1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Multiple issues, same cause?

Discussion in 'Windows XP' started by InfernoReaper, Jan 1, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. InfernoReaper

    InfernoReaper Thread Starter

    Joined:
    Jun 12, 2006
    Messages:
    1,321
    Way to kick off the new year...
    Here's a list of my issues: (Comp specs above)

    1. Computer freezes: Started happening this morning. Computer froze twice while surfing the web and once while shutting down. When I got back from work, computer loads startup applications much slower. When I load World of Warcraft, the game loads 3x slower than usual and after a few minutes freezes my computer. (Possible correlation?) It froze 3 times on me in game.

    As it stands, no BSOD yet. Just locks up and repeats the last second of sound it sent. No overheating either.

    2. Hard drive constantly seeking: Even at my desktop from boot, not connected to the internet, my hard drive seems to be in full-seek mode. Task Manager says I'm only at 200MB PF usage.

    3. Swap file: I have a feeling this is related to my number 2 problem. I have 4GB or RAM in my machine (2.5GB seen) and today while playing games, Everest tells me I'm using 60% of my physical memory and 60% of my swap file, which is about 1GB. As far as I know, I've never used that much while playing World of Warcraft and considering WoW is the only app I'm running at the time, it seems quite high. Task Manager says WoW's only eating 600MB.
    -------------------------
    Currently scanning for baddies in Safe Mode. AVG, Spybot, and Malwarebytes. I'll update my devide drivers when the scans finish. As it stands, I'm two tacos short of wiping the whole thing and installing Win7 64-bit, which may not be a bad idea anyway.
     
  2. The Hound

    The Hound

    Joined:
    May 27, 2007
    Messages:
    3,235
    I'd start with the event viewer--START, RUN, EVENTVWR.MSC, OK.
    Check for application and system errors.

    Clean boot troubleshooting---uncheck all non-microsoft services and startup programs in MSCONFIG, reboot, and see if the HDD thrashing continues. If that stops it, recheck half your startup items and try again until you narrow down the offending app/process.

    Check running processes in your Task Manager for the CPU hog--on the Processes tab, click the heading for CPU twice to put them in order highest to lowest--you may see the process that's working overtime.

    Any auto-updaters running?
     
  3. InfernoReaper

    InfernoReaper Thread Starter

    Joined:
    Jun 12, 2006
    Messages:
    1,321
    Scans came back with a few viruses.

    Nothing that stands out in Event Viewer.

    As for the hard drive, I enabled the VM Size option and WoW is a culprit on that, eating about 600MB out of 1GB of the page file. On plain boot though, hard drive is pretty quiet. Found out I need a defrag bad so once that is done, it may alleviate some off the speed.

    I did find a hog there, AVG. I reinstalled it, having problems from before with scanning issues. Seems to work fine now, but still hate the 6 processes it runs. May look into Avira after this.
    --------
    As I was typing this, my machine seemed to be working fine. Had WoW minimized and Task Manager up. Looked over and TM had stopped updating...another freeze.
     
  4. The Hound

    The Hound

    Joined:
    May 27, 2007
    Messages:
    3,235
    I've seen AVG's updater lock up some pretty powerful rigs. Do you have it set to update at some particular time...maybe when the machine's not running?

    If you know you're infected and having performance issues, the malware has to be addressed before you can pin anything else down. I know the HJT/Malware forum's perpetually backed up, but it seems a shame to feed all that gaming power to some Russian gangsters trying to steal passwords.
     
  5. InfernoReaper

    InfernoReaper Thread Starter

    Joined:
    Jun 12, 2006
    Messages:
    1,321
    If anything, it'd be the chinese gold farmers trying to steal my gold. :D

    Yeah I have AVG to update at 3am and run full scan at 4am daily.

    As soon as this defrag is done, I'm going to stress test my system and see if that comes up with anything. If not, I pretty much assume I corrupted a file somewhere in those frozen reboots. May just cut my losses and put Win7 on here. Tired of wasting my RAM anyway on a 32-bit system.
     
  6. The Hound

    The Hound

    Joined:
    May 27, 2007
    Messages:
    3,235
    Yeah...the 4 gigs installed against a 32-bit O/S...

    I'd suggest uninstalling AVG before testing your performance, but that's liable to get me a spanking from the mods if you already know you have infected files.

    So I won't suggest that, unless you get an all-clear from someone more expert than me with the malware angle.

    Much luck...
     
  7. Saga Lout

    Saga Lout

    Joined:
    Sep 15, 2004
    Messages:
    3,791

    I can't see why anyone could object. If the performance testing can be carried out offline, it would bbe perfectly safe to work without an AV and who knows - a fresh installation of AVG might behave better. Clearly, though, if testing to the highest level involves playing a game online the risks are pretty high.
     
  8. InfernoReaper

    InfernoReaper Thread Starter

    Joined:
    Jun 12, 2006
    Messages:
    1,321
    Over halfway done with the defrag. I'll throw a stress test out. Not sure why I didn't think of System Restore but Ill try that too.
     
  9. The Hound

    The Hound

    Joined:
    May 27, 2007
    Messages:
    3,235
    Not likely to hurt anything--especially if you've been fiddling with the drivers.
     
  10. InfernoReaper

    InfernoReaper Thread Starter

    Joined:
    Jun 12, 2006
    Messages:
    1,321
    Defrag helped improve speed. Updated video drivers. Stress test came up with nothing. System Restore is apparently crippled because it won't turn itself back.

    I'm gonna reinstall the game tonight and hope that's it. I'm out of options now.
     
  11. Saga Lout

    Saga Lout

    Joined:
    Sep 15, 2004
    Messages:
    3,791

    You might as well turn off System Restore and restart the computer to get rid of those useless Restore Points. You also get twelve percent of your hard disk back. Whether you re-enable SR is a personal choice - I have it on but only taking 5% so I have fewer points to which to revert but have never needed to yet either. Get a fresh download of AVG and come offline. Uninstall the old one and test for a hour or so to see if the system is faster. Reinstall and only go back online moments before AVG gets to the stage where it wants to update. When installation has finished, it will appear to be up to date but if you open it and click on Update, it will find several fairly substantial updates.

    Test again and if the system isn't as you want it to be., consider another AV. Gamers tend to fix errors and publish their results. Does your game's own forum have anything to say about AVG?
     
  12. InfernoReaper

    InfernoReaper Thread Starter

    Joined:
    Jun 12, 2006
    Messages:
    1,321
    I'm gonna wipe SR anyway, but I have a feeling this is something bad.

    I really doubt AVG is causing this. I thought it may be just the video card since it seemed to only happen with games (WoW, UT2004, etc) but I ran a stability test and it passed. Plus I had it freeze just now while running just Firefox and Ventrilo. I'll do what you said with AVG but I'm guessing this is about to become a format c: solution.

    Edit: "Froze" again while testing UT2004. Didn't completely freeze, just continued to play at literally 10x slower speed. Even match timer took 10 seconds to countdown 1 second. Gonna retry after using AVGRemover.
     
  13. InfernoReaper

    InfernoReaper Thread Starter

    Joined:
    Jun 12, 2006
    Messages:
    1,321
    Got an update. Removed AVG, uninstalled and reinstalled video drivers, ran Recovery Console chkdsk and inside-Windows cdkdsk. Running SFC now and going to stress test everything again.
     
  14. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,761
    You did find a few viruses, which shouldn't be taken lightly. Unfortunately, common antivirus or anti-spyware programs don't always do a thorough job at removing malware once it has detected it.

    Please click here to download and install version 2.0.2 of the HijackThis Installer.

    Run it and select Do a system scan and save a logfile.

    The log will be saved in Notepad. Copy and paste the log in your next post.

    Do not fix anything
     
  15. InfernoReaper

    InfernoReaper Thread Starter

    Joined:
    Jun 12, 2006
    Messages:
    1,321
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:39:16 PM, on 1/4/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0013)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Razer\Diamondback 3G\razerhid.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\VentSrv\ventrilo_svc.exe
    C:\Program Files\VentSrv\ventrilo_srv.exe
    C:\Program Files\bin32\nSvcAppFlt.exe
    C:\Program Files\Razer\Diamondback 3G\razertra.exe
    C:\Program Files\bin32\nSvcIp.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Razer\Diamondback 3G\razerofa.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.worldofwarcraft.com/patchnotes/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback 3G\razerhid.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F2DBCC5B-1242-4F7F-87F2-C13C0133A096}: NameServer = 76.85.229.110,76.85.229.111
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
    O20 - AppInit_DLLs:
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\bin32\nSvcAppFlt.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe (file missing)
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\bin32\nSvcIp.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe (file missing)
    O23 - Service: Ventrilo - Unknown owner - C:\Program Files\VentSrv\ventrilo_svc.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

    --
    End of file - 6918 bytes
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/890335

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice