1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive windows XP extremely slow

Discussion in 'Malware and Virus Removal Archive' started by shammie, 2011/05/23.

  1. 2011/05/23
    shammie

    shammie Well-Known Member Thread Starter

    Joined:
    2004/05/29
    Messages:
    195
    Likes Received:
    0
    [Inactive] windows XP extremely slow

    Helping with a dell 8110, started with unmountable boot volume, I have been able to boot the computer to safe mode and run malwarebytes scan took over ten hours to complete and came up clean. working on getting gmer, and DDS, really slow and hard to open programs. Is it time to say goodbye to this computer? Would appreciate any help. Thank you.
    Malwarebytes log and MBRcheck logs below, no luck so far with DDS or gmer.

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 6643

    Windows 5.1.2600 Service Pack 3 (Safe Mode)
    Internet Explorer 8.0.6001.18702

    5/23/2011 8:18:26 AM
    mbam-log-2011-05-23 (08-18-26).txt

    Scan type: Full scan (C:\|D:\|)
    Objects scanned: 291863
    Time elapsed: 10 hour(s), 4 minute(s), 42 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows XP Home Edition
    Windows Information: Service Pack 3 (build 2600)
    Logical Drives Mask: 0x0000003c

    Kernel Drivers (total 102):
    0x804D7000 \WINDOWS\system32\ntoskrnl.exe
    0x806EF000 \WINDOWS\system32\hal.dll
    0xF8A77000 \WINDOWS\system32\KDCOM.DLL
    0xF8987000 \WINDOWS\system32\BOOTVID.dll
    0xF8528000 ACPI.sys
    0xF8A79000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
    0xF8517000 pci.sys
    0xF8577000 isapnp.sys
    0xF8B3F000 pciide.sys
    0xF87F7000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
    0xF8A7B000 intelide.sys
    0xF8587000 MountMgr.sys
    0xF84F8000 ftdisk.sys
    0xF87FF000 PartMgr.sys
    0xF8597000 VolSnap.sys
    0xF84E0000 atapi.sys
    0xF85A7000 disk.sys
    0xF85B7000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
    0xF84C0000 fltmgr.sys
    0xF84AE000 sr.sys
    0xF8498000 DRVMCDB.SYS
    0xF8807000 PxHelp20.sys
    0xF8482000 SymSnap.sys
    0xF846B000 KSecDD.sys
    0xF83DE000 Ntfs.sys
    0xF83B1000 NDIS.sys
    0xF8397000 Mup.sys
    0xF880F000 avgrkx86.sys
    0xF85C7000 AVGIDSEH.Sys
    0xF882F000 \SystemRoot\system32\DRIVERS\usbuhci.sys
    0xF8342000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0xF8837000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0xF831C000 \SystemRoot\system32\DRIVERS\e100b325.sys
    0xF89FB000 \SystemRoot\System32\Drivers\cdrbsvsd.SYS
    0xF85E7000 \SystemRoot\system32\DRIVERS\imapi.sys
    0xF8A7F000 \SystemRoot\System32\Drivers\DLACDBHM.SYS
    0xF85F7000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0xF8607000 \SystemRoot\system32\DRIVERS\redbook.sys
    0xF82F9000 \SystemRoot\system32\DRIVERS\ks.sys
    0xF8847000 \SystemRoot\System32\Drivers\incdrm.SYS
    0xF884F000 \SystemRoot\System32\DRIVERS\InCDPass.sys
    0xF885F000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0xF8617000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0xF8A13000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0xF82BA000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0xF8627000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0xF8637000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0xF887F000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0xF82A9000 \SystemRoot\system32\DRIVERS\psched.sys
    0xF8647000 \SystemRoot\system32\DRIVERS\msgpc.sys
    0xF888F000 \SystemRoot\system32\DRIVERS\ptilink.sys
    0xF889F000 \SystemRoot\system32\DRIVERS\raspti.sys
    0xF8657000 \SystemRoot\system32\DRIVERS\termdd.sys
    0xF88A7000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0xF88AF000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0xF8A85000 \SystemRoot\system32\DRIVERS\swenum.sys
    0xF824B000 \SystemRoot\system32\DRIVERS\update.sys
    0xF8A27000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0xF8667000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0xF8A89000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0xF8677000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0xF8A57000 \SystemRoot\System32\Drivers\i2omgmt.SYS
    0xF8A8D000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
    0xF8C3A000 \SystemRoot\System32\Drivers\Null.SYS
    0xF8A91000 \SystemRoot\System32\Drivers\Beep.SYS
    0xF88E7000 \SystemRoot\System32\Drivers\DLARTL_N.SYS
    0xF88EF000 \SystemRoot\System32\drivers\vga.sys
    0xF820F000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0xF8A95000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0xF88FF000 \SystemRoot\System32\Drivers\Msfs.SYS
    0xF890F000 \SystemRoot\System32\Drivers\Npfs.SYS
    0xF8A6B000 \SystemRoot\system32\DRIVERS\rasacd.sys
    0xF81DC000 \SystemRoot\system32\DRIVERS\ipsec.sys
    0xF8183000 \SystemRoot\system32\DRIVERS\tcpip.sys
    0xF813B000 \SystemRoot\system32\DRIVERS\avgtdix.sys
    0xF8115000 \SystemRoot\system32\DRIVERS\ipnat.sys
    0xF82D9000 \SystemRoot\system32\DRIVERS\hidusb.sys
    0xF8687000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0xF893F000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0xF80ED000 \SystemRoot\system32\DRIVERS\netbt.sys
    0xF80CB000 \SystemRoot\System32\drivers\afd.sys
    0xF8697000 \SystemRoot\system32\DRIVERS\netbios.sys
    0xF8078000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0xF8008000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0xF823F000 \SystemRoot\system32\DRIVERS\kbdhid.sys
    0xF822F000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0xF86B7000 \SystemRoot\System32\Drivers\Cdfs.SYS
    0xF7FF0000 \SystemRoot\System32\Drivers\dump_atapi.sys
    0xF8AA7000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
    0xBF800000 \SystemRoot\System32\win32k.sys
    0xF89FF000 \SystemRoot\System32\drivers\Dxapi.sys
    0xF8977000 \SystemRoot\System32\watchdog.sys
    0xBF000000 \SystemRoot\System32\drivers\dxg.sys
    0xF8C27000 \SystemRoot\System32\drivers\dxgthk.sys
    0xBFF50000 \SystemRoot\System32\framebuf.dll
    0xF7DFE000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0xF7B1A000 \SystemRoot\system32\DRIVERS\srv.sys
    0xF7A2E000 \SystemRoot\System32\Drivers\Fastfat.SYS
    0xBF012000 \SystemRoot\System32\ATMFD.DLL
    0xF78D5000 \??\C:\DOCUME~1\DANPIL~1\LOCALS~1\Temp\kxtdipow.sys
    0xF896F000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
    0x7C900000 \WINDOWS\system32\ntdll.dll

    Processes (total 15):
    0 System Idle Process
    4 System
    488 C:\WINDOWS\system32\smss.exe
    584 csrss.exe
    636 C:\WINDOWS\system32\winlogon.exe
    680 C:\WINDOWS\system32\services.exe
    692 C:\WINDOWS\system32\lsass.exe
    876 C:\WINDOWS\system32\svchost.exe
    964 svchost.exe
    1136 C:\WINDOWS\system32\svchost.exe
    1192 svchost.exe
    1456 svchost.exe
    1528 C:\WINDOWS\explorer.exe
    1868 C:\WINDOWS\system32\igfxsrvc.exe
    352 C:\Documents and Settings\Dan\Desktop\MBRCheck.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`01f60800 (NTFS)
    \\.\D: --> \\.\PhysicalDrive0 at offset 0x0000001b`27f4c800 (NTFS)

    PhysicalDrive0 Model Number: Maxtor6L160P0, Rev: BAJ41G10

    Size Device Name MBR Status
    --------------------------------------------
    149 GB \\.\PhysicalDrive0 Windows XP MBR code detected
    SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


    Done!
     
    Last edited: 2011/05/23
    shammie,
    #1
  2. 2011/05/23
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Honestly, I've never seen "unmountable boot volume" error caused by an infection, so....

    Run hard drive diagnostics: http://www.tacktech.com/display.cfm?ttid=287 (or http://www.bleepingcomputer.com/forums/index.php?showtopic=28744&hl=hard+drive+diagnostic)
    Make sure, you select tool, which is appropriate for the brand of your hard drive.
    Depending on the program, it'll create bootable floppy, or bootable CD.
    If downloaded file is of .iso type, use ImgBurn: http://www.imgburn.com/ to burn .iso file to a CD (select "Write image file to disc" option), to make the CD bootable.
    For Toshiba hard drives, see here: http://sdd.toshiba.com/main.aspx?Pa...rivesUSandCanada/SoftwareUtilities#diagnostic

    Note : If you do not know how to set your computer to boot from CD follow the steps HERE
     
    broni,
    #2


  3. to hide this advert.

  4. 2011/05/23
    shammie

    shammie Well-Known Member Thread Starter

    Joined:
    2004/05/29
    Messages:
    195
    Likes Received:
    0
    broni, thanks for the help again. Running test now, should I just follow instructions at the end of the test?
     
    shammie,
    #3
  5. 2011/05/23
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    I'm not sure which instructions you're referring to...
     
    broni,
    #4
  6. 2011/05/23
    shammie

    shammie Well-Known Member Thread Starter

    Joined:
    2004/05/29
    Messages:
    195
    Likes Received:
    0
    not sure either, I'll just post when the test is complete.
     
    shammie,
    #5
  7. 2011/05/24
    shammie

    shammie Well-Known Member Thread Starter

    Joined:
    2004/05/29
    Messages:
    195
    Likes Received:
    0
    test failed and does not give me an option to repair, no codes just "failed" I guess hard drive needs to be replaced. Does the new one have to be IDE ATA? Will I be able to transfer XP and files to new drive?
     
    Last edited: 2011/05/24
    shammie,
    #6
  8. 2011/05/24
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    I suggest, you go back to your original topic in Windows XP forum, where your questions will be answered better.
     
    broni,
    #7
  9. 2011/05/26
    shammie

    shammie Well-Known Member Thread Starter

    Joined:
    2004/05/29
    Messages:
    195
    Likes Received:
    0
    Thank you for your time and help. I think it maybe time to think about a new computer.
     
    shammie,
    #8
  10. 2011/05/26
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You're welcome :)
     
    broni,
    #9

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...