16:26:13
[DoS Attack: RST Scan] from source: 68.226.86.148, port 63713, Monday, August 27,2012 16:24:25
[DoS Attack: RST Scan] from source: 68.226.86.148, port 63594, Monday, August 27,2012 16:15:39
[Time synchronized with NTP server] Monday, August 27,2012 16:15:02
[Initialized, firmware version: V1.0.7.98] Monday, August 27,2012 16:15:00
 
You could be. Most of those IP addresses belong to comcast in several different states. Lets try another scan.

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
  • Download this file here :

    Combofix

  • When the page loads click on the blue combofix download link next to the BleepingComputer Mirror.
  • Save the file to your windows desktop. The combofix icon will look like this when it has downloaded to your desktop.

    cf-icon.jpg
  • We are almost ready to start ComboFix, but before we do so, we need to take some preventative measures so that there are no conflicts with other programs when running ComboFix. At this point you should do the following:

  • Close all open Windows including this one.
  • Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix. Instructions on disabling these type of programs can be found here.
    Once these two steps have been completed, double-click on the ComboFix icon found on your desktop. Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all. The scan could take a while, so please be patient.
  • Please click on I agree on the disclaimer window.
  • ComboFix will now install itself on to your computer. When it is done, a blue screen will appear as shown below.

    cf-preparing.jpg

  • ComboFix is now preparing to run. When it has finished ComboFix will automatically attempt to create a System Restore point so that if any problems occur while using the program you can restore back to your previous configuration. When ComboFix has finished creating the restore point, it will then backup your Windows Registry as shown in the image below.

    erunt.jpg

  • Once the Windows Registry has finished being backed up, ComboFix will attempt to detect if you have the Windows Recovery Console installed. If you already have it installed, you can skip to this section and continue reading. Otherwise you will see the following message as shown below:

    recovery-console-prompt.jpg

  • At the above message box, please click on the Yes button in order for ComboFix to continue. Please follow the steps and instructions given by ComboFix in order to finish the installation of the Recovery Console.
  • Please click on yes in the next window to continue scanning for malware.
  • ComboFix will now disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
  • ComboFix will now start scanning your computer for known infections. This procedure can take some time, so please be patient.
  • While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings. You will also see the text in the ComboFix window being updated as it goes through the various stages of its scan. An example of this can be seen below.

    still-scanning-clockchanges.jpg

  • When ComboFix has finished running, you will see a screen stating that it is preparing the log report.
  • This can take a while, so please be patient. If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
  • When ComboFix has finished, it will automatically close the program and change your clock back to its original format. It will then display the log file automatically for you.
  • Now you just click on the edit menu and click on select all, then click on the edit menu again and click on copy. Then come to the forum in your reply and right click on your mouse and click on paste.


In your next reply please post:
  • The ComboFix log
  • A fresh HiJackThis log
  • An update on how your computer is running
 
Solved:
Yesterday afternoon, I did a full rest to my router rather then the usual unplug and wait a few minutes. I reset up my router and it seemed to have solved the problem 100%. While I would still like to know why I was the only one getting effected by this, my guy instinct tells me it was someone ddos'ing me And I am never one to just jump to conclusions, it seems most apparent to me. Thank you guys so much for the help. Anytime I need help, this is where I am going.

-MrBowzer
 
You must log in or register to reply here.
Back
Top