Well when i boot up my computer i have my motherboard logo that comes up and usally is there for about 5 secs then redirects to boot screen and then my computer loads windows xp, Well i booted it today and its sets on that first screen for about 5 mins and then redirects to a black screen that has my bios name and then below is says "Detecting Array..." and it sets on this screen for about 30 mins before it moves on to loading windows.

What would be the problem that is making it set on this array screen for so long untill loading windows?

I also notice that ever since this started happening when windows does come up it runs very slow and i have lots and lots of pop-ups and spy-ware type stuff.

Any sugguestions would be help alot at this point.

Thanks,
Sean-

to PCHF.

Please click on the Pre-Work link in my signature area and follow the directions.

Thanks...

Heres the Hijack This log file.

Its not doing to detecting aray but its still acting really slow and my pcu usage is at 100% all the time. I remember having this problem before but i cant remember how i fixed it.

Hope this helps



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:34:24 PM, on 1/4/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\yimifgwe.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\wfozzdfA.exe
C:\WINDOWS\System32\BAJ2OoLW.exe
C:\WINDOWS\NOTEDAD.EXE
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\T?sks\t?skmgr.exe
C:\Program Files\ISM\ISMModule2.exe
C:\Documents and Settings\kmathew\svchost.exe
C:\Program Files\Pop up Blocker\pd.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\System32\wuauclt.exe
C:\DOCUME~1\kmathew\APPLIC~1\YMANTE~1\winword.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\kmathew\Desktop\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = N O G G I N: Home
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: H - {A5D506DF-EF88-44db-917C-E56FF9E2A4FD} - C:\WINDOWS\System32\gorem2.dll
O2 - BHO: H - {B61C6CA3-77BF-4299-AB70-5019FCD4AF09} - park31.dll (file missing)
O2 - BHO: (no name) - {EC70241B-BAD8-B95B-8BAF-E3ABDE2204E3} - C:\WINDOWS\System32\arutbr.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vigopoki] C:\Program Files\MSN Gaming Zone\vigopoki22011.exe
O4 - HKLM\..\Run: [wfozzdfA] C:\WINDOWS\wfozzdfA.exe
O4 - HKLM\..\Run: [WMDM PMSP Service] C:\WINDOWS\system32\cssrss.exe
O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "C:\WINDOWS\System32\jlsvsagc.dll",forkonce
O4 - HKLM\..\Run: [IESet] IExplorer.dll .dbt
O4 - HKLM\..\RunServices: [IESet] IExplorer.dll .dbt
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [Nhe] C:\WINDOWS\T?sks\t?skmgr.exe
O4 - HKCU\..\Run: [ISMModule2] "C:\Program Files\ISM\ISMModule2.exe"
O4 - HKCU\..\Run: [autoload] C:\WINDOWS\System32\drivers\svchost.exe
O4 - HKCU\..\Run: [autorun] C:\Documents and Settings\kmathew\svchost.exe
O4 - HKCU\..\Run: [Pop up Blocker] "C:\Program Files\Pop up Blocker\pd.exe" Minimize
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [IESet] IExplorer.dll .dbt
O4 - HKCU\..\Run: [Balo] "C:\DOCUME~1\kmathew\APPLIC~1\YMANTE~1\winword.exe " -vt ndrv
O4 - HKUS\S-1-5-18\..\Run: [IESet] IExplorer.dll .dbt (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [IESet] IExplorer.dll .dbt (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PD - {BEA54446-221F-4BEE-98F1-81815E50CEC9} - C:\Program Files\Pop up Blocker\pd.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {DD8C9372-35FD-4F7D-8CE4-909ABCFAB2C5} - ms-its:mhtml:file://c:\\nores.mht!http://adxtnet.net/code/chm/xpre.chm::/xpreload.ocx
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: DomainService - - C:\WINDOWS\System32\yimifgwe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

--
End of file - 6147 bytes

Hello, and welcome to PCHF.


You definitely have some malware running on your computer.
Have you ran AVG Anti-Spyware and/or SUPERAntiSpyware as directed in the Prework?

Besides running AVG-AS and SAS, download and run this:
http://go.microsoft.com/fwlink/?linkid=52012

Click "Continue". Copy the report in your reply as well.

Diagnostic Report (1.7.0039.0):
-----------------------------------------
WGA Data-->
Validation Status: Genuine
Detailed Status: N/A
Cached / Grace status: N/A, N/A
Windows Product Key: *****-*****-48339-PDT36-4VVGK
Windows Product Key Hash: oX6G4GMWYb5QwhFbi+JxoUHuhfY=
Windows Product ID: 55276-011-8307395-22384
Windows Product ID Type: 5
CSVLK Server: N/A
CSVLK PID: N/A
Windows License Type: Retail
Windows OS version: 5.1.2600.2.00010100.0.0.pro
ID: {782A1062-2F32-4D16-BBA5-945BB5CC9306}(3)
Is Admin: Yes
Commit / Reboot / BRT: N/A, N/A, N/A
WGA Version: Registered, 1.7.36.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-171-1
Resolution Status: N/A

Notifications Data-->
Cached Result: N/A
File Exists: No
Version: N/A
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
OGA Version: Registered, 1.6.21.0
Signed By: Microsoft
Office Diagnostics: 025D1FF3-171-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
Default Browser: C:\PROGRA~1\MOZILL~1\FIREFOX.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control:
Active scripting:
Script ActiveX controls marked as safe for scripting:

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{782A1062-2F32-4D16-BBA5-945BB5CC9306}</UGUID><Version>1.7.0039.0</Version><OS>5.1.2600.2.00010100.0.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-4VVGK</PKey><PID>55276-011-8307395-22384</PID><PIDType>5</PIDType><SID>S-1-5-21-1547161642-162531612-839522115</SID><SYSTEM><Manufacturer>NVIDIA</Manufacturer><Model>AWRDACPI</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="2"/><Date>20060119******.******+***</Date></BIOS><HWID>2C923E9F01844066</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/></MachineData> <Software><Office><Result>100</Result><Products><Product GUID="{40280409-6000-11D3-8CFE-0050048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office XP Professional with FrontPage</Name><Ver>10</Ver><Val>571B916CC4B4000</Val><Hash>k2jOTMTeoNV1RWDOaywky/SOcZM=</Hash><Pid>54185-640-0000007-17004</Pid><PidType>14</PidType></Product></Products></Office></Software></GenuineResults>