Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Agobot Virus Infection


  • Please log in to reply

#31
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,331 posts
  • MVP
I tried to reply last night but the forum went down on me.

You are getting a lot of these:
"Log: 'System' Date/Time: 26/05/2011 1:00:39 AM
Type: warning Category: 0
Event: 51 Source: Disk
An error was detected on device \Device\Harddisk1\D during a paging operation."

This may indicate that your hard drive is dying. Sometimes if you run the diskcheck several times in a row it will stop the error.

Could you give the the CPU temperature? Is this a laptop or desktop?

Ron
  • 0

Advertisements


#32
Tokay

Tokay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
This is a laptop. The temperature for the two cores was in the high 80s, low 90s (celsius), and the ACPI temperature was about the same.

I could run the diskcheck more- it seems like a rather lengthy process. Are you saying that even if the hard drive is dying, the diskchecker will fix that, or just fix the error, if it is happening for no reason?
  • 0

#33
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,331 posts
  • MVP
Laptop temps are too high. Normal for a laptop is below 60. My desktop runs at 35. Remember 100 in C is the boiling point of water so your laptop is cooking. Make sure all vents are not blocked. With laptop turned off: Take a vacuum cleaner and suck out the dust from each vent. If your vacuum cleaner has the option reverse the flow so that it blows air through the vent.

Do you hear the fan coming on when you start it up?

Consider a laptop cooler pad. (I got one at Big Lots for $10).

The disk check will look for a bad spot on the drive, try to recover any files that are in the bad spot and mark the spot as bad so that the disk will no longer use it. It won't prevent the drive from getting worse but if this was caused by mistreatment of the drive (e.g. dropping the laptop) rather than just age it might make it work properly for a while longer. Run it while you sleep if you think it takes too long.

Ron
  • 0

#34
Tokay

Tokay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Alright- right now they're running at just over 60- it's just when I do something besides use internet browsers that they rise, it seems.

I'll check and try to clean it out. I usually hear the fan, but it's not very loud.
  • 0

#35
Tokay

Tokay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Wow- so, I completely disassembled my laptop, which was crazier than any laptop I've opened up before (the fan is the last thing you can get at, meaning that everything, including the motherboard, had to be removed first; www (dot) ahwee (dot) com (slash) how (dash) to (dash) disassemble (dash) laptop (dash) dell (dash) latitude (dash) d620 ).

Anyway, I cleaned out the fan, which had some dust in it, but I think the real issue was that the part of the hintsink that looks like a little cage was absolutely coated with dust. So now, I hear the fan purring away quietly than ever. Temperatures for the two cores are right now 58 and 59. I am going to check out what running this game does to the computer now. I'd like to think that the issue will be solved, but somehow I doubt that that was the whole problem. But I'll see...

And at night I will run the disk checker. Is there anything else I should do for a system cleanup? What should I do with these logs and programs from all this?



[As I am writing this, the fan kicked on smoothly, and the temperature dropped to a cool 42 and 44 :)]

Edited by Tokay, 28 May 2011 - 03:42 AM.

  • 0

#36
Tokay

Tokay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
No problem running games or videos- the temperature may go as high as 70-71, but that's about it.

So far, so good.
  • 0

#37
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,331 posts
  • MVP
Glad you were able to disassemble the laptop and clean the heat sink. Maybe you will get lucky and the heat was causing the drive errors.
Keep monitoring the event logs and see. IF they don't stop coming you will probably need to replace the hard drive. Best to do it before it fails completely. If you can take a laptop apart you can change out the hard drive. The only trick is you need a USB to SATA adapter so you can clone the drive before you install it but they are available from amazon.com for less than $10. http://www.amazon.co...8/ref=pd_cp_e_3
Any 2.5 in laptop SATA drive will work. I found one for $48
http://www.amazon.co...e/dp/B001QWRUCW
The cloning software you can download from the maker of your new (or old) hard drive.


I think that's all that I can help you with.

You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\ComboFix.exe" /Uninstall

Start, Run, cmd, OK then right click, Paste, then hit Enter.

To hide hidden files again:

XP

# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and shutdown My Computer.

OTL has a cleanup button which will remove most of our tools and also its logs and backedup files.

You do not have the latest Java (Java™ 6 Update 25 ). Get the latest at:

http://javadl.sun.co...?BundleId=41723

Save it to your PC then close all browsers and install it.

Once you install it, go into Control Panel, Add/Remove Software and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java™ 6 Update 24 which is new enough that it should be removed automatically. If you use Firefox go into tools, Add-ons and make sure that CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA is not enabled. CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA is OK but 0024 should be disabled or uninstalled. Java seems to have a real problem removing the old consoles from Firefox. Having multiple Java consoles will make Firefox very sluggish and slow to start.


Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat. Adobe is fond of foisting GetPlus on you. You can let them install it and then afterwards, go into Control Panel, Add/Remove Software and remove it. It probably doesn't hurt to leave it but I don't see the need for it and it has caused problems in the past.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

I recommend you install the free WinPatrol from http://www.winpatrol.com/download.html

It's a small program that will sit in your systray and warn you if something tries to make changes to your system.

If you use USB drives you might want to install Autorun Eater v2.5.
http://download.cnet...4-10752777.html
Another small program which will stay resident and prevent an infected USB drive from infecting your PC.

If you use Firefox make sure you have the latest which should be 4. something then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: http://simple-adblock.com/

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox. You can run it any time that Firefox seems slow and should run it after you add an extension or update the program.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Ron
  • 0

#38
Tokay

Tokay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Thanks for all of the suggestions. I took your advice and got those two programs.

I really appreciate all your help- I would be in worse shape without your advice and instructions, and I enjoyed learning a bunch of things as well. :)



Thanks again so much, and take care.



-sebastian
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP