Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Dell B130 Slows Down when connected to Net


  • This topic is locked This topic is locked
2 replies to this topic

#1 aaren

aaren

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:44 PM

Posted 17 March 2010 - 12:45 PM

At the outset, I would like to thank for this site and the help that you folks are rendering. Am not sure, but, my computer start slowing up and the CPU usage goes upto 100% when connecting to the net and after a browser is opened. I have recently formatted the disk - and yet the problem is persisting. Am sure that this system B130 Dell is not infected with any malware or something similar. Am posting below the Hijackthis log and the log from Process Explorer. would appreciate any help to fix this problem

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:47:01 PM, on 3/17/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWSN\System32\smss.exe
C:\WINDOWSN\system32\winlogon.exe
C:\WINDOWSN\system32\services.exe
C:\WINDOWSN\system32\lsass.exe
C:\WINDOWSN\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWSN\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWSN\System32\WLTRYSVC.EXE
C:\WINDOWSN\System32\bcmwltry.exe
C:\WINDOWSN\system32\spoolsv.exe
C:\WINDOWSN\Explorer.EXE
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWSN\system32\WLTRAY.exe
C:\WINDOWSN\system32\hkcmd.exe
C:\WINDOWSN\system32\igfxpers.exe
C:\WINDOWSN\stsystra.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\WINDOWSN\system32\ctfmon.exe
C:\Program

Files\IBM\Lotus\Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.0.0.20080103-1841\soffi

ce.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\ZTE High Speed Data MODEM\bin\PcmciaApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWSN\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWSN\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program

Files\AVG\AVG9\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWSN\System32\DLA\DLASHX_W.DLL
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWSN\system32\WLTRAY.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWSN\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWSN\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWSN\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWSN\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [SODCPreLoad] C:\Program

Files\IBM\Lotus\Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.0.0.20080103-1841\prelo

ad.exe C:\PROGRA~1\IBM\Lotus\Symphony\data\.sodc\
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe"

(file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWSN\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWSN\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

http://www.update.microsoft.com/microsoftu...b?1265416795406
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF622E9B-1F9F-407D-94B8-B9DA15EC533F}: NameServer = 202.138.103.100 202.138.96.2
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWSN\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWSN\System32\WLTRYSVC.EXE
O24 - Desktop Component 0: (no name) - http://www.bing.com/fd/hpk2/Belogradchik_ROW3136832220.jpg

--
End of file - 5601 bytes

And here is the Process Explorer file:

Process PID CPU Description Company Name
System Idle Process 0 30.08
Interrupts n/a 1.41 Hardware Interrupts
DPCs n/a 1.41 Deferred Procedure Calls
System 4 1.63
smss.exe 772 Windows NT Session Manager Microsoft Corporation
csrss.exe 844 Client Server Runtime Process Microsoft Corporation
winlogon.exe 880 Windows NT Logon Application Microsoft Corporation
services.exe 924 4.07 Services and Controller app Microsoft Corporation
svchost.exe 1124 Generic Host Process for Win32 Services Microsoft Corporation
wmiprvse.exe 2096 WMI Microsoft Corporation
svchost.exe 1200 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1308 3.25 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1432 Generic Host Process for Win32 Services Microsoft Corporation
WLTRYSVC.EXE 1908
BCMWLTRY.EXE 1948 1.63 Dell Wireless WLAN Card Wireless Network Controller Dell Inc.
spoolsv.exe 320 Spooler SubSystem App Microsoft Corporation
svchost.exe 796 Generic Host Process for Win32 Services Microsoft Corporation
avgwdsvc.exe 1472 1.63 AVG Watchdog Service AVG Technologies CZ, s.r.o.
avgnsx.exe 1288 AVG Network scanner Service AVG Technologies CZ, s.r.o.
NicConfigSvc.exe 1716 Internal Network Card Power Management Service Dell Inc.
avgemc.exe 584 1.63 AVG E-Mail Scanner AVG Technologies CZ, s.r.o.
avgcsrvx.exe 1784 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o.
alg.exe 2772 Application Layer Gateway Service Microsoft Corporation
lsass.exe 936 3.25 LSA Shell (Export Version) Microsoft Corporation
avgchsvx.exe 1260 6.50 AVG Cache Server AVG Technologies CZ, s.r.o.
avgrsx.exe 1268 AVG Resident Shield Service AVG Technologies CZ, s.r.o.
avgcsrvx.exe 1464 1.63 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o.
explorer.exe 344 8.13 Windows Explorer Microsoft Corporation
WLTRAY.EXE 504 0.81 Dell Wireless WLAN Card Wireless Network Tray Applet Dell Inc.
hkcmd.exe 524 hkcmd Module Intel Corporation
igfxpers.exe 532 persistence Module Intel Corporation
stsystra.exe 520 Sigmatel Audio system tray application SigmaTel, Inc.
avgtray.exe 540 AVG Tray Monitor AVG Technologies CZ, s.r.o.
ctfmon.exe 596 CTF Loader Microsoft Corporation
PcmciaApp.exe 2904 1.63 Wireless USB modem/PCMCIA card application for Windows
iexplore.exe 3288 Internet Explorer Microsoft Corporation
iexplore.exe 3552 2.44 Internet Explorer Microsoft Corporation
taskmgr.exe 4012 Windows TaskManager Microsoft Corporation
notepad.exe 1224 Notepad Microsoft Corporation
procexp.exe 3080 30.89 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
soffice.exe 984
notepad.exe 2972 Notepad Microsoft Corporation
firefox.exe 3036 Firefox Mozilla Corporation



BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:14 AM

Posted 20 March 2010 - 11:50 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. In the custom scan box paste the following:
    CODE
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
  6. Push the button.
  7. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:14 AM

Posted 07 April 2010 - 06:26 AM

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users