Computer suddenly very very slow

I have a Dell Inspiron with W2K installed. It has been superb for about 3 years. Snappy and reliable. I have 384Meg memory (900 virtual) and about 10 Gig free disk space. Suddenly a couple days ago this computer started running painfully slow. The CPU usage is nearly 100%, even after rebooting (which I have done more than a dozen times). I have always run up-to-date virus checking tools, and have done a complete scan of the drive (it found nothing). I've run AdAware and turned up nothing. I can't see any obvious culprits in the list of processes. As it is now, I can barely launch explorer and notepad. I've uninstalled anything that is non-essential.

Until a couple days ago, I would run several applications at once and zip around easily. This is a nightmare! Am almost out of commission. Am trying to shift some of my work to another computer, but as you know, that is not so easy. Any tips, suggestions, ideas, or even calming words would be appreciated! Thanks!
cascade99Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
sunray_2003Connect With a Mentor Commented:
Try doing these


a) download msconfig from here and dictate the startup programs
http://www.techadvice.com/win2000/m/msconfig_w2k.htm
install it , run it . go to startup tab once it runs and disbale all applications. Reboot the machine and check if it would work sooner. There could be some unwanted application that starts during the bootup and might be using the CPU.

b) Download the latest patches and security updates .

c) Check for unwanted starting services and disable them
http://www.blackviper.com/WIN2K/win2kservice411.htm

d) Try doing system file checking ( start ---> run --> sfc /scannow)
http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q222/4/71.ASP&NoWebContent=1

e) Have you already done defragmentation and Disk cleanup

f) go to start --> run ---> typein : %temp% and remove all the files inside that folder.

g) You may also want to run other spyware tools in this post http:Q_20945897.html ( post log from hijackthis)

h) Try using this to check which one is consuming more usage
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml

How to Break Down the System Process
http://support.microsoft.com/default.aspx?scid=kb;en-us;295714

http://search.webattack.com/get/pstools.shtml

there could be other suggestions that I might be missing. You may want to use recovery console if nothing of the above helps.
0
 
LucFEMEA Server EngineerCommented:
Hi cascade99,

Please check the Task manager to find out what process is hogging up all the CPU time.

Greetings,

LucF
0
 
YarnoSGCommented:
Check for malware/spyware -  someone around here has a big list of tools-  a small one can be found at www.onlinedangers.com/resources.php
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
Tele_techConnect With a Mentor Commented:
I agree that you need to find out what is running.. what process...

Download Codestarter after running Spy bot (my preference) or which ever
This software will tell you what is loading when your computer is starting up.... and what process are running.. with descriptions and companies that make it
I have found it very useful in cleaning up an infected machine.

http://codestuff.netfirms.com/download.shtml

also....

download stinger  ... this is an one shot hard clean by network associates...  

http://vil.nai.com/vil/stinger/
0
 
cascade99Author Commented:
Sunray gave me a lot of things to try.. and I have worked through most of them. True I have learned a lot and cleaned up a lot of messes. In particular, Spybot S&D found a lot of nasty stuff. Plus I have cleared out many unnecessary services and programs automatically starting up. So I have a healthier machine...BUT

Unfortunately, the problem is still bad. From the moment I boot up, the CPU time is anywhere between 50 and 100%. Here is the report from HIjackThis. I am desperate to get my machine restored.. so I am still hoping that you (or someone) have some more advice. I can make the machine available through NetMeeting.

Logfile of HijackThis v1.97.7
Scan saved at 1:39:51 PM, on 4/28/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\System32\mnmsrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINNT\system32\regsvc.exe
C:\Program Files\Dantz\Client\Remotsvc.exe
C:\Program Files\Dantz\Client\retroclient.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINNT\system32\taskmgr.exe
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\temp\_a\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://kelut.objectpublish.com/catalogs/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - Global Startup: D-Link AirPlus Xtreme G Configuration Utility.lnk = C:\Program Files\D-Link AirPlus Xtreme G\AirPlus.exe
O4 - Global Startup: timeset.bat.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O10 - Broken Internet access because of LSP provider 'imon.dll' missing
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0369528B-3082-11D2-9997-00A0C9B7A242} (PlaceWare Presentation-Upload Control) - http://www47.placeware.com/etc/pwe/trial2/placeware.aud.ieupload/UploadControl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/en/deleon/1.1.48-deleon/GoogleNav.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://ftp.us.dell.com/fixes/PROFILER.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37837.9193634259
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://transcend.webex.com/client/latest/webex/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = DPA_DEV.COM
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F0C04BB-E0CC-4F63-87A7-A90EA7B14DEA}: NameServer = 209.144.50.135,209.144.50.113
O17 - HKLM\System\CCS\Services\Tcpip\..\{3BF7A26A-8D0F-48A0-B38C-F74850CC88CA}: NameServer = 209.144.50.135,209.144.50.113
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = DPA_DEV.COM
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 209.102.90.161
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = DPA_DEV.COM
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 209.102.90.161
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = DPA_DEV.COM
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 209.102.90.161
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 209.102.90.161

0
 
cascade99Author Commented:
I just saw the posting by TeleTech. Will try both now.
0
 
sunray_2003Commented:
Not sure abt these


O16 - DPF: {0369528B-3082-11D2-9997-00A0C9B7A242} (PlaceWare Presentation-Upload Control) - http://www47.placeware.com/etc/pwe/trial2/placeware.aud.ieupload/UploadControl.cab

C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Eset\nod32krn.exe


Btw, have you other all other suggestions aswell

post back
0
 
cascade99Author Commented:
First of all, Sunray's help has been fantastic. I'm not completely out of the woods yet, but things are essentially good enough to use my machine again. Many, many thanks. The Codestarter recommended by TeleTech was very helpful too. I cannot believe how many hours I've burned on this. My analysis is that the problems were all about spyware, and perhaps nothing to do with viruses. I use NOD32 for virus checking and none of the other virus checking tools found anything else. But for spyware, I think (but am not sure) most of the credit goes to Spybot. It found a lot of things that AdAware did not catch. Then cleaning up everything questionable revealed by the other tools I think was important too. There still seems to be more processor time taken up than there should, so I guess the job is not finished. To answer Sunray's last comment, I also thought the Placeware one was fishy, and got rid of it. The nod32 ones are fine. I've been running that a long time. I will award 80% to Sunray and 20% to Teletech. Thanks again! I'm sure I'll be back on this topic. What an ordeal!
0
 
sunray_2003Commented:
Great to get a good feedback from questioners/users of this site.

make sure to always update these tools and run them so that atleast spyware wont affect your machine
0
 
Tele_techCommented:
Thanks Cascade99
    Glad to have been of help...  Codestarter is pretty neat... still exploring some of the information it can give me... even about things that should be running...
have a good one....
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.