?
Solved

Computer suddenly very very slow

Posted on 2004-04-28
10
Medium Priority
?
2,845 Views
Last Modified: 2010-04-12
I have a Dell Inspiron with W2K installed. It has been superb for about 3 years. Snappy and reliable. I have 384Meg memory (900 virtual) and about 10 Gig free disk space. Suddenly a couple days ago this computer started running painfully slow. The CPU usage is nearly 100%, even after rebooting (which I have done more than a dozen times). I have always run up-to-date virus checking tools, and have done a complete scan of the drive (it found nothing). I've run AdAware and turned up nothing. I can't see any obvious culprits in the list of processes. As it is now, I can barely launch explorer and notepad. I've uninstalled anything that is non-essential.

Until a couple days ago, I would run several applications at once and zip around easily. This is a nightmare! Am almost out of commission. Am trying to shift some of my work to another computer, but as you know, that is not so easy. Any tips, suggestions, ideas, or even calming words would be appreciated! Thanks!
0
Comment
Question by:cascade99
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 32

Expert Comment

by:LucF
ID: 10936909
Hi cascade99,

Please check the Task manager to find out what process is hogging up all the CPU time.

Greetings,

LucF
0
 
LVL 49

Accepted Solution

by:
sunray_2003 earned 1600 total points
ID: 10937102
Try doing these


a) download msconfig from here and dictate the startup programs
http://www.techadvice.com/win2000/m/msconfig_w2k.htm
install it , run it . go to startup tab once it runs and disbale all applications. Reboot the machine and check if it would work sooner. There could be some unwanted application that starts during the bootup and might be using the CPU.

b) Download the latest patches and security updates .

c) Check for unwanted starting services and disable them
http://www.blackviper.com/WIN2K/win2kservice411.htm

d) Try doing system file checking ( start ---> run --> sfc /scannow)
http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q222/4/71.ASP&NoWebContent=1

e) Have you already done defragmentation and Disk cleanup

f) go to start --> run ---> typein : %temp% and remove all the files inside that folder.

g) You may also want to run other spyware tools in this post http:Q_20945897.html ( post log from hijackthis)

h) Try using this to check which one is consuming more usage
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml

How to Break Down the System Process
http://support.microsoft.com/default.aspx?scid=kb;en-us;295714

http://search.webattack.com/get/pstools.shtml

there could be other suggestions that I might be missing. You may want to use recovery console if nothing of the above helps.
0
 
LVL 7

Expert Comment

by:YarnoSG
ID: 10938125
Check for malware/spyware -  someone around here has a big list of tools-  a small one can be found at www.onlinedangers.com/resources.php
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 3

Assisted Solution

by:Tele_tech
Tele_tech earned 400 total points
ID: 10943436
I agree that you need to find out what is running.. what process...

Download Codestarter after running Spy bot (my preference) or which ever
This software will tell you what is loading when your computer is starting up.... and what process are running.. with descriptions and companies that make it
I have found it very useful in cleaning up an infected machine.

http://codestuff.netfirms.com/download.shtml

also....

download stinger  ... this is an one shot hard clean by network associates...  

http://vil.nai.com/vil/stinger/
0
 

Author Comment

by:cascade99
ID: 10943563
Sunray gave me a lot of things to try.. and I have worked through most of them. True I have learned a lot and cleaned up a lot of messes. In particular, Spybot S&D found a lot of nasty stuff. Plus I have cleared out many unnecessary services and programs automatically starting up. So I have a healthier machine...BUT

Unfortunately, the problem is still bad. From the moment I boot up, the CPU time is anywhere between 50 and 100%. Here is the report from HIjackThis. I am desperate to get my machine restored.. so I am still hoping that you (or someone) have some more advice. I can make the machine available through NetMeeting.

Logfile of HijackThis v1.97.7
Scan saved at 1:39:51 PM, on 4/28/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\System32\mnmsrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINNT\system32\regsvc.exe
C:\Program Files\Dantz\Client\Remotsvc.exe
C:\Program Files\Dantz\Client\retroclient.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINNT\system32\taskmgr.exe
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\temp\_a\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://kelut.objectpublish.com/catalogs/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - Global Startup: D-Link AirPlus Xtreme G Configuration Utility.lnk = C:\Program Files\D-Link AirPlus Xtreme G\AirPlus.exe
O4 - Global Startup: timeset.bat.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O10 - Broken Internet access because of LSP provider 'imon.dll' missing
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0369528B-3082-11D2-9997-00A0C9B7A242} (PlaceWare Presentation-Upload Control) - http://www47.placeware.com/etc/pwe/trial2/placeware.aud.ieupload/UploadControl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/en/deleon/1.1.48-deleon/GoogleNav.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://ftp.us.dell.com/fixes/PROFILER.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37837.9193634259
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://transcend.webex.com/client/latest/webex/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = DPA_DEV.COM
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F0C04BB-E0CC-4F63-87A7-A90EA7B14DEA}: NameServer = 209.144.50.135,209.144.50.113
O17 - HKLM\System\CCS\Services\Tcpip\..\{3BF7A26A-8D0F-48A0-B38C-F74850CC88CA}: NameServer = 209.144.50.135,209.144.50.113
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = DPA_DEV.COM
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 209.102.90.161
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = DPA_DEV.COM
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 209.102.90.161
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = DPA_DEV.COM
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 209.102.90.161
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 209.102.90.161

0
 

Author Comment

by:cascade99
ID: 10943951
I just saw the posting by TeleTech. Will try both now.
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 10944855
Not sure abt these


O16 - DPF: {0369528B-3082-11D2-9997-00A0C9B7A242} (PlaceWare Presentation-Upload Control) - http://www47.placeware.com/etc/pwe/trial2/placeware.aud.ieupload/UploadControl.cab

C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Eset\nod32krn.exe


Btw, have you other all other suggestions aswell

post back
0
 

Author Comment

by:cascade99
ID: 10946448
First of all, Sunray's help has been fantastic. I'm not completely out of the woods yet, but things are essentially good enough to use my machine again. Many, many thanks. The Codestarter recommended by TeleTech was very helpful too. I cannot believe how many hours I've burned on this. My analysis is that the problems were all about spyware, and perhaps nothing to do with viruses. I use NOD32 for virus checking and none of the other virus checking tools found anything else. But for spyware, I think (but am not sure) most of the credit goes to Spybot. It found a lot of things that AdAware did not catch. Then cleaning up everything questionable revealed by the other tools I think was important too. There still seems to be more processor time taken up than there should, so I guess the job is not finished. To answer Sunray's last comment, I also thought the Placeware one was fishy, and got rid of it. The nod32 ones are fine. I've been running that a long time. I will award 80% to Sunray and 20% to Teletech. Thanks again! I'm sure I'll be back on this topic. What an ordeal!
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 10946476
Great to get a good feedback from questioners/users of this site.

make sure to always update these tools and run them so that atleast spyware wont affect your machine
0
 
LVL 3

Expert Comment

by:Tele_tech
ID: 10946631
Thanks Cascade99
    Glad to have been of help...  Codestarter is pretty neat... still exploring some of the information it can give me... even about things that should be running...
have a good one....
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question