but I expect the problem is that your IDE controller is trying to use PIO mode to talk to the harddrive.
Start, Right-click on My Computer, select Manage, click on the Device Manager, click on the plus sign to the left of (first) IDE ATA/ATAPI Controller, right-click on Primary IDE Channel, select Properties then advanced Settings. Look for current transfer mode under the top one. If it says PIO then uninstall the channel and reboot.
I don't understand how or why there are 3 instances of E:\FEEDS.EXE running either. The E: drive is the CD-RW drive on this computer. The other CD-RW drive doesn't seem to detected by the computer.
I did what you said with the IDE Controller but it said the current transfer mode was Ultra DMB Mode 5 on Device 0.
Seems odd that it would be running programs on the E: Can you stop them? Ctrl + Alt + Del then select Task Manager then Processes and see if Feeds.exe is still running. If you see it highlight it and End Process. Ignore any warnings.
Logfile of HijackThis v1.99.1 Scan saved at 5:23:04 PM, on 10/5/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Log looks OK now. You don't have any network drives mapped do you? Having a network drive mapped that it can't get to will really slow it down.
Start, Run,eventvwr.msc,OK and then select System. Do you see any red or yellow marked events? Open them and copy (bottom button) then paste to a reply.
Start, Run, msconfig,OK and select a Diagnostic Startup then reboot. Does it seem to run faster now?
If so go back in and start enabling things and see if you can figure out what is slowing it down.
Event Type: Warning
Event Source: Srv
Event Category: None
Event ID: 2021
Date: 10/6/2005
Time: 6:38:14 AM
User: N/A
Computer: FEEDS-MEDIA
Description:
The server was unable to allocate a work item 1 times in the last 60 seconds.
May indicate that someone is beating it to death via the Ethernet. Is your firewall running? Better yet get the free version of Zone Alarm.
The DCOM one seems to appear a lot.... but here are some that appear over the past couple of days....
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10003
Date: 10/6/2005
Time: 10:19:39 PM
User: N/A
Computer: FEEDS-MEDIA
Description:
Access denied attempting to launch a DCOM Server using DefaultLaunchPermssion. The server is:
{00020906-0000-0000-C000-000000000046}
The user is Unavailable/Unavailable, SID=Unavailable.
Event Type: Warning
Event Source: Srv
Event Category: None
Event ID: 2021
Date: 10/6/2005
Time: 6:38:14 AM
User: N/A
Computer: FEEDS-MEDIA
Description:
The server was unable to allocate a work item 1 times in the last 60 seconds.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 03 00 48 00 ......H.
0008: 00 00 00 00 e5 07 00 80 ....å..
0010: 00 00 00 00 9a 00 00 c0 ......À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Event Type: Error
Event Source: TermServDevices
Event Category: None
Event ID: 1111
Date: 10/5/2005
Time: 11:13:31 PM
User: N/A
Computer: FEEDS-MEDIA
Description:
Driver DYMO LabelWriter 330-USB required for printer DYMO LabelWriter 330-USB is unknown. Contact the administrator to install the driver before you log in again.
Event Type: Error
Event Source: MRxSmb
Event Category: None
Event ID: 8003
Date: 10/5/2005
Time: 9:24:11 PM
User: N/A
Computer: FEEDS-MEDIA
Description:
The master browser has received a server announcement from the computer RAMIREZFEEDSDIM that believes that it is the master browser for the domain on transport NetBT_Tcpip_{02621398-EA4. The master browser is stopping or an election is being forced.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 03 00 4e 00 ......N.
0008: 00 00 00 00 43 1f 00 c0 ....C..À
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
RKinner
2 Intern
•
5.9K Posts
0
October 5th, 2005 17:00
Message Edited by RKinner on 10-05-2005 01:58 PM
John_Doe
313 Posts
0
October 5th, 2005 19:00
I don't understand how or why there are 3 instances of E:\FEEDS.EXE running either. The E: drive is the CD-RW drive on this computer. The other CD-RW drive doesn't seem to detected by the computer.
I did what you said with the IDE Controller but it said the current transfer mode was Ultra DMB Mode 5 on Device 0.
RKinner
2 Intern
•
5.9K Posts
0
October 5th, 2005 19:00
John_Doe
313 Posts
0
October 5th, 2005 19:00
John_Doe
313 Posts
0
October 5th, 2005 20:00
I guess it's not showing up....
Logfile of HijackThis v1.99.1
Scan saved at 5:23:04 PM, on 10/5/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Novell\XTAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cusrvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Novell\ZENworks\nalntsrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Novell\ZENworks\wm.exe
C:\Program Files\Novell\ZENworks\WMRUNDLL.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Novell\ZENworks\NalAgent.exe
C:\WINDOWS\System32\dpmw32.exe
C:\WINDOWS\System32\NWTRAY.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Java\j2re1.4.2_09\bin\jusched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Network Associates\VirusScan\SCAN32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://feeds.eng.fiu.edu
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://feeds.eng.fiu.edu
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: FlpLauncher Class - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - C:\Program Files\E-Book Systems\FlipAlbum 5 Pro Eval\fplaunch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NDPS] C:\WINDOWS\System32\dpmw32.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\RealVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ZENRC Tray Icon] C:\WINDOWS\System32\zentray.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Novell delivered applications - {C1994287-422F-47aa-8E5E-6323E210A125} - C:\Program Files\Novell\ZENworks\AxNalServer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {10093E98-C073-4C75-8D0E-FB5CD3A71D33} (ZoneUpwords Object) - http://messenger.zone.msn.com/binary/Upwords.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqcpc/downloads/msxml4.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/gold/default/gf.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/default/popcaploader_v6.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = fiu.edu,eng.fiu.edu
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = fiu.edu,eng.fiu.edu
O20 - Winlogon Notify: NetIdentity Notification - C:\WINDOWS\System32\Novell\XtNotify.dll
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\System32\cusrvc.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Novell Application Launcher (NALNTSERVICE) - Novell, Inc. - C:\Program Files\Novell\ZENworks\nalntsrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Novell ZfD Remote Management (Remote Management Agent) - Novell Inc. - C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\RealVNC\WinVNC\WinVNC.exe" -service (file missing)
O23 - Service: Novell XTier Agent Services (XTAgent) - Novell, Inc. - C:\WINDOWS\System32\Novell\XTAgent.exe
O23 - Service: Workstation Manager (ZFDWM) - Novell, Inc. - C:\Program Files\Novell\ZENworks\wm.exe
RKinner
2 Intern
•
5.9K Posts
0
October 5th, 2005 20:00
HijackThis has a Process Manager under Misc Tools. Can you see it there?
Does it still show up in the latest log?
Ron
RKinner
2 Intern
•
5.9K Posts
0
October 5th, 2005 21:00
RKinner
2 Intern
•
5.9K Posts
0
October 7th, 2005 02:00
Event Source: Srv
Event Category: None
Event ID: 2021
Date: 10/6/2005
Time: 6:38:14 AM
User: N/A
Computer: FEEDS-MEDIA
Description:
The server was unable to allocate a work item 1 times in the last 60 seconds.
John_Doe
313 Posts
0
October 7th, 2005 02:00
Event Source: DCOM
Event Category: None
Event ID: 10003
Date: 10/6/2005
Time: 10:19:39 PM
User: N/A
Computer: FEEDS-MEDIA
Description:
Access denied attempting to launch a DCOM Server using DefaultLaunchPermssion. The server is:
{00020906-0000-0000-C000-000000000046}
The user is Unavailable/Unavailable, SID=Unavailable.
Event Source: Srv
Event Category: None
Event ID: 2021
Date: 10/6/2005
Time: 6:38:14 AM
User: N/A
Computer: FEEDS-MEDIA
Description:
The server was unable to allocate a work item 1 times in the last 60 seconds.
Data:
0000: 00 00 00 00 03 00 48 00 ......H.
0008: 00 00 00 00 e5 07 00 80 ....å..
0010: 00 00 00 00 9a 00 00 c0 ......À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
Event Source: TermServDevices
Event Category: None
Event ID: 1111
Date: 10/5/2005
Time: 11:13:31 PM
User: N/A
Computer: FEEDS-MEDIA
Description:
Driver DYMO LabelWriter 330-USB required for printer DYMO LabelWriter 330-USB is unknown. Contact the administrator to install the driver before you log in again.
Data:
0000: 00 00 00 00 6f 0c 00 00 ....o...
Event Source: MRxSmb
Event Category: None
Event ID: 8003
Date: 10/5/2005
Time: 9:24:11 PM
User: N/A
Computer: FEEDS-MEDIA
Description:
The master browser has received a server announcement from the computer RAMIREZFEEDSDIM that believes that it is the master browser for the domain on transport NetBT_Tcpip_{02621398-EA4. The master browser is stopping or an election is being forced.
Data:
0000: 00 00 00 00 03 00 4e 00 ......N.
0008: 00 00 00 00 43 1f 00 c0 ....C..À
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........