Very sluggish machine

[4on4off]

Hello,

My kids pc is running xp pro and lately has been extremely sluggish. I have ran malwarebytes(found nothing), sas(68 tracking cookies), tdskiller(found nothing) and eset(found 1 item listedas multiple threats related to frostwire appdata).

Any other suggestions?

Thank you

4

 

[Tekno Venus]

Hello 4,

I will reply to your question fully later, I am leaving to go to school in a few minutes. Whilst you wait, could you please post the system specs of the problem machine - RAM, CPU etc.

Thanks, and I will reply fully later. :)

Regards,
Stephen

 

[4on4off]

Hello Tekno,

Here are the specs for the machine in question:

System:

Microsoft Windows XP
Media Center Edition
Version 2002
Service Pack 3

HP Pavilion
Intel(R)
Pentium(R) 4 CPU 3.00GHz
3.00 GHZ 3.49 GB of RAM

I would like to also add I forgot that I had ran JRT and AdwareCleaner both of which removed several things and this pc has responded better since then but is still sluggish.

I understand the having of little time and that is absolutely not an issue. I myself work 12 Hour shifts and am getting ready to head in for one now so I will not be back until over 14 hours from now.

Thank you for the reply.

4

 

[usasma]

What antivirus are you using?
Can you take a look at Task Manager to see what's eating up the resources?

Task Manager:
Also, you can monitor the system for excessive resource consumption. To do this, open up Task Manager by right clicking on the Task Bar.
Then select the Processes tab.
Then select the "Show processes from all users" button (in the lower left)
Then select the View menu item, then select "Select columns"
In the Select columns window, place checkmarks next to I/O Reads and I/O Other.
Click OK to accept the changes.
Resize the Task Manager window so you can see the most of the columns.
Wait for the system to freeze/take up the resources.
Look at all of the columns to see if there's anything that looks excessively high - if so, let us know the Image name of the process.
NOTE: If the image name is svchost.exe - right click on it and select "Go to Service(s)" and let us know the Services that it highlights
FWIW - System Idle Process is supposed to have high CPU readings - anything else with high CPU readings is an issue.

 

[Wrench97]

Also too add it may be a good idea to have a look at the temperatures the system is running.

D/L and run Hardware Monitor do something intense like a virus scan or gaming for a bit, Alt+Tab back to HWM expand all the trees report the CPU, system and Video(if reported) temps.

 

[Tekno Venus]

Hello again 4,

Now I have some time, I have some ideas and steps for you to follow.

Disabling Start-Up Entries.

Download this program --> http://live.sysinternals.com/autoruns.exe <-- and run it. It's just an exe and does not need to install.

This will open the below window.

Once it has finished loading, click Options --> Filter Options. Check Verify Code Signatures, Hide Microsoft Entries, Hide Windows Entries and press OK. Go to the logon tab and disable any program you do not need running at startup. This program Autoruns, is basically a souped up version of msconfig, if you are familiar with this program. Under the other tabs, you can stop Internet Explorer addons loading, delete scheduled tasks and more. Look around, but be careful. It is VERY unlikely you'll break windows, but some things can break other programs that depend on them.

Upload your MSInfo32 file here

The msinfo32 file contains lots of useful information for me. Please upload it here for me to look at:

Click Start --> Run --> Type msinfo32 and press OK --> When it opens, click File, Save --> Save this file as msinfo32.nfo to a place you will remember --> Once it has finished gathering and saving info, right click this msinfo32.nfo file --> Click send to compressed (zipped) folder -> Upload the .zip file here.

Those instructions are based on Win7/Vista since I have no access to a XP machine at the moment, but if you have an issue, just say

Physically clean the system

This may not have a performance improvement, but will reduce temps and it is good to do occasionally anyway. :) Thanks to my friend Writhziden for these steps!

Dust Removal:

To remove dust, follow the subsequent general procedure. If you have a desktop bought from Dell, HP, Sony, Lenovo, etc. make sure removing the desktop casing will not void your warranty first. Call the company if you are still under warranty and ask if it is okay to remove the casing and blow dust out. The procedure described is fine for laptops; just make sure no stickers are on panels saying if you remove the panel it will void the warranty.

1. Shut down and turn off your computer.
2. Unplug all power supplies to the computer (AC Power then battery for laptops, AC power for desktops)
3. Hold down the power button for 30 seconds to close the circuit and ensure all power drains from components.
4. Remove the casing for a desktop, or remove any screwed on panels and disc drives for laptops.
5. Blow out the dust inside by using a can of compressed air or a low pressure compressor. You will want to put the computer on a desk or table so you can maintain the can in an upright position if using a can of air. Blow into all crevices on the motherboard, heat sinks, cards, modules, etc. for a desktop. Blow into vents, opened panels, disc drive areas, USB ports, and the keyboard if it is a laptop. You may also want to blow inside the disc drive by replacing the drive to the laptop, starting the computer, opening the drive, and then turning off the computer and removing all power as described above including the 30 second power button step. For a desktop, you may also want to blow inside the disc drive by starting the computer, opening the drive, and then turning off the computer and removing all power as described above including the 30 second power button step.
6. Replace casing for the desktop. Replace panels and disc drive (if you have not already done so) for the laptop.
7. Plug power supplies in. AC adapter for the desktop. Battery and then AC Adapter for the laptop.
8. Start the computer and see if performance is better.

Easier Laptop steps:

1. Get a can of compressed air...
2. Shut down and turn off your system...
3. Unplug the system from any docking stations...
4. Remove the AC Adapter and then remove the battery...
5. Hold down the power button for 30 seconds to ensure all power is drained from the components. This closes the circuit and allows any remaining power to dissipate; it also clears the temporary memory of corruption and resets hardware/software connections. No permanent changes are made to the system doing this step...
6. Use the can of compressed air to blow into every vent, crevice, keyboard key, USB port, VGA/monitor port, etc...
7. Replace the battery and then plug in the AC Adapter...
8. Replace the docking station...
9. See how the system runs after doing all these steps...

WARNING: Never use a vacuum cleaner or hair dryer to clean dust out of your system!!

A vacuum cleaner will cause static build-up and damage components due to the discharge. A hair dryer can cause components to heat up and possibly break solder joints; it may also cause static buildup on a cooler setting depending on the hair drier.

Anti-Virus

Same questions as usasma above, what anti-virus do you use? If it's an old version of Norton or Mcafee, try replacing it with something lighter like MSE or AVAST!

Install age?

When was the system last clean installed? Just wondering since I presume the system is quite old and Windows XP is not as good at keeping itself clean like Windows 7. Not saying you need to, just wondering.

Uninstall Programs

Sorry for stating the obvious here, but make sure to remove any unnecessary programs from the machine and update any old programs (Java, Flash, Adobe Reader etc)

Use Lighter Program Alternatives

This is a good tip. Use less resource intensive alternatives to traditional programs. For example, replace Yahoo! Messenger with Pidgin. A good list is here: Superior Alternatives to Crappy Windows Software or here: Free Alternative Lightweight Software for Windows (Part 1) | Chris Kankiewicz

Defrag

Normally I wouldn't recommend this on Windows 7 systems, but XP doesn't have automatic defrag and this program does work well on Windows XP. One thing to note, once the defrag has finished, please go to system restore and create a new restore point. The software does have a nasty habit of deleting old system restore points.

Download this program --> http://www.puransoftware.com/PuranDefragSetup.exe

Install it and then run it. Click the additional operations tab and select:
- Fill Gaps To Avoid Frequent Fragmentation
- Optimise Directories For Faster System Access
- Free some space for Windows temporary files on faster disk area
- Boost overall system speed with PIZOR

Then go back to the main tab, select your drive and then press Boot Time Defrag. Choose Restart-Defrag-Restart + Disk Check and press OK. The system will reboot and defrag.

Some other users may disagree with 3rd party defragmenters, but I have used Puran on many systems and it has done a great job, especially on XP


Hope this helps and covers most things.

Regards,
Stephen

 

[AceInfinity]

It's also something to mention that you should check your Event logs. Sometimes certain persistent errors/warnings and other critical messages are indications that something is having issues on your PC, but not only is it just an error, sometimes they can affect the performance of your overall system, depending on what the entries are. However, like a 2 sided coin, these messages give you information about what can be done to fix these issues too.

You could also check Adware with a utility called AdwCleaner. It is free, if you have to pay for it then you probably are getting a rouge version.

Do a virus scan.

Check taskmanager for Mem usage as well as CPU usage, and check for any heavy hitting running processes on both sides.

For defrag, there's a rule, of 7%-10% fragmentation, that you should do a defrag. I go by a 5% rule though.

Try booting in Safe mode or a clean boot state as well. Depending on whether or not your system is still sluggish at that point in time, then we can get a better indication of what might be going on here. If it isn't, then it's probably some programs, virus, or perhaps even a troublesome service causing the issue that isn't running from the clean boot or safe mode state. Otherwise, it could be something more severe. Do you have any USB devices? Make sure that any CD-roms or DVD's are not inside any CD drives that you have when testing.

What exactly is slow on your machine? Anything in particular? File-transfer? Network activity? If it is everything, then it's probably something just as easy as an overload of your CPU or RAM.

 

[Glaswegian]

Hi

Sorry to add to all the instructions you've been receiving but I'd like to see a Gmer log please.


Download GMER Rootkit Scanner from here to your desktop. It will be a randomly named executable.

• Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.
• Double click the exe file.
• The program will begin to run, and perform an initial scan. If possible rootkit activity is found, you will be asked if you would like to perform a full scan. Click No.
• In any case, after the initial scan is complete, click on the Save button, and save the log file somewhere you can easily find it, such as your desktop, and attach it in your reply.

 

[4on4off]

Hello all,

First I want to thank all of you for taking the time to give some input. I got off work 2 hours ago and went to dinner with my wife. Just got back home. I want to take some time to look over all the suggestions and work my way through them. I see that some overlap a bit and I wish to explore them all. I got home later than I expected and really need to get to bed as I have another 12 hour shift in the morning.

Thanks again to everyone and I will be getting through all of your instructions when I have more time over the next few days.

4

 

[usasma]

I was reading the posts and this is a heck of a lot of stuff for you to do!
Take your time and just work through things step by step/post by post.
We'll be here when you start posting results.
Good luck!

 

[4on4off]

What antivirus are you using?
Can you take a look at Task Manager to see what's eating up the resources?

Task Manager:
Also, you can monitor the system for excessive resource consumption. To do this, open up Task Manager by right clicking on the Task Bar.
Then select the Processes tab.
Then select the "Show processes from all users" button (in the lower left)
Then select the View menu item, then select "Select columns"
In the Select columns window, place checkmarks next to I/O Reads and I/O Other.
Click OK to accept the changes.
Resize the Task Manager window so you can see the most of the columns.
Wait for the system to freeze/take up the resources.
Look at all of the columns to see if there's anything that looks excessively high - if so, let us know the Image name of the process.
NOTE: If the image name is svchost.exe - right click on it and select "Go to Service(s)" and let us know the Services that it highlights
FWIW - System Idle Process is supposed to have high CPU readings - anything else with high CPU readings is an issue.

Usama,

I did as you instructed and I found nothing that was showing up as far as cpu usage that was excessive. When first was looking into this though I did see that my bullguard scanner was running and sucking up around 50% in regards to cpu usage.

My anitvirus I use is bullguard. I have used it for maybe ten years. It is a paid service that I like and find to be user friendly and dependable.

 

[4on4off]

Also too add it may be a good idea to have a look at the temperatures the system is running.

D/L and run Hardware Monitor do something intense like a virus scan or gaming for a bit, Alt+Tab back to HWM expand all the trees report the CPU, system and Video(if reported) temps.

Wrench,

I ran HWM as you instructed. I tried to upload a screen shot of the results but that did not work so I will do my best to type up what is there temp wise:

Temperatures Value min max
THRM 40C 40C 40C
Internal 36C 33C 36C
Diode2 58C 56C 64C

Assembly 32C 29C 32C

I could not find anything that specified CPU, System or Video


This was done during a scan with bullguard.

Let me know if I screwed this up and I will try again.

 

[4on4off]

Hello again 4,

Now I have some time, I have some ideas and steps for you to follow.

Disabling Start-Up Entries.

Download this program --> http://live.sysinternals.com/autoruns.exe <-- and run it. It's just an exe and does not need to install.

This will open the below window.
View attachment 3414
Once it has finished loading, click Options --> Filter Options. Check Verify Code Signatures, Hide Microsoft Entries, Hide Windows Entries and press OK. Go to the logon tab and disable any program you do not need running at startup. This program Autoruns, is basically a souped up version of msconfig, if you are familiar with this program. Under the other tabs, you can stop Internet Explorer addons loading, delete scheduled tasks and more. Look around, but be careful. It is VERY unlikely you'll break windows, but some things can break other programs that depend on them.

Upload your MSInfo32 file here

The msinfo32 file contains lots of useful information for me. Please upload it here for me to look at:

Click Start --> Run --> Type msinfo32 and press OK --> When it opens, click File, Save --> Save this file as msinfo32.nfo to a place you will remember --> Once it has finished gathering and saving info, right click this msinfo32.nfo file --> Click send to compressed (zipped) folder -> Upload the .zip file here.

Those instructions are based on Win7/Vista since I have no access to a XP machine at the moment, but if you have an issue, just say

Physically clean the system

This may not have a performance improvement, but will reduce temps and it is good to do occasionally anyway. :) Thanks to my friend Writhziden for these steps!

Dust Removal:

To remove dust, follow the subsequent general procedure. If you have a desktop bought from Dell, HP, Sony, Lenovo, etc. make sure removing the desktop casing will not void your warranty first. Call the company if you are still under warranty and ask if it is okay to remove the casing and blow dust out. The procedure described is fine for laptops; just make sure no stickers are on panels saying if you remove the panel it will void the warranty.

1. Shut down and turn off your computer.
2. Unplug all power supplies to the computer (AC Power then battery for laptops, AC power for desktops)
3. Hold down the power button for 30 seconds to close the circuit and ensure all power drains from components.
4. Remove the casing for a desktop, or remove any screwed on panels and disc drives for laptops.
5. Blow out the dust inside by using a can of compressed air or a low pressure compressor. You will want to put the computer on a desk or table so you can maintain the can in an upright position if using a can of air. Blow into all crevices on the motherboard, heat sinks, cards, modules, etc. for a desktop. Blow into vents, opened panels, disc drive areas, USB ports, and the keyboard if it is a laptop. You may also want to blow inside the disc drive by replacing the drive to the laptop, starting the computer, opening the drive, and then turning off the computer and removing all power as described above including the 30 second power button step. For a desktop, you may also want to blow inside the disc drive by starting the computer, opening the drive, and then turning off the computer and removing all power as described above including the 30 second power button step.
6. Replace casing for the desktop. Replace panels and disc drive (if you have not already done so) for the laptop.
7. Plug power supplies in. AC adapter for the desktop. Battery and then AC Adapter for the laptop.
8. Start the computer and see if performance is better.

Easier Laptop steps:

1. Get a can of compressed air...
2. Shut down and turn off your system...
3. Unplug the system from any docking stations...
4. Remove the AC Adapter and then remove the battery...
5. Hold down the power button for 30 seconds to ensure all power is drained from the components. This closes the circuit and allows any remaining power to dissipate; it also clears the temporary memory of corruption and resets hardware/software connections. No permanent changes are made to the system doing this step...
6. Use the can of compressed air to blow into every vent, crevice, keyboard key, USB port, VGA/monitor port, etc...
7. Replace the battery and then plug in the AC Adapter...
8. Replace the docking station...
9. See how the system runs after doing all these steps...

WARNING: Never use a vacuum cleaner or hair dryer to clean dust out of your system!!

A vacuum cleaner will cause static build-up and damage components due to the discharge. A hair dryer can cause components to heat up and possibly break solder joints; it may also cause static buildup on a cooler setting depending on the hair drier.

Anti-Virus

Same questions as usasma above, what anti-virus do you use? If it's an old version of Norton or Mcafee, try replacing it with something lighter like MSE or AVAST!

Install age?

When was the system last clean installed? Just wondering since I presume the system is quite old and Windows XP is not as good at keeping itself clean like Windows 7. Not saying you need to, just wondering.

Uninstall Programs

Sorry for stating the obvious here, but make sure to remove any unnecessary programs from the machine and update any old programs (Java, Flash, Adobe Reader etc)

Use Lighter Program Alternatives

This is a good tip. Use less resource intensive alternatives to traditional programs. For example, replace Yahoo! Messenger with Pidgin. A good list is here: Superior Alternatives to Crappy Windows Software or here: Free Alternative Lightweight Software for Windows (Part 1) | Chris Kankiewicz

Defrag

Normally I wouldn't recommend this on Windows 7 systems, but XP doesn't have automatic defrag and this program does work well on Windows XP. One thing to note, once the defrag has finished, please go to system restore and create a new restore point. The software does have a nasty habit of deleting old system restore points.

Download this program --> http://www.puransoftware.com/PuranDefragSetup.exe

Install it and then run it. Click the additional operations tab and select:
- Fill Gaps To Avoid Frequent Fragmentation
- Optimise Directories For Faster System Access
- Free some space for Windows temporary files on faster disk area
- Boost overall system speed with PIZOR

Then go back to the main tab, select your drive and then press Boot Time Defrag. Choose Restart-Defrag-Restart + Disk Check and press OK. The system will reboot and defrag.

Some other users may disagree with 3rd party defragmenters, but I have used Puran on many systems and it has done a great job, especially on XP


Hope this helps and covers most things.

Regards,
Stephen

Tekno,

I ran the autoruns as you instructed and there was only my bullguard running at start up along with the adobe, java, and a couple of microsoft items.

I will attemtp to upload the zip file of the msinfo32 file.

I use bullguard and have for atleast ten years.

Not for sure about the last clean install but I will venture to guess it is atleast 8 years.

will have to get with the kids about the programs that are installed.

I am currently at this time using the program you suggest to defrag the machine in question. It was so sluggish when I tried to do these replies that I moved the requested files to thumb and to my machine which I am using while I am typing this up.

 

[4on4off]

Hi

Sorry to add to all the instructions you've been receiving but I'd like to see a Gmer log please.


Download GMER Rootkit Scanner from here to your desktop. It will be a randomly named executable.

• Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.
• Double click the exe file.
• The program will begin to run, and perform an initial scan. If possible rootkit activity is found, you will be asked if you would like to perform a full scan. Click No.
• In any case, after the initial scan is complete, click on the Save button, and save the log file somewhere you can easily find it, such as your desktop, and attach it in your reply.

Glaswegian

I ran the GMER as you instructed and only did the initial scan. I will attempt to attach it.

 

[4on4off]

It's also something to mention that you should check your Event logs. Sometimes certain persistent errors/warnings and other critical messages are indications that something is having issues on your PC, but not only is it just an error, sometimes they can affect the performance of your overall system, depending on what the entries are. However, like a 2 sided coin, these messages give you information about what can be done to fix these issues too.

You could also check Adware with a utility called AdwCleaner. It is free, if you have to pay for it then you probably are getting a rouge version.

Do a virus scan.

Check taskmanager for Mem usage as well as CPU usage, and check for any heavy hitting running processes on both sides.

For defrag, there's a rule, of 7%-10% fragmentation, that you should do a defrag. I go by a 5% rule though.

Try booting in Safe mode or a clean boot state as well. Depending on whether or not your system is still sluggish at that point in time, then we can get a better indication of what might be going on here. If it isn't, then it's probably some programs, virus, or perhaps even a troublesome service causing the issue that isn't running from the clean boot or safe mode state. Otherwise, it could be something more severe. Do you have any USB devices? Make sure that any CD-roms or DVD's are not inside any CD drives that you have when testing.

What exactly is slow on your machine? Anything in particular? File-transfer? Network activity? If it is everything, then it's probably something just as easy as an overload of your CPU or RAM.

AceInfinity,

I am currently runing a defrag on the machine in question as I gave up with as sluggish as it was. When I am able to get it moving at a decent clip again I will check the event log and try booting in sage mode.

I did run adwarecleaner and it removed alot of stuff, I ran JRT...junkware remover as well and it to removed quite a bit of stuff.

The cpu usage showed nothing really hogging up any usage.

pretty much I can start it up and get to the home page and whenever I try to do anyting such as access this website and reply it takes a long time to do anyting and I keep getting a not responding message on the top of the brower window. I gave up and started the defrag, moved the files I needed to reply to others to my machine and I am typing this up on it at the moment.

 

[4on4off]

Whew,,,,,,,I think I got to everybody,,,,need to take a break and grab a beer.....

 

[usasma]

There doesn't appear to be anything hugely wrong with this installation (I am not qualified to read the GMER log tho').
As such I'd have to suspect that the Windows installation is just getting old and it needs a refresh.

This was common with XP systems years ago, and the solution was a wipe and reinstall of Windows. It's due to the cumulative effect of years of updates/installations/removals on the system.

 

[satrow]

A note on thisisu's JRT (I've only used it once, on my own W7x64), I consider it a post-diagnostic cleaner, as it removes the Windows log files.

Have you checked the speed of the IDE/ATA channels in Device Manager? If the hard drive channel has dropped to PIO, it will have a drastic effect on Windows' speed: DMA reverts to PIO | Windows Problem Solver

5. Check Your IDE Port Mode

First check what mode your secondary IDE port is currently working in. Go to Device Manager: right-click on My Computer, select Properties, click on the Hardware tag, click on the Device Manager button, click on the plus sign to the left of IDE ATA/ATAPI Controller, double-click on the secondary IDE channel, click on Extended Settings and check whether it is set to DMA when available. Directly underneath that setting is a grey field that shows the actual working mode of your IDE channel. You want the highest possible DMA or Ultra DMA mode there, and you definitely don't want PIO mode.

If the Extended Settings tab is not there, perhaps another driver is used, probably from the manufacturer of the IDE ATAPI controller. You can still perform a simple test. In the Task Manager activate the option View, Show kernel times. Then put a high load on the device, for example by copying a large file, and check whether the kernel times are minimal (red line). If you observe considerable kernel times, roughly around half of the total load, then the device is running in PIO mode, which is bad. The whole purpose of the DMA mode is to relieve the processor (in kernel mode) of this load.

 

[Wrench97]

Temps look fine.

 

[Tekno Venus]

Hey 4,

Good work on completing all the instructions given, it's nice to work with someone co-operative! :)

Thanks for all the information. I have looked at your MSInfo32 file and see a couple of entries that stick out.

Number 1 - FrostWire

This is a BitTorrent application. Torrenting is a well known source of virus and malware infections. You mention this is your kid's machine and that worries me. Have you ever told your kids the dangers of torrenting? Unknowing Children + Torrents = Virus infection 90% of the time! I'm not telling you how to be a parent (I'm only 15!) but I don't recommend the use of torrenting. Not to mention the fact that getting illegal/pirated stuff from torrents is far too easy.

Number 2 - Registry Boost 2, SpeedUpMyPC, System Tweaker

These are optimisation and tweaking software. I feel that this may be the root cause of your issues. These programs often do far more harm than good and can render a Windows install useless, corrupted and slow. I do have personal experience of this. This type of software deleted registry entries it regards as unneeded. However, it has a tendency to be far too aggressive and delete required entries. Far from curing windows errors, this software is normally the cause of it!

---------

I think I agree with usasma's post that a re-install may be the best option. However, before we go there, I want to rule out a hardware problem. This may sound strange advice, but I would like you to create an Ubuntu Live CD. Why? You can boot to an Ubuntu live CD and try Ubuntu without any change to your windows install or data. It is 100% safe and boots from the CD only. You don't have to install it, you can try it straight from the CD.

If you are comfortable doing this, it would prove a few things. If Ubuntu is usable without evident slow down or issues, we can say that it is a problem with your windows install. However, if you find Ubuntu to be laggy, slow and unresponsive in the same way Windows is, you have a hardware problem.

Instruction for doing this can be found here --> Try Ubuntu before you install it | Ubuntu.

In Ubuntu, just do some simple things like browsing the web (Firefox is included) and create a document. You don't have to do much, just get a feel for the system. When you're done, shut down Ubuntu and remove it from the CD drive. Reboot the PC as normal.

However, if you don't feel confident with this, don't worry. :)

If you're interested, here's how to repair install Windows XP --> https://www.sysnative.com/forums/wi...epair-install-windows-windows-windows-xp.html

Regards,
Stephen