Jump to content


Photo

Windows Running Slowly


  • Please log in to reply
1 reply to this topic

#1 SmokingMirror

SmokingMirror

    Member

  • Full Member
  • Pip
  • 34 posts

Posted 03 June 2004 - 04:25 AM

History

I've very recently upgraded my machine by purchasing a new hard drive (160GB Seagate 7200 UltraATA).
My previous hard drive setup was a 10GB 7200 Maxtor (which held Windows and all files not classified as work or games), and a Seagate 7200 20GB (which held all my work files and games). The latter drive was beginning to prove itself a little small for my purposes, so I copied everything from my old Seagate drive to the new one, then formatted it and cloned the Maxtor drive onto the 20 GB Seagate, effectively making myself a new 20GB master hard drive.

The current setup now then is a 20 GB Seagate Master drive which contains nothing but Windows and all its required files, along with all my various pieces of software, and a 160 GB Seagate slave drive, which holds everything else. Both drives are on a single IDE cable and are Ultra DMA activated.

I'm running Windows 2000 (SP4) on a 2Gz AMD machine with 1GB DDR RAM. It's a self-build machine, the fourth I've built, so I'm very familiar with PC setup, correct connecting of cables, etc.


Problem Overview

However, all is not well. Whilst nothing has actually gone wrong or stopped working, Windows now takes three to four times longer to perform tasks than it did before. It's by no means unusuable, but the difference is very noticable, and I'm irritated by not knowing why.
Logon and shutdown seem painfully sluggish, and there is even a noticeable delay between a simple folder click and the folder actually opening. Carrying out processor heavy tasks in Windows - such as one of my frequent virus checks - now seems to take an eon.

The cabling is fine, as are the drive setups. BIOS is happy, and there doesn't appear to be any problems with Ultra DMA mode (which is enabled and running for both drives), so I'm not 100% convinced that this is a hardware problem.
I do have a vague idea that perhaps trying to save myself time by cloning one disk onto another, instead of spending a day or two doing a proper fresh reinstall of Windows, may be to blame, but I'm not absolutely convinced of that.

In addition to this slowness, Windows is also exhibiting some strange behaviour. Very often on startup now, ZA (ZoneAlarm) will pop up with a standard Windows file (normally services.exe, svchost.exe, or iexplore.exe) telling me that it has requested internet permission, and that - oddly - the reason for the popup is that the file has changed since it last accessed the internet. This never occurred with my old setup, and also seems to be happening everytime I start the PC.
In an effort to clean out my system, I've run AVG, Ad-Aware, Spybot, and both checked the two disks and defragmented them, but still get the same problems.


Conclusion

So, after that lengthy explaination, do any of you lovely people have any bright ideas as to why my PC has suddenly decided to rebel against me? Is there a software problem, or is it - as I strongly suspect - my PC getting revenge for the years of me telling it it's useless?


Hijack This! and Startup List Logs

StartupList report, 03/06/2004, 10:26:02
StartupList version: 1.40.3
Started from : C:\Documents and Settings\Evil\Desktop\Tools\StartupList.EXE
Detected: Windows 2000 SP4 (WinNT 5.00.2195)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================

Running processes:

C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINNT\runservice.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\Program Files\AnalogX\CookieWall\cookie.exe
C:\Program Files\Free Surfer\fs20.exe
C:\WINNT\Mixer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Evil\Desktop\Tools\StartupList.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINNT\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Tweak UI = RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
AVG_CC = C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
CookieWall = C:\Program Files\AnalogX\CookieWall\cookie.exe
freesurfer = C:\Program Files\Free Surfer\fs20.exe
NvCplDaemon = RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /install
Synchronization Manager = mobsync.exe /logon
C-Media Mixer = Mixer.exe /startup
Zone Labs Client = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINNT\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = "C:\WINNT\System32\shmgrate.exe" OCInstallUserConfigIE

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = "C:\WINNT\System32\shmgrate.exe" OCInstallUserConfigOE

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{6A5110B5-E14B-4268-A065-EF89FF33C325}] *
StubPath = regsvr32.exe /s /n /i:"S 2 true 3 true 4 true 5 true 6 true 7 true" initpki.dll

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\System32\ie4uinit.exe

[{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}] *
StubPath = %SystemRoot%\System32\updcrl.exe -e -u %SystemRoot%\System32\verisignpub1.crl

--------------------------------------------------

Load/Run keys from C:\WINNT\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

*Registry value not found*
*Registry value not found*
*Registry key not found*
*Registry key not found*
*Registry value not found*
*Registry value not found*
*Registry key not found*
*Registry key not found*

--------------------------------------------------

Shell & screensaver key from C:\WINNT\SYSTEM.INI:

*INI section not found*
*INI section not found*
*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINNT\system32\ssbezier.scr
*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINNT\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINNT\Explorer\Explorer.exe: not present
C:\WINNT\System\Explorer.exe: not present
C:\WINNT\System32\Explorer.exe: not present
C:\WINNT\Command\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll - {206E52E0-D52E-11D4-AD54-0000E86C26F6}

--------------------------------------------------

Enumerating Download Program Files:

[Infotl Control]
InProcServer32 = C:\WINNT\DOWNLO~1\EBRARY~1.OCX
CODEBASE = http://site.ebrary.c...s/ebraryRdr.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\WINNT\system32\Macromed\Director\SwDir.dll
CODEBASE = http://download.macr...director/sw.cab

[ICSScannerLight Class]
InProcServer32 = C:\WINNT\Downloaded Program Files\ICSScannerLight.dll
CODEBASE = http://download.zone...ee/cm/ICSCM.cab

[Yahoo! Audio Conferencing]
InProcServer32 = C:\WINNT\DOWNLO~1\yacscom.dll
CODEBASE = http://us.chat1.yimg...v45/yacscom.cab

[YInstStarter Class]
InProcServer32 = C:\WINNT\Downloaded Program Files\yinsthelper.dll
CODEBASE = http://us.dl1.yimg.c...s/yinst0401.cab

[GSDACtl Class]
InProcServer32 = C:\WINNT\Downloaded Program Files\gsda.dll
CODEBASE = https://www.gamespyid.com/alaunch.cab

[HouseCall Control]
InProcServer32 = C:\WINNT\DOWNLO~1\xscan53.ocx
CODEBASE = http://a840.g.akamai...all/xscan53.cab

[Yahoo! Audio UI1]
InProcServer32 = C:\WINNT\Downloaded Program Files\yacsui.dll
CODEBASE = http://chat.yahoo.com/cab/yacsui.cab

[AvxScanOnline Control]
InProcServer32 = C:\WINNT\DOWNLO~1\BITDEF~1.OCX
CODEBASE = http://www.bitdefend...bitdefender.cab

[ParallelGraphics Cortona Control]
InProcServer32 = C:\WINNT\Downloaded Program Files\cortona_control.dll
CODEBASE = http://www.parallelg...in/cortvrml.cab

[Yahoo! Webcam Upload Wrapper]
InProcServer32 = C:\WINNT\Downloaded Program Files\CONFLICT.1\yuplapp.dll
CODEBASE = http://chat.yahoo.com/cab/yuplapp.cab

[Update Class]
InProcServer32 = C:\WINNT\System32\iuctl.dll
CODEBASE = http://v4.windowsupd...7922.0827430556

[SassCln Object]
InProcServer32 = C:\WINNT\Downloaded Program Files\SassCln.dll
CODEBASE = http://www.microsoft.../20/SassCln.CAB

[Shockwave Flash Object]
InProcServer32 = C:\WINNT\system32\macromed\flash\Flash.ocx
CODEBASE = http://fpdownload.ma...ash/swflash.cab

[Yahoo! Webcam Viewer Wrapper]
InProcServer32 = C:\WINNT\Downloaded Program Files\yvwrctl.dll
CODEBASE = http://chat.yahoo.com/cab/yvwrctl.cab

--------------------------------------------------
End of report, 8,266 bytes
Report generated in 0.070 seconds

******************************************************************

Logfile of HijackThis v1.97.2
Scan saved at 10:25:41, on 03/06/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINNT\runservice.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\Program Files\AnalogX\CookieWall\cookie.exe
C:\Program Files\Free Surfer\fs20.exe
C:\WINNT\Mixer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Evil\Desktop\Tools\HijackThis.exe

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\MSDXM.OCX
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [CookieWall] C:\Program Files\AnalogX\CookieWall\cookie.exe
O4 - HKLM\..\Run: [freesurfer] C:\Program Files\Free Surfer\fs20.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: Download &All by FD - C:\Program Files\FreshDevices\FreshDownload\fdiectx2.htm
O8 - Extra context menu item: Download with &FD - C:\Program Files\FreshDevices\FreshDownload\fdiectx.htm
O9 - Extra button: Free Surfer (HKLM)
O9 - Extra 'Tools' menuitem: Free Surfer (HKLM)
O9 - Extra button: NeoTrace It! (HKCU)
O16 - DPF: ConferenceRoom Java Client - http://www.streamcha...000/java/cr.cab
O16 - DPF: KANA IQ LiveA - http://dmzchatonly.e...srvs/eu/eu1.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: Yahoo! Literati - http://download.game...nts/y/tt1_x.cab
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt0_x.cab
O16 - DPF: Yahoo! Reversi - http://download.game...nts/y/rt0_x.cab
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.c...s/ebraryRdr.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...director/sw.cab
O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zone...ee/cm/ICSCM.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg...v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...s/yinst0401.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefend...bitdefender.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelg...in/cortvrml.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...7922.0827430556
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft.../20/SassCln.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.ma...ash/swflash.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab

Edited by SmokingMirror, 03 June 2004 - 04:27 AM.


#2 SmokingMirror

SmokingMirror

    Member

  • Full Member
  • Pip
  • 34 posts

Posted 04 June 2004 - 06:20 AM

***bump***




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button