Q: Programs get sluggish?

I've noticed when I run Photoshop on my computer that opening other programs take a little longer and the whole system becomes sluggish. I have Winodws XP Home running on a 2.4GHz Pentium 4 with 1022MB of Kingston dual channel PC3200 RAM. I would have thought having more RAM would help this issue, but obviously not. Recently I got a new SATA hardrive (SeaGate Barracuda 250GB) and I was thinking maybe I need to get a second one to act as a Photoshop scratch disc.

Update your AV program and check for viruses, run Ad-aware and Spybot to remove any spyware, and shut down all unnecessary programs running in the background.
If those do not help, then check the amount of unused physical RAM available. If it's near or at zero, and the virtual memory is activated, then your system needs more RAM.
If there's a lot of unused RAM available, then check the CPU usage. If it's at 100%, then make sure all of the drives are configured for DMA(direct memory access).
If they are, then the CPU is the bottleneck.

well getting another hard disk really wouldn't help you since, running photoshop is really just cpu and ram intensive, i would think that your 2.4 intel is taking longer running those photoshop and any other program you might try to open, it would also depend oon the program your trying to open while running photoshop. And i believe there is a settings in photoshop that allows you to lower the ram allowed for it to use, since i believe that it is ussually set to use 1/2 of the ram installed. I also use photoshop cs2 and my computer is a little sluggish running other programs also, but i only have a 2200+ duron, hehehe. But it runs well lon it's own. That's why i'm changing soon to a dual core amd 3800+

hope this helps


luis

Some people make things happen, some people watch things happen, while others wonder what happened.

Spyware, adware, viruses - I check for those every day. Those aren't the problem. As far as unused RAM I am guessing you mean check that in the Task Manager (under Performance tab)? If that's the case it's fine, and the only time the CPU usuage spikes at 100 is when I first open a program.

Have you checked the event log to make sure nothing funky is going on?

By todays standards 1 Gig of RAM is not a lot....

"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy"
Albert Einstein

I see a lot of Errors for Service Control Manager. When I click the error I get the following explanation - The Laa1erps service failed to start due to the following error: The system cannot find the path specified. I see some other warnings, like one for Tcpip: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Some them seem to be services I have turned off.

A gig of RAM was all I could afford. It should be more than sufficient to run Photoshop and other programs. I'm just wondering why it slows things down every so often. Especially if I try to run File Browser, then things really get bogged down.

You are correct it should be sufficient to run Photoshop, generally speaking, but depending on what your doing you can still find limits.

I would suggest researching the error you discoverd. It sounds as if that service may be trying to connect to something that has moved or no longer exists and that could very well make your PC sluggish.

"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy"
Albert Einstein

Well, I tried to research the error, but I don't find anything in the Services for Service Control Manager. I did find one for Security Center, but I don't think that's the same. So I have no idea what this is let alone what it cannot find.

The Service Control Manager is a "shell" that manages the services running in Win32. In the example you give, the SCM is merely reporting to you that the service Laa1erps has failed. The problem is not with SCM, it is with Laa1erps. Basically it means that there is an entry either in the Registry or in the Startup menu that is trying to load the files needed by Laa1erps but it cannot find them.

Quote:

TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts

Wow, that's a biggie. This means that your pc is running bucketloads of network connections and is trying to run more. This is just wrong, your home pc should not be making that many network connections. This stinks of some form of Trojan, regardless of what your scanners may tell you.
Remember:
Scanners can be fooled, tricked into not loading updates, etc.
You could be the victim of a "zero-day" vulnerability.
You could have a specific backdoor loaded that is not classified as a virus.

"TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts"

I would look harder at this error message. Are you running any P2P software or other sharing type program? This message is a symptom of something in your PC trying to go out to the Internet. Is there any program you are running that requires more than 10 TCP connections per second?

Uh-oh, now that sounds scary. Thanks for info on that service. I appreciate it. I have no P2P software on my machine. What do you suggest I do as far as scanning for something of this nature? How would I go about finding out about a backdoor vulnerability?

Oh yeah, the Laa1erps service is set to Manual.

For a start, go here http://www.merijn.org/ and download HijackThis. Create a log and post it here.

I also recommend a good personal firewall such as ZoneAlarm. These programs will alert you when anything tries to establish a connection to your pc, either incoming or outgoing. ZoneAlarm will even tell you the name of the .exe making an outbound request, which has helped me troubleshoot problems many times.

I personally stay away from the firewalls bundled with Windows and anti-virus software as they tend to create more problems than they help.

Freestone thanks for the link. I downloaded the program and here is the log file it generated:

Logfile of HijackThis v1.99.1
Scan saved at 3:47:32 PM, on 5/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5335.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

The log looks pretty clean to me. Perhaps someone else can see something.

How often does the TCPIP message appear in your log and can you relate their timestamps to anything you were doing at the time?

It happens on a daily basis it seems. For instance just to give you some idea of times, the Event Viewer always shows two instances together, like on 5/29/2006 at 1:35:13 PM there are two errors of it happening. It's that way on all of them. Sometimes it only occurs once during the day, but other times it's happening more than once a day. And the time is always different.

Well, it's not a constant thing, which would certainly slow things down. It sounds more like something trying to update itself, like AVG, Microsoft's Defender, or Microsoft's Updates, or ???. But this is speculation. And that many TCP connections (more than 10 per secod) still doesn't sound right for any update. Lawnboy's suggestion of ZoneAlarm would help isolate the problem.

Ok, so if my hijack this file is relatively clean, then I'm right back to my original question: what could be slowing my system down?

"Laa1erps" This still bugs me. A google on this turns up nothing which concerns me. If it is a lgitimate service then google should show something on it. Are you sure you copied it verbatim form the event log? I would look hard throughout your registry and C drive for any resemblences to that.

Your HJT log does look clean however as Lawnboy pointed out that doesn't mean you aren't infected, just less likely.

"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy"
Albert Einstein

You can check out a screenshot of my Services window here with that file on it: http://webpages.charter.net/dwcloud/show/laa1erps.gif

I also ran a system search for "Laa1erps" and came up empty. Any other ideas for my original question?

Run these just in case your AV program missed any viruses-
http://housecall.trendmicro.com/
http://www.pandasoftware.com/products/activescan.htm

Also, a clean boot may help to find the cause of the problem:
http://support.microsoft.com/default.aspx?scid=kb;en-us;310353

I know you don't want to hear this, but at this point you would probably be better off backing up your data, scrubbing the HD clean with fdisk, and reinstalling from scratch. You could expend a lot of time and energy trying to track this down (if it's even possible to isolate).

ski, I ran the Housecall at your first link and it found one virus called PAR_SE.16281  Housecall cleaned that up and I went to your other link, but nothing much really happened at pandasoft. I clicked Scan Now and another window opened and it said pick something to scan, but when I picked My Computer it just sat there. It did place a Panda ActiveScan icon on my desktop, whatever that's for.

I went to the third link you provided and followed the proceedure there to clean boot. Again it didn't really seem to do much because it's mainly for torubleshooting a problem and I don't even know what the problem is.

LawnBoy I would be all for scrubbing everything clean, but you would have to explain a little more about that. Do you mean just a simple reformat? I've never used fdisk. Is it free? Are there instructions? Is it difficult?

I appreciate everyone's time and patience in helping me. This has become the only site I use now for my computer questions, and it's because of people like you.

Thanks.

Actually, you do know what the problem is, you just do not know what's causing it.
Doing a clean boot may be able to determine the cause by 'process of elimination'.

No, you need more than a simple reformat. Virii can install themselves to the boot sector of your HD, and a format won't touch that part of the disk.

Fdisk will let you remove (or create) the partitions that are on the HD. If you remove all partitions, this also removes the boot sector, leaving you with a (practically) virginal HD.

Read up on fdisk. Do not guess while using fdisk, make sure you know what you're doing. Fdisk will destroy all the data on your HD in the blink of an eye, with no going back.
http://fdisk.radified.com/
http://support.microsoft.com/kb/q255867/
http://www.fdisk.com/fdisk/

To use fdisk:
1. Go here: http://bootdisk.com/bootdisk.htm and download the Windows98SE OEM file. Once downloaded, doubleclick it to create a bootable floppy disk that has fdisk on it.
2. Boot the pc with the floppy disk you created in step 1.
3. Type fdisk at the command prompt.
4. Remove all partitions on the disk.
5. Reboot into your Windows CD, let Windows repartition and format the drive, load Windows.
6. Install drivers and applications.

Going on vacation in 4 hours...

I agree with LawnBoy on all accounts accept this, I'm almost certain that deleting partitions WILL NOT effect your MBR, however doing a fdisk /mbr command will reset the MBR. Please correct me if I'm wrong but I'm pretty sure thats the case.

"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy"
Albert Einstein

While I appreciate the advice I'm not comfortable doing that to my HD. I don't know enough about computers to risk making a mistake. I will read up on fdisk, but I think for the time being I'll live with the slowness. At least until something comes along I feel comfortable doing or I run into someone who knows computers and can walk me through this.

According to the MS article I linked to,

Quote (Mister Bill Hisself):

When you run the fdisk and format commands, the Master Boot Record (MBR) and file allocation tables are created

I take that to mean the MBR (boot sector) is destroyed when the primary partition is removed. I do know for sure that a disk without a primary partition won't attempt to boot, but maybe I'm misinterpreting what that means.

cdogg! Throw us a link!

Good decision, dcloud. Fdisk is not something to screw around with unless you know exactly what you're doing and what to expect.

Here are a few links to read up on: http://neosmart.net/blog/archives/14
http://dos.rsvs.net/DOSPAGE/DOS_EX.HTM

LawnBoy: I only know this from personal experience years ago while working on a PC that had a virus in the MBR I could not get the PC to boot even after deleting and recreating the partition, several times. It wasn't until my boss at the time came out and itroduced me to the fdisk /mbr command which I had never seen, and the PC promptly booted ont the next try.

"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy"
Albert Einstein

You're right, BadFrog. http://support.microsoft.com/?id=69013

Quote:

The MS-DOS Fdisk utility usually updates the master boot record (MBR) only if no master boot record exists. Repartitioning with Fdisk does not rewrite this information.

Have a(nother) star.

Thanks for the clarification LawnBoy!

"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy"
Albert Einstein

dcloud,
If you have the WinXP Home CD you can boot from that and use the commands FIXMBR and FIXBOOT, if you have an MBR infection this should clear it up without distroying the Partitions on the HD.
If there is no infection it won't hurt anything.

http://support.microsoft.com/kb/314058/
or
http://www.kellys-korner-xp.com/win_xp_rec.htm

HTH
Ken

I appreciate the links and such, but I don't have a problem with my computer starting just with it being slow. I've heard some scary stories about using Recovery Console, so just like with fdisk I don't want to risk doing more damage than there already is. All I wanted to do was figure out why the computer gets sluggish when I run Photoshop. I don't think I need to wipe my hard drive or run RC in order to fix that. No offense to anyone, but to me that seems a little extreme.

OH yeah, I forgot to ask ... how did you figure I had a MBR infection?

You said Housecall found a virus and removed it but there could have been a worm component left behind and what better place to hide that the MBR. It can then install itself in memory every time you boot. If its in memory it is running in the background and taking up CPU cycles. When you add a CPU intensive App (Photoshop) on top of that everything slows down. But I only mentioned it because of the Fdisk discussion. Its easier to replace the MBR that way.

Ken

Hmmm, ok. I guess after all this I still don't know what to do. That fdisk and RC sound complicated and (to me anyway) a little extreme. Are those my only options? Because like I said I don't know enough about computers to risk screwing up something else.

RC allows you to boot to a Command Prompt in 2K/XP the same way a boot floppy does for DOS/9X. The commands can be as simple as dir or you can run a program such as chkdsk.
Running RC from a windows CD doesn't even install any software to the HD so it won't change your system disk with the simpler commands. You may not want to use it right now but one day it could save you a lot of pain.

Ken

Well if anyone has any other ideas for my original question I would appreciate it. I still don't have any answers on what to do about that.

OK guys, sorry I'm late to the party...I'm working 3rd-shift for the next few weeks!


dcloud,
I understand your concern and hesitation.  It's the typical knee-jerk reaction a lot of us have when we hear that dreadful advice to reformat and start over.

However, consider this.  Laa1erps is not documented anywhere on the internet.  Now that should "scare" you most of all.  Do a search on any other service in that list and you will likely find a ton of hits and info.

When an infection like this appears in that list of services, it's time to take serious action.  You can fiddle around with spyware removal apps, antivirus scanners, etc., but in the end you probably will have wished you just formatted and started over to begin with.


Here's my last 2¢ :

Formatting by deleting all partitions and starting over with a blank hard drive is probably going to be enough.  It's rare for spyware/worms to get into the MBR, though it is possible.  You'll know right away after going through the reinstallation of Windows if the MBR is infected and would have wasted very little time to find out.  Using the RC isn't going to help because even if that clears an MBR infection, you still have the infected service in Windows and lord knows what other infections embedded.  It's best to scrap what you have and start over by backing up data (personal files) and formatting.


Good Luck!

~cdogg
"Insanity:  doing the same thing over and over again and expecting different results." - Albert Einstein
    For general rules and guidelines to get better answers, click here:  FAQ219-2884

Ahh, cdogg. Good to see you. I work third shift myself. So are you suggesting I use fdisk? Will I have to reformat after I use fdisk? I guess maybe I should get prepared to do this then if that's what you're saying. Do you have any advice on using fdisk to wipe the HD? I'm nervous about doing this.

Fdisk is nice because it's free, but there's not much to it.

I use PartionMagic to customize my partition setup.  However, neither app is really needed here.  Hopefully you have more than one partition already.  If so, move as much of your important data to that partition as you can, then just format your C: drive using the instructions provided here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q313348
(scroll down to the " How to partition and format your hard disk by using the Windows XP Setup program " section)

If you don't have a secondary partition to use for backup, then consider getting a USB drive or imaging to DVD.

As for FDISK, the disadvantage is that you're limited to the FAT32 file system.  NTFS is the way to go these days, which is why using the XP setup is the preferred method.

~cdogg
"Insanity:  doing the same thing over and over again and expecting different results." - Albert Einstein
    For general rules and guidelines to get better answers, click here:  FAQ219-2884

Ok, bare with me on this. I'm not sure about anything you said. You're talking partitioning my HD, but isn't it already partitioned? I haven't a clue how to move everything onto a partition on a HD. Going by your first post I got all my data saved onto DVD+RWs because I was under the impression I was going to use fdisk then reformat.

I read the page you linked me to and that sounds like a regular reformat with the Windows CD. Am I correct?

Yes, the point I was trying to make was to get your data backed up.  Nevermind the partition business.  That's another discussion for another time...

Bottom line is that the instructions should help you in formatting the primary partition (c:) using the Windows CD.  However, if you don't feel comfortable going through this entire reinstall process, you may want to consider getting help.

~cdogg
"Insanity:  doing the same thing over and over again and expecting different results." - Albert Einstein
    For general rules and guidelines to get better answers, click here:  FAQ219-2884

Ok, reformat is done. If anyone would have said (in layman's terms, that is, lol) "just do a reformat" I would not have had a problem. I have reformatted many times. It was the jargon you guys were using that lost me.

Everything seems to be fine, although there was a strange thing that happned after the reformat when I was first on the desktop. I kept getting these message boxes (with MSN in the title) telling me I had viruses or that I needed to check for spyware. I got like three or four in a row, over and over, and I kept clicking to cancel them until finally they went away.

The same thing happened the last time I reformatted and I actually had a computer guy here when that happened and he said it was no big deal. It still seemed weird, regardless what he said. I have never seen those boxes before, and I've reformatted with this same Windows XP Home CD a couple dozen times now. Does anyone here know what that could be?

Anyway, I'm back in business. Hopefully. I'll reinstall Photoshop and the rest of my programs and see what happens. Thanks for all your help everyone.

Are you using different Product Keys for each installation?

-David
2006 Microsoft Most Valueable Professional (MVP)
2006 Dell Certified System Professional (CSP)

No. Same CD, same number I always use.

dcloud,

If you end up still having problems later - especially the same problems, that b/c for whatever reason the MS Windows reformat didn't do the trick, then I highly recommend using DBAN - Darik's Boot and Nuke program.  It's 100% free, and you can burn it to CD or floppy, whichever you choose.  You can get it here, and read instructions, etc:

http://dban.sourceforge.net

I've used this on many machines, if they had problems that we couldn't find or explain, or just were infected with viruses/spyware.  You can't get a more formatted hard drive than this.  The only way to possibly erase data better (from what I know of so far), would be to actually dismantle the hard drive, and do all manner of ills to it's disks.

Hopefully you'll be in the clear, though.  I'd check to make sure you're not getting the same HTTP multiple connection errors again, first thing, to ensure that whatever virus or malware IS totally gone.  If you're still not sure, just wipe with DBAN, and do a clean install of Windows.  That's a garanteed clean, there!  

Quote:

Ok, reformat is done. If anyone would have said (in layman's terms, that is, lol) "just do a reformat" I would not have had a problem. I have reformatted many times. It was the jargon you guys were using that lost me.

So you've done this before and the same problem persisted?

I would be concerned about the messages you got after logging on. In fact I would use fdisk at this point and then format again after using fdisk. I havn't had any experience using the fixmbr or other commands, the one that I've used is, "fdisk /mbr" and that has always worked for me.

Keep us posted.

"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy"
Albert Einstein

Ok, guys I'm going to give fdisk a try. I'm printing out all the info on fdisk so I can read it while I take the steps. Since I just reformatted and there isn't much installed on the computer I figure now is as a good a time as any to try this.

A couple questions for all you Uber Geeks:

It says that I should think about a partition strategy, as in the best way to divide up my HD. Any suggestions? I have a SeaGate Barracuda 250GB 7200rpm SATA drive.

I don't run any DOS apps or Linux or any of those things the more advanced geeks use. I just want a functioning HD for my system that I can run Photoshop/Dreamweaver on. I have seriously considered buying another HD for Photoshop to run on exclusively (as a scratch disk), but right now I just have the one HD.

So my next question is could I just make one partition for this HD? Or I should say would I be all right with just one partition? I don't want to get involved in anything overly complicated. I just want to get rid of whatever is troubling my PC and get back to using it.

My last question is how is my HD normally partitioned? I mean like right now, after reformatting, how is it set up? I don't know how to check that and I thought someone here would know. I'm just curious about this, because that would give me an idea how to re-partition mine; make it just like it was.

Thanks for all your help.

Boot from a bootable floppy or cd and from the c:\ prompt type fdisk and hit enter you will get a list of choices one of which is, "display partition information" I think its option 4 but I'm not positive, or something to that effect that simply shows you what partitions you have and general info about them. There is no worries in messing anything up as it is for dispaying the info only. the other options are for actually changing/deleting/creating etc.
As far as how to allocate there are many different ways to go about that but it typically omes down to personal preference. For 250GB I would probabaly go with a two partitions, the primary set to 50GB and the rest allocated to the other. I would load my OS on the 50 GB partition and use the other for data.
Some may suggest a partition created solely for the the swap file but again that is personal preference and I have no problems with XP's handling of the swap file by default so I leave it that way.

"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy"
Albert Einstein

Thanks. Now I'm a little confused about the bootable floopy. On that fdisk site linked in the last post (http://fdisk.radified.com/) it says, "I posted a Windows ME boot disk on my Downloads page. You can either use this one [labeled "FDISK floppy"], or grab one from bootdisk.com. I suggest the one labeled "Windows ME" as this particular disk contains the latest version of FDISK, which supports hard drives larger than 64-GB."

Now I haven't a clue what this means. Why can't I just use my Windows XP CD? I'm a little lost at this point. Then to make it worse I read this.....

"Download your bootdisk of choice and put a brand new, formatted floppy into your A: [floppy-disk] drive. Extract the contents of the self-extracting executable file to the floppy. Leave the boot floppy in the A:/floppy drive and reboot."

Now I downloaded fdisk and it's not a zip file but an .EXE file, so I can't "extract" it anywhere. Do I just put this on the floppy?

This is why I didn't want to do this, because I don't understand anything this guy is talking about. I mean why do I need a Windows ME bootdisk? I don't get that. Can I just use that fdisk .EXE program on a floppy? Will that work?

Help, lol....

Not sure about that site as its blocked here at my work. I'm pretty sure that XP doesn't have a dos version containing fdisk but I'm not positive. I think XP uses dikpart.exe or something. Perhaps others can advise there. You don't need to download or install fdisk. You need to create the bootable floppy, boot from it and the fdisk component will then be available from a c:\ so once you get to this, c:\ after booting from bootable floppy then just type fdisk and hit enter to view your options.

"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy"
Albert Einstein

Ok, but how do you make a bootable floppy? That's where I got lost. I downloaded fdisk, but it's already an .EXE file. Do I need to stick this .EXE file on a floppy? I got lost on that part, too.

Sorry, works getting busy and my typing time limited ao I'm gonna point you to a link:

http://www.bootdisk.com/

Should anser all your questions, if not try this:

http://www.computerhope.com/boot.htm

Cheers!

"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy"
Albert Einstein

Ok, thanks for that info. I've printed out those pages to help me through using fdisk. I found a method for making a Windows XP bootable floppy, but now my problem is do I just stick the fdisk.EXE file on that floppy, too?

Well I went ahead and just stuck the FDISK.EXE file on the bootable WinXP floppy I made, then I restarted the computer. I got the A prompt, and I typed in FDISK, just like it says in the instructions. However I got the following message: Incorrect MS-DOS version.

Does anyone know where I can find the correct version?

Thanks.

Thats because the XP boot disk does not support fdisk, instead it supports diskpart.exe that is why Windows ME was referenced to use for a boot disk. Create an ME boot floppy per the links listed, boot from it and type the fdisk command.

"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy"
Albert Einstein

Thanks. Ok, here we go ... I'll post again with my results.

I ran FDISK (using the Windows ME boot disc version), but I've run into a few snags. The first time I did it I had two drives in My Computer - C drive was blank, and everything was on D drive. So I ran FDISK again. This time checking with FDISK to make sure my drive letter was correct before refomatting. Now I have one drive in my computer - the C drive with everything on it.

I have an ASUS P4P800 mobo. Some of the stuff on the Motherboard CDs are old, but I don't know where to get any updates (and believe me, I've tried). So I have to use these to get my internet going, graphics, etc. After I began installing stuff off the mobo CDs I started getting those error messages again. They say stuff like my registry is corrupt, STOP WINDOWS IS CRITICAL, and such.

For example one of them says:

Message from SECURITY MONITOR to WINDOWS USER - Important Windows Security Bulletin - Buffer Overrun in Messenger Service allows remote code execution.....blah blah blah

All of these message warnings have a link they want me to click to download some patch. They are really annoying because they keep popping up, even when I'm trying to type or use a program.

I am happy to report that aside from this annoying thing with the messages the fdisk thing seemed to go well. I mean I'm back here typing this post, lol. So does this mean I'm still infected with something? God, I hope not. I've been up all day working on this and I have to work tonight. I'll probably fall asleep there.

I installed the SP2 update (I have the CD) and the warning messages have stopped. I'm still concerned about this, but having run fdisk my HD should be clean. Right?

So now I will install Photoshop and everything else and see if this entire sleepless day has been in vain.

dcloud,

Way back on your 1 Jun 06 5:32 post when you said you were getting MSN popup windows after reformatting and reinstalling Windows, are you sure it was a "clean" installation?  Are you sure your C: drive was blank to begin with before you installed Windows XP?  If so, then the infection survived the reformatting likely by hiding itself elsewhere in your system (possibly the MBR or on another partition).

But now that you're way beyond that and have used FDISK, perhaps you're OK now.  Only time will tell.  It does appear that you have done a clean install at this point since you have to reinstall your apps.  You might want to look in your list of services again for Laa1erps making sure it's gone.

Again, the reason why I didn't recommend FDISK to begin with is that you can only format the drive using FAT32.  I have a personal preference for NTFS (file security is the main reason), which FDISK cannot read.  Plus, the XP CD installer is just as efficient as FDISK when it comes to deleting partitions and formatting.  It's all in the past at this point, so I won't waste any more time on it.



Once you get the applications that are most important to you installed and customized the way you like them, it would be a good idea to consider making an image of your entire C: drive.  Doing so will make the task of reformatting and starting over painless in case you get infected like that again.  It is crucial that you do this BEFORE you start surfing the internet or installing other crap you don't necessarily need.  If you don't already have a backup utility, Norton Ghost, Dantz Retrospect, and several others you can find listed here might be worth a look.

~cdogg
"Insanity:  doing the same thing over and over again and expecting different results." - Albert Einstein
    For general rules and guidelines to get better answers, click here:  FAQ219-2884

I checked Services and Laa1erps is no longer there. Also, I was able to format my drive with NTSF, and the drive is reporting a correct size at 250GB. So it seems to have worked pretty well. I will finish up the job when I get home tomorrow. Thanks to all of you for your awesoem help. I could not have done this without you guys.

dcloud,

How is your PC connected to the Internet?  Directly to a DSL or Cable Modem, or ???

All these messages you say pop up shortly after a reformat/reinstall leads me to suspect your PC is connected directly to the Internet. The messages you say are from MSN are most likely from Windows Messenger and the fact they pop-up says your PC is exposed to the Internet.

This thread sounds a lot like what you say you saw:

http://groups.google.com/group/microsoft.public.windowsxp.general/browse_thread/thread/c4ed5a88c7887dbb/184cdc9cde4ec836?lnk=st&q=SECURITY+MONITOR+to+WINDOWS+USER&rnum=1#184cdc9cde4ec836

Report back how you are connected to the Internet so security suggestions, if needed, can be made.

If, after all this, you still have problems, use DBAN.  It's much easier to use:
1.) Download file from website:
        http://dban.sourceforge.net
2.) Run the file (will create a CD image file if you use the CD-Rom version (faster than floppy in operation) OR for floppy, run the file, and make sure you have a blank floppy in your floppy drive.

3.) For CD, after creating CD Image file, burn it to CD with Nero or whatever CD burning app you use.

4.) Reboot computer, make sure either the floppy or CD (whichever you chose to use) is in the corresponding drive, and that your system is set to boot from CD or floppy (if you've never changed BIOS boot settings, then it should be that way by default).

5.) DBAN will load - you don't have to do anything, it takes care of it totally.

6.) When it stops loading (very short time frame), it will give you the options of what to do:  Here, I always just type "autonuke" - without the quotes, of course.  This command tells it to run all of the formats (different programs).

7.) Walk away for a very long time - I'd do it overnight before going to bed, and check it when get up in the morning.

8.) When you come back, just ignore any message that says anything about creating a log file to a blank floppy disk, b/c all you care about is that it's all gone.

9.) Put in your Windows CD (assuming this is a full version, not an upgrade, if upgrade, you'll need to supply a full version CD for reference - same or prior version)

10.) Install Windows as normal.

Now, your machine will likely run at least a little better, if not much better than it has in quite some time (moreso than just using Windows reformatter).  Basically, I don't think it's possible for anything in any way to hide from the DBAN compilation of programs.  It's getting more and more popular all the time.  It runs in Linux, but that doesn't matter for the end result, of course.

Oh, and similar to what these other guys are getting at in regards to reinstalling Windows; considering that you have had at least one or two pretty tough viruses in the past on your machine, do NOT plug up your machine to the internet until AFTER everything is installed, including antivirus, firewall, antispyware, and Windows updates (SP2 at least) if at all possible.  Also, if you have broadband - this may have been mentioned already - make sure you have a router with built-in firewall.  Otherwise, you're basically a sitting duck; the physical firewall creates a boundary to hackers and viruses before you get to your actual machine, and really seems to block out something like at least 90% of all problems.  Just make sure you change the password from the default "admin" that most or all of them use.

If you're still reading this whole thing, get some coffee.  You'll probably need it after reading all of these posts in this thread, and working on your computer software!  

Quote:

In fact I would use fdisk at this point and then format again after using fdisk.

Based on what I'm reading I don't think you formatted again after using fdisk did you? It would have been nice but you may be okay.

cdogg, I prefer NTFS over FAT32 also however its easy enough to convert aftwards with no risk to data loss. (CONVERT C: /FS:NTFS)

Freestone has some very valid points. If you don't have a router with a built it firewall it is well worth the investment.

"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy"
Albert Einstein

badfrog,

You may not have been aware that fragmentation and cluster size can be an issue after a conversion, depending on the amount of data you have on the drive, and the size of the partition.

I can dig the article up if you need it, but take my word that conversion afterwards is loss of efficiency.  I still don't see any reason to use FDISK unless you are sticking with FAT32.

~cdogg
"Insanity:  doing the same thing over and over again and expecting different results." - Albert Einstein
    For general rules and guidelines to get better answers, click here:  FAQ219-2884

If its not too much trouble I would be interested in reading that. I've been using fdisk and converting for awhile now and havn't really noticed any efficiency loss. Then again I havn't been bench marking either. Anyways like I said if its not too much trouble, I'm more curious than anything. Thanks.

"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy"
Albert Einstein

I have cable internet with the cable modem. I have not had any of those pop-up messages since installing SP2. I'm wondering if it's because of Windows firewall (that was installed with SP2). Freestone, thanks for that link. Now I'm wondering if the Windows firewall is adequate. Obviously I am open to the possibility of being infected again, since I was still getting those message boxes.

Another thing I noticed is that sometimes when I turn the computer on there is this little computer icon down by the clock that says: Local Area connection, Speed 100.0 mbps, Aquiring network address...

I found it odd since I have cable, but then again I believe this is part of installing the SP2 update.

Okay, thanks for confirming you are directly connected to the Internet. I'm at work at the moment so can't take too much time for a post, but I suspect in little time you will be inundated with security recommendations.

And yes, as soon as your network connection was made to the cable modem, you were exposed to anything that was out there on the Internet, good and bad, and it doesn't take the bad too long to find you.

The icon you are seeing is your network card acquiring an IP address from your cable provider, and it is this address that is the exposure.

dcloud,

Since you have a cable modem, if you don't have a router with built-in firewall, you're basically a sitting duck until you get one.  You could have the best software firewall in the world, if one is necessarily the best, and still not necessarily block everything.  By the way, I can't remember the exact number for sure, but on average, any computer connected to the internet gets attacked, or attempted to be attacked within 6 or 7 minutes, I believe it is.  So, with that one statistic, I would say definitely get a router, or you'll end up with at least the same problem in the near future.

The popups weren't fixed by Windows Firewall.  The pop-ups you are talking about (if I know for sure which ones you are talking about) were stopped, b/c in SP2, Microsoft disabled the Messenger service, which is not needed for home users.  Many people (some got in big trouble with it in court) started using this a good while back to send out blanket messages, trying to get you to buy their software (for example).  Anyway, b/c of many complaints about it, Microsoft disabled that service to keep that from occuring on standard home pc's.

Thanks, kjv. Can you recommend a good router? I used to have a Linksys, which seemed pretty good, but I've also heard good things about Netgear routers, too.

Regarding firewall issues:

I haven't seen bcastner around here in a while (and that's a shame), but he'd be the first to tell you how secure any workstation is with Windows XP SP2's firewall enabled.  If I remember correctly, there were tests done in the past to show that even skilled hackers were not able to get through it.  Keep in mind this is regarding a PC that just sits idle and isn't infected within.

So even though I don't doubt XP's firewall protection, we all know most PC's eventually become infected from downloading, web surfing, and email attachments.  EVen power users have trouble avoiding it.  Once a PC is infected within, XP's firewall is of no use anymore.  It only protects from inbound traffic, and isn't good for monitoring outbound (trojans, worms, etc).

A router with NAT (Network Address Translation) is going to increase your protection from the outside, but it too will not monitor outbound traffic.  For that, you need a software firewall like Zonealarm Pro.  There have been many threads on the subject, so I'd recommend searching this site or starting a new thread if you need help here.  Don't forget a good antispyware app and antivirus software too.  All 3 provide different levels of protection and should be used in tandem.


Badfrog,

Sorry, still haven't had time to look up the article, but let me clarify what I meant about "loss of efficiency".  I didn't mean you would necessarily notice a drop in performance.  However, the way files are stored in clusters and sectors could suffer from more wasted "slack" space (unused space per cluster) as well as increased fragmentation.  This is all at first until the drive is cleaned up with a defragmenter that can handle both.  Disk Defragmenter in Windows doesn't deal with slack space just so you know.

So even though it's not a big deal, the process you're taking with FDISK then doing the conversion seems like a zig-zag approach to get from point A to point B.  That's really what I was getting at when I mentioned efficiency.

~cdogg
"Insanity:  doing the same thing over and over again and expecting different results." - Albert Einstein
    For general rules and guidelines to get better answers, click here:  FAQ219-2884

I wanted to let you all know that the computer is running a little faster now. I have installed my Creative Suite and even that appears to be moving faster. So far so good. I want to thank all of you again for your excellent help.

dcloud,

Just about any modern router will do the trick.  It seems they've come a long way.  I've not used Netgear, but their reviews do seem to be good.  I know that Linksys and US Robotics both have good routers - I've used both.  I also like DLink ok, but there was one security option that wasn't available as far as I could tell - they may have started including that in the most recent 6 months, but before it was not there.  It's basically just a setting to make it appear that you do not exist if someone tries to ping your IP address - this is often the first tool a hacker or virus will use before trying to actually attack.  After all, what is the use of them attacking if no-one is there?

Anyway, the closest thing you'll get to a foolproof secure system is this (as far as tools):
Hardware Firewall - such as Linksys or USRobotics, DLink, Netgear, etc - I'd just do some searching around for one particular model you like.  I've noticed that each one of the manufacturers seem to have some good ones and not so good ones.

Software Firewall: ZoneAlarm Free should be plenty - a home user doesn't really need the "pro" version.  Windows Firewall may be ok, so long as you have your updates all current.

Antivirus: AVG Antivirus by Grisoft works very well.  I personally prefer it over any of the paid antiviruses or other free ones I've tried. (have tried Antivir (free), Norton, McAfee)

Spyware: If you do enough research, you'll find that SpywareBlaster, Spybot Search and Destroy, and Ad-Aware Personal SE do an excellent job, if not the best job of keeping your computer free of spyware/adware.  I tried the Microsoft AntiSpy, and didn't like it too much.  It slowed down my machine a bunch, and it did the same on the other 2 or maybe 3 comptuers I tried it on.  For what you get out of it (unless it got a whole lot better in maybe the past year), it's not worth the download.  There are some other ones that will say they find spyware, but as soon as you take their suggestions, you end up messing up a normal (non-spyware program); I tried a couple of the others, and that is the results I got - I've not tried all of them.  The 3 I recommend come from using them on multiple computers (when I help others in my area), as well as my own, for now at least 1.5 to 2 years.

Keep Windows up to date.

Stay away from online chatting, gaming, and such as possible, or at least limit it and be careful.  When I say online gaming, however, I'm talking more of where you find "download these free games!" and things of that nature.  From the pc's that I've cleaned off tons of spyware and viruses, the majority had at least some sort of internet games played on them (I'm not talking the multiplayer games, such as Call of Duty and the like - though they may cause the same problems, I just don't know of it), and/or had some sort of active chatting software installed.

If you are not using MS Outlook Express, uninstall it - it's just a possible security threat, with all the fixes taht Microsoft has pushed out for it.

If you don't use MSN Messenger or any other chat program that's installed, remove it.  Any program that can connect to other users over the web can be a possible security threat, especially if you get infected with a virus or spyware app that tends to use that particular program as a tool.

Stay away from P2P if possible.  P2P can be a great tool, but it can also be a very dangerous tool to use.  With P2P, you are opening up your firewall more, so outsiders have a greater chance of getting in as well.

Keep all the antivirus/firewall/spyware stuff up to date.  AVG has an auto-update feature, to where you don't have to do anything for it to check for updates.  ZoneAlarm Free - you'll get a notification of an update whenever one is available, and you basically just download the newest version and reinstall it.  The spyware apps listed have update features (though not auto-update); they only take a few seconds to maybe a minute each to complete.

Be careful on browsing to unknown websites and opening any attachments via email.  This should be a no-brainer, but it's also an easy one to slip up on.  I personally once had a coworker trying to find free templates for Microsoft Powerpoint, and she ended up with all sorts of stuff on her computer - she searched in Yahoo I believe it was, followed the link to what she thought was templates, and viola! she was infected; tons of pop-ups was the biggest problem with that particular one.

Well, I hope some of this has been helpful.  At the very least, you got the garbage off your pc, and now you've got loads of info from diff people to try and get it all together.  

While reinstalling programs and such after the FDISK fiasco, I had Windows search for the best drivers for my C-Media soundcard. While it was downloading the drivers my computer crashed. When I came back to the desktop a message said Windows had just recovered from a critical system error. It said the cause could not be determined, but it was obviously the C-Media drivers it was downloading.

I guess its high time I got a decent sound card.

I wouldn't think that the soundcard driver caused it if it happened while you were downloading the driver.  Were you installing the driver or downloading from the net?

C-Media would be your onboard sound.  You should be fine with whatever driver you find, so long as you get it from the mobo manufacturer.  If that problem continues to happen, then you may want to make sure there isn't some bigger problem after all of this, like maybe a bad hard drive or some other component.

No. C-Media is my sound card. A friend gave it to me because I was looking for something better than my onboard audio (which is SoundMAX). As for the bad hard drive we've been through this already (that's what this entire thread was about) and I ran FDISK to fix this problem.

FDISK won't fix a bad hard drive.  You may recover bad sectors, etc, but in the long run, you'll just have to replace it.  And considering you can get one for less than $50, it might not be a bad investment, given all of your troubles.  To verify there are no hard drive physical errors (which no software can fix), check your event manager for disk errors.

And if you want to get a good sound card, just get a Soundblaster Audigy 1 or 2 off of ebay - they're pretty cheap nowadays, especially since Audigy Xfi is the most current Soundblaster.

And as far as "As for the bad hard drive we've been through this already (that's what this entire thread was about)" - just b/c it's already been mentioned and some software has been used to attempt a repair does not mean the problem is fixed - check your event manager to be sure.

Sorry, kjv. I didn't mean for my reply to sound so rude. I should know better than to post before I get my first cup of coffee , lol. I gathered from all of this that my HD was infected with an MBR virus, but I'm not sure there are any bad sectors. The event manager is not showing as many error messages as before, but it still has some. Below are the ones I have so far:

Warning: Cdrom - An error was detected on device \Device\CdRom0 during a paging operation.

Warning: Tcpip - TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Warning: Print - Printer Driver Adobe PDF Converter for Windows NT x86 Version-3 was added or updated. Files:- PSCRIPT5.DLL, Ps5ui.dll, ADPDF7.PPD, Pscript.hlp, AD2KREGP.DLL, AD2KUIGP.DLL, AD2KGELP.INI, PSCRIPT.NTF.

Error: Cdrom - The device, \Device\CdRom0, has a bad block.

It doesn't appear that I have any HD errors or warnings, just the Cdrom ones, and I don't think Cdrom errors are the same as HD errors. I'm wondering if SeaGate has a detection tool available on their website for checking this HD for bad sectors. I will have to look into that.

Good idea.  If you do continue to have the reboot problems, then I might also would check the BIOS settings for your CPU temp to see if that is overheating.  And, if that isn't it, either, and still having the problem, then it wouldn't be a bad idea to try a different power supply if you can get your hands on one - just to see.  Just make sure that the power supply is enough to handle whatever hardware you have.

For your warnings, it sounds like you may have 2 possible other problems: a CD/DVD burner/ROM going bad - but I would guess it could just be the CD or DVD in the drive has scratches, as well - don't know for sure.  And, the TCP/IP warning - I think that one CAN come up when running certain updates and such, or using a download client, etc.  For instance, I used a download client (provided by Microsoft) to download the most current beta version of Windows Vista, and afterwards, I had a couple of the TCP/IP warnings - but if you're not getting tons of them, I wouldn't worry about it.

kjv, thanks for your excellent help. I went to the SeaGate site and downloaded their SeaTools HD utility to a floppy, which I can use to check the HD for bad sectors upon rebooting (with the floppy in). I also scheduled a Windows scandisk of the drive upon reboot. I think I will do the Windows scandisk first, and then reboot and use the SeaTools floppy.

I bought Everest Ultimate Edition to keep track of my CPU and case temps. It's also an excellent tool for a bunch of other reasons. My BIOS reports the same temps as Everest - HD (31), CPU (30), Motherboard (32).

Just so you know I do not use a download client and I did a bunch of upgrades to my computer last summer. I bought a new PSU (Ultra X-Connect modular 500W), got some rounded IDE cables to replace the flat ribbon ones to increase airflow, installed new case fans (I have three now as opposed to the single one I had before, including the one on the CPU), and installed the new SeaGate HD and a Lite-On DVDRW SOHW-1673S.

Would running FDSIK remove the updated firmware I did on the Lite-On, or would that remain intact? Because I did update the firmware on the Lite-On after I installed it.

This is the results of the Sea Tools tests (I ran the full tests which took about an hour):

SeaTools Desktop v3.02.04 Copyright (c) 2005 Kroll Ontrack Inc. 6/15/2006 @ 12:39 PM

The following information has been generated by SeaTools Desktop.  Use this information to help you recognize and resolve potential data access problems.


System Information:
BIOS Date                 10/14/04
Conventional Memory size   639 K
Extended Memory size      58532 K
IO Channel type            PCI


Drive Information:
SIZE         MODEL
---------    ---------------------
250 GB       ST3250823AS                             


Serial Number = 3ND1CDVP
Int13 Num = 80, PHYS CHS = 16383x16x63.
ParmTable CHS, Rsvd = 30401x255x63

PARTITION       CYLINDER          SIZE
----------      ------------      ----
 #   Type       Start    End      MB
 PRIMARY
 1   NTFS       0        30400    250072


Diagnostic Results:

Seagate DiagATA Quick Test Result:  Skipped
    Recommendation:
    The "Quick Test" is adequate for most situations.
    Consider running the "Full Test" which
    verifies each sector on the drive if you need to run a more
    comprehensive diagnostic.



Results from Seagate's DiagATA/SCSI:

-----------------------------------------------------------------

              DIAGATA.EXE Version 3.08.50629ML
Copyright (c) 2002-2005 by Seagate Technology LLC.  All rights reserved.

-----------------------------------------------------------------
Timer Resolution: 0.000122
Short Test Begin: 15-Jun-2006 11:26:54
Cable Test - 0 Errors
Buffer Test - 0 Errors
Identify Data
   Model Number: ST3250823AS
   Serial Number: 3ND1CDVP
   Firmware Revision: 3.03
   Default CHS: 16383-16-63
   Current CHS: 16383-16-63
   Current Capacity: 16514064 Sectors
   Total Capacity: 488397168 Sectors
   ID Method: Unknown
SMART Check: Passed
DST Poll Time = 60 seconds
Short Test Aborted by End User: 15-Jun-2006 11:27:10


-----------------------------------------------------------------
End results from Seagate's DiagATA/SCSI

ATA Full Test Result:  Passed



Results from Seagate's DiagATA/SCSI:

-----------------------------------------------------------------

              DIAGATA.EXE Version 3.08.50629ML
Copyright (c) 2002-2005 by Seagate Technology LLC.  All rights reserved.

-----------------------------------------------------------------
Timer Resolution: 0.000122
Long Test Begin: 15-Jun-2006 11:28:12
Cable Test - 0 Errors
Buffer Test - 0 Errors
Identify Data
   Model Number: ST3250823AS
   Serial Number: 3ND1CDVP
   Firmware Revision: 3.03
   Default CHS: 16383-16-63
   Current CHS: 16383-16-63
   Current Capacity: 16514064 Sectors
   Total Capacity: 488397168 Sectors
   ID Method: Unknown
SMART Check: Passed
Full Scan (0 to 488397168) - Passed
   Elapsed Time: 1.19 Hours
   Estimated Internal Transfer Rates
      Min: 51.83Mb/s Max: 4276.29Mb/s Avg: 490.94Mb/s
PIO/DMA Data Compare
   Total Bytes = 21265920
   Estimated PIO Transfer Rates
      Min: 2.26MB/s Max: 2.32MB/s Avg: 2.29MB/s
   Estimated DMA Transfer Rates
      Min: 98.10MB/s Max: 163.51MB/s Avg: 128.32MB/s
Long Test Passed: 15-Jun-2006 12:39:44


-----------------------------------------------------------------
End results from Seagate's DiagATA/SCSI



File Structure Test Result:   

Partition 1 (NTFS (250 GB) )    Result: Passed with inconsistencies

Some files and/or folders were found with inconsistent write or change times.  The write or change time in the index does not match the write or change time stored in the file record.  This is normal and not considered a corruption.

NOTE:  Any report of possible errors in the file system tests are for informational purposes only.  We suggest you should consider testing with the official file system diagnostic utilities for your operating system. Seagate is not able to assist with troubleshooting or reviewing file system test results.



******************************************


Recommendation: All selected physical diagnostics passed.

If you are not experiencing data loss and SeaTools reports File System Structure errors, they may be caused by a lock-up or failure to shutdown Windows correctly. Many times, these errors may be repaired through normal system maintenance which includes using the Windows provided "Defrag" and "Scandisk / Chkdsk / Error Checking" utilities.

If you are experiencing a hardware error, you should isolate the cause and replace the failing component. If you are unsure how to proceed with repairs, contact a computer professional. After completing any maintenance tasks, run SeaTools again to verify that all errors have been repaired. If errors continue to occur, the system may not be stable. Again, contact a computer professional.

After that I ran Windows scandisk, which reported no errors. either. Correct me if I'm wrong, but from what I see here it appears my HD is ok.

Well, if those are all correct, which I would guess they were, then you should be in good shape, hard drive wise.

If you don't have any more of the random reboots, then maybe it was just a random quirk - which is possible, just not very normal.  If you do get more restarts, then my next guess would be one of 3:
1.) Problems with too much heat - CPU overheating or maybe even memory overheating
2.) Bad/failing power supply - I've had one of these and it's not a fun thing to deal with.
3.) incompatible hardware - have also seen this, but it usually it gives the "blue screen" along with the reboot, saying there was a hardware error at address blablabla.. I've seen this caused even by a PCI wireless network card.

But if no more reboots or inconcistencies, then I'd guess you're good to go.  Just keep an eye out for any future recurrences.

I only had the one reboot, which was when Windows was automatically downloading the drivers for my C-Media soundcard. Obviously due to the age and low value of this card that is understandable. So after some research I am keeping an eye on a couple Creative SoundBaster Audigy2 ZS sound cards on eBay to replace the C-Media card with. I've read good things about this sound card and that should improve not only my sound but also any driver upload snags (since Creative has more recent driver updates on their site as compared to the C-Media one).

Thank you for your help, it has been very much appreciated :)

One more note:  If you get a Creative Card (forgive me if you already know this - I have a few, and I think they're GREAT!), you'll want to install this way:
1.) Install the physical card.
2.) Install the software/drivers from the CD.
3.) Go to www.soundblaster.com, click on the "support" link, and then "software auto-update".  Just make sure that you have your pop-up blocker(s) turned off or that you allow pop-ups for:
  www.creativelabs.com
and
  www.soundblaster.com

It works really good.  I used to have to go and find each and every install I needed, and read about it to see if I needed it for my card, or if it were just for another, but with this, it works kind of like Windows Update - it checks your machine for you to see what you need.

Anyway, if you get any Audigy card, whether 1, 2, 4, or XFi (newest), you won't be dissapointed with the quality of sound, nor of support - at least that's been my experience.