Tech Support Forum - View Single Post - Computer runs VERY slowly for first half hour...

befuddled_one · 03-22-2008, 06:26 AM

I built a computer out of various traded parts recently. It's a 2.2GHz dual-core with 2 GB of RAM, about 220 GB of HD space, running (fully updated) winXP Pro. I've been trying to get it to work correctly for several weeks, and have run out of ideas.

When I turn the computer on, it starts fairly slowly, but once it's in windows, it has a symptom I've never encountered before. If I click on an icon, it takes between 30 and 90 seconds to acknowledge that I've clicked. Ctrl-alt-delete takes a similar amount of time to show. I've defragged, scan-disked, and run various antivirus and antispyware programs - none of these have changed the symptoms. The task manager, while the computer is crawling along at this low speed, says that 99% of the processing power is running system idle processes. I've checked everything that shows in the task manager, and they all have legitimate names, but I'm not really clear on how to tell if they're corrupted, if the various scans I've run don't identify them as suspicious.

Here's my hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:10 PM, on 3/21/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: CCC.lnk = ?
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1201661387250
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 3321 bytes

I've run through the 5-step "before you post" process. I don't have any of the rogue or suspect software, none of the listed programs showed up in the "add/remove programs" list, and here's the Panda activescan log:

Incident Status Location

Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Galactic Overlord\Cookies\galactic overlord@cgi-bin[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Galactic Overlord\Cookies\galactic overlord@com[1].txt

I've installed spywareblaster, but IE-Spybot wouldn't download, and I never use IE anyway - from what I've read, that program doesn't do anything with Firefox. I ran the update process, and I was already fully up to date with critical updates from Microsoft.

One other odd symptom, which might be related. When I go to shut down the computer, I click the usual start menu option, then the computer waits for a couple of minutes before the screen goes grey-scale (in a fraction of a second, not the more usual gradual, several-second process) and the menu pops up to let me shut down, restart, or log off. During all of these "slow" times, the mouse pointer still tracks at full speed - it's just that it takes forever (subjectively) to react to a click.

So what should I do next?

David

03-22-2008, 06:26 AM	#1 (permalink)
befuddled_one Registered User Join Date: Mar 2008 Location: New Hampshire Posts: 23 OS: Win XP Pro, SP2	Computer runs VERY slowly for first half hour... I built a computer out of various traded parts recently. It's a 2.2GHz dual-core with 2 GB of RAM, about 220 GB of HD space, running (fully updated) winXP Pro. I've been trying to get it to work correctly for several weeks, and have run out of ideas. When I turn the computer on, it starts fairly slowly, but once it's in windows, it has a symptom I've never encountered before. If I click on an icon, it takes between 30 and 90 seconds to acknowledge that I've clicked. Ctrl-alt-delete takes a similar amount of time to show. I've defragged, scan-disked, and run various antivirus and antispyware programs - none of these have changed the symptoms. The task manager, while the computer is crawling along at this low speed, says that 99% of the processing power is running system idle processes. I've checked everything that shows in the task manager, and they all have legitimate names, but I'm not really clear on how to tell if they're corrupted, if the various scans I've run don't identify them as suspicious. Here's my hijackthis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:07:10 PM, on 3/21/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Startup: CCC.lnk = ? O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1201661387250 O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 3321 bytes I've run through the 5-step "before you post" process. I don't have any of the rogue or suspect software, none of the listed programs showed up in the "add/remove programs" list, and here's the Panda activescan log: Incident Status Location Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Galactic Overlord\Cookies\galactic overlord@cgi-bin[1].txt Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Galactic Overlord\Cookies\galactic overlord@com[1].txt I've installed spywareblaster, but IE-Spybot wouldn't download, and I never use IE anyway - from what I've read, that program doesn't do anything with Firefox. I ran the update process, and I was already fully up to date with critical updates from Microsoft. One other odd symptom, which might be related. When I go to shut down the computer, I click the usual start menu option, then the computer waits for a couple of minutes before the screen goes grey-scale (in a fraction of a second, not the more usual gradual, several-second process) and the menu pops up to let me shut down, restart, or log off. During all of these "slow" times, the mouse pointer still tracks at full speed - it's just that it takes forever (subjectively) to react to a click. So what should I do next? David