Possibly infected?

Status
Not open for further replies.
P

plasma dragon00

Posts: 169   +0
well, as of a few days ago, my computer has been going slooooow. ive had visual lag, and my internet speed in firefox has slowed to a crawl. on games like world of warcraft though, everything is a little bit better. ive done an avg antivirus and an spybot sd scan, all show up clean. im gonna do avg as and adaware 07 in a few minutes, along with a defrag and ccleaner.

included is a hjt log, if someone could please review it for me.
 
If you are sure you have no current Virus infection, and you're not loading masses of start-up items on boot, then a slow boot and performance is often attributed to the fact that your IDE has switched from DMA to PIO (as a result of a problem), I come across this all the time.

Take a look in Device Manager, Advanced Settings.
If you see "PIO MODE" under "Current Transfer Mode" then that will be why you're PC is running slow on boot, and performance.

IF it's PIO then let me know and I'll give you instructions for putting it right.

Ferris
 
thank you. im not sure how to get to the advance settings you're talking about. i got into device manager but thats as far as i can figure out where to go.

EDIT: i think i may have found what you mean - IDE ATA/ATAPI controllers > nVidia Nforce4 Parallel ATA controller (its the only one that shows devices connected to it) right click, properties. under Primary channel (where my hard drives are connected) both show as the transfer mode as Ultra DMA 5 - Ultra100

im not sure if that helps any
 
To load the Device Manager (3 different ways to try; one or all paths may be restricted depending on your access level):

(1) Click Start > Control Panel > Performance and Maintenance > System > Hardware tab > Device Manager button
(Note: The “Performance and Maintenance” step is only applicable if the Control Panel’s Category View is enabled)

or

(2) Click Start > right-click My Computer > Properties > Hardware tab > Device Manager button

or

(3) Click Start > right-click My Computer > Manage > System Tools folder > Device Manager console

From there you should be able to click on the "Advanced Settings" Tab at the top, and then check for PIO

Ferris
 
i tried all 3 ways, but none of the device manager windows they bring up have an advanced settings tab. they just have file, action, view, and help

also, i forgot to mention, if it would make a difference, im using windows xp home sp 2
 
EDIT: i think i may have found what you mean - IDE ATA/ATAPI controllers > nVidia Nforce4 Parallel ATA controller (its the only one that shows devices connected to it) right click, properties. under Primary channel (where my hard drives are connected) both show as the transfer mode as Ultra DMA 5 - Ultra100

im not sure if that helps any[/QUOTE]

Sorry just read this.

Ok if you look under Properties for you Primary Channel.

Notes: If you don’t have the Advanced Settings tab, check if you’re on an Intel chipset using a background app usually visible in the System Tray called Intel Accelerator, if that's the case then you're unlikely to be having a PIO issue.

If they read DMA and not PIO then we can rule out a switch to PIO as a result of a failure during the boot process.

Ferris
 
it says Ultra DMA 5 - Ultra100 under the primary channel properties

no i do not have an intel chipset background app in the system tray, or running in the processes list for that matter.

EDIT: just to add, im not even sure if there is anything wrong with my computer. it just seems that its been going a bit slower than normal lately.
 
That's good news, no messing with Windows Registry required then.

Something is hogging your memory.

Ok check for Virus, bearing in mind that not all programs will capture everything, so run two or three.

Run Hijack this and stick a post on this site.

Check for Windows Start Programs, try switching some off and reboot to see if that makes a difference.

Check HDD space, and do Defrag.

Ferris
 
did an avg antivirus scan, all clean

adaware 2007, spybot s&d, avg AS all found some tracking cookies, removed

the only 2 new startup items that i have are NeroCheck.exe and InCD.exe, both there from installing nero. InCD.exe barely uses any memory, nerocheck.exe doesnt show up in processes list.

did a ccleaner and defrag 2 days ago

hijackthis log is in my first post, but heres a new one attached at the bottom

just so you know, i am running dvd decrypter in the background, ripping dvds to my ipod
 
Have HijackThis fix these entries:

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_02) -
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) -
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O16 - DPF: {D4F3F795-7712-4D92-91DF-AEB055D8AC73} (Invoke Solutions Compatibility Test Control) - http://rms2.invokesolutions.com/events/bin/comptest/4.1.0.34000/MILiveCompTest.ocx
O16 - DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47} (Invoke Solutions Participant Control(MR)) - http://rms2.invokesolutions.com/events/bin/5.5.0.1437/MILive.cab

I would run a ComboFix scan and post the log to be sure.

Regards,
momok
 
thanks for the reply momok.

i also think i may know another reason why mt computer is going slow. every few minutes, i hear some fizzling (?) inside my computer. like kinda the sound my parents old hard drive used to make (im not using it though, and you dont even know what it sounds like though lol) and then a relay will switch and ill lag for a few seconds. seems like its either my mobo or psu, but im meeting with my uncle for lunch tomorrow and hes the one who built my pc, so ill ask him if he has any ideas.

hjt log attached

EDIT: momok the combofix link in the prelim instructions seems to be broken. it comes up with a pink background page (i think its pink, im somewhat colorblind) giving me the error:

404 Not Found
The requested URL '/sUBs/Beta/ComboFix.exe' was not found on this server.

if you could refer me to another safe download of the file please?

thanks,

~plasma
 
:(

"C:\...Desktop\ComboFix.exe is not a valid Win32 application"

ill retry the one in the prelim instructions to see if thats changed yet

EDIT: nope

anyway, the fizzling/crackling/popping whatever sound sounds like what my old parents hard drive sounded like when it would spin up, like i already said. the hard drive was a 13 gig IBM model # DPTA-371360. then once thats done it switches a relay, which it should only do at startup. the last time i had this happen was probably almost a month ago, or even later, when i started my pc in safe mode.

EDIT 2: and here we go again... relays, but a different weird wound this time.
 
sadly, no.

a new discovery - it is now taking forever for windows to start, during which i hear the relay and fizzle constantly. then something will check my floppy drive and windows loads. it now takes a good one or 2 minutes for windows to load, whereas before it took from 30 seconds to a minute. i might use my seagate hd diagnostic program and check my main hard drive. ill probably wait a while though because id like to continue using my computer and im goin out for lunch today so its a good time to have it do nothing lol

EDIT: momok i just noticed that you have a download to it in your profile too. this one works :)
 
momok, i think i MAY have found the source of the problem, if only you could clarify what it means. i have a LOT of these in my event viewer.

Source: Disk

Event ID: 7

The device, \Device\Harddisk0\D, has a bad block.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Data:
(bytes)
0000: 03 00 68 00 01 00 b6 00 ..h...¶.
0008: 00 00 00 00 07 00 04 c0 .......À
0010: 00 01 00 00 9c 00 00 c0 ....œ..À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 6e 1f 4d 1b 00 00 00 .n.M....
0028: f7 d3 04 00 00 00 00 00 ÷Ó......
0030: ff ff ff ff 01 00 00 00 ÿÿÿÿ....
0038: 40 00 00 84 02 00 00 00 @..„....
0040: 00 20 0a 12 40 03 20 40 . ..@. @
0048: 00 00 00 00 0a 00 00 00 ........
0050: 00 50 2b 02 d0 d5 f2 85 .P+.ÐÕò…
0058: 00 00 00 00 08 80 ac 85 .....€¬…
0060: 02 00 00 00 b7 8f a6 0d ....·¦.
0068: 28 00 0d a6 8f b7 00 00 (..¦·..
0070: 08 00 00 00 00 00 00 00 ........
0078: f0 00 03 00 00 00 00 0b ð.......
0080: 00 00 00 00 00 00 00 00 ........
0088: 00 00 00 00 00 00 00 00 ........

(words)
0000: 00680003 00b60001 00000000 c0040007
0010: 00000100 c000009c 00000000 00000000
0020: 4d1f6e00 0000001b 0004d3f7 00000000
0030: ffffffff 00000001 84000040 00000002
0040: 120a2000 40200340 00000000 0000000a
0050: 022b5000 85f2d5d0 00000000 85ac8008
0060: 00000002 0da68fb7 a60d0028 0000b78f
0070: 00000008 00000000 000300f0 0b000000
0080: 00000000 00000000 00000000 00000000

if you could tell me whether thats my C:\ hard drive or my F:\ hard drive. also, pretty much what it means too lol.

EDIT: bad block, help and support center says that if you get this error regularly, you should replace the hard drive. instead of replacing the hard drive (i really dont have the money to do it right now, but i can if i have to) could it be fixed by doing a chkdsk, zero-fill format, or some other way to tell windows to avoid that "area"?
 
This looks more like a problem destined for the Windows OS section. Hopefully you'll find the solution to your problems there. Thread moved.
 
well, Seagate Disc-Tools Hard drive diagnostic software has detected that both hard drives "Failed with critical errors" on all the tests. i saved a log of each scan, i can post them if anyone wishes. so pretty much theyre just takin a crap. i wonder why both failed at the same time, or at least began to. anyway, i guess im gonna have to buy 2 new hard drives soon. plus, the old 13.6 gig ibm hard drive mentioned a few posts up, im gonna use that as an OS drive, with only ubuntu linux and windows xp on it.
 
Status
Not open for further replies.

Similar threads

Scorpus
  • Locked
Intel is relaunching the Core i9-14900K... wait, it's the 6.2GHz Core i9-14900KS
2 3
Replies
55
Views
986
erickmendes
erickmendes
Daniel Sims
Zotac releases 4th-generation backpack PC for mobile VR
Replies
9
Views
542
sorten
S
Daniel Sims
Thousands of websites infected to redirect users in Google Ads view-pumping scam
Replies
5
Views
637
Feng Lengshun
F

Latest posts

Back