# Solved: Very slow startup, XP SP2 Dell Dimension 2400

Discussion in 'Windows XP' started by Josiah Willard, Jan 18, 2007.

Not open for further replies.

Joined:
Jan 18, 2007
Messages:
9
We have a Dell Dimension 2400 with Windows XP installed. We also have Norton Internet Security 2007, Windows Defender, and do not seem to have any viruses or spyware. Out hard drive is just under half full (17.5 GB of 37.2 GB).

It takes 5 or 6 minutes from the time we turn on the computer until we can actually do something with it (connect to the internet with IE or check email with Outlook 2003). I uninstalled Google Desktop and turned off Windows Messenger (from the start menu), both of which helped some (used to be even slower). I have tried to uninstall Dell Alert (which starts every time) but am unable to with Uninstall Programs and cannot find DAMon.exe to just delete that.

Once it is up and running, the PC is reasonably fast (the problem is just at the startup and first 5 to 10 minutes). I have a newer laptop I use on our wireless network and it connects very quickly to the internet so that is not the problem (as far as I can tell). We did recently switch from a cable modem to slightly slower DSL.

I read some other threads, and it sounds like our problem is at least partly just too many things starting up, so I would like to turn some off on startup, but leave them where we could run them from the Start menu if needed. I would not mind removing Dell Alert entirely, or any other malware.

I just ran HijackThis and will paste the log file below. If there are some programs you don't recognize, please ask. My wife has some library supply company software for her work on this PC that may be unusual. She telecommutes, but is on leave right now so that software has not been changed or updated in a few months at least.

"Josiah Willard"

Logfile of HijackThis v1.99.1
Scan saved at 9:12:17 PM, on 1/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\QUICKENW\QWDLLS.EXE
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\Melissa C. Mahler\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.lycoming.edu/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [DwlClient] c:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe
O4 - Global Startup: Billminder.lnk = C:\QUICKENW\BILLMIND.EXE
O4 - Global Startup: Quicken Startup.lnk = C:\QUICKENW\QWDLLS.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1123643380109
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lycocam9.lycoming.edu/activex/AxisCamControl.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.verizon.net/whatsnext/checkmypc/includes/MotivePreQual.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

2. ### Old Rich

Joined:
Jan 17, 2003
Messages:
10,254
Norton Internet Security is likely the primary culprit on the slow start up issue . . it can bring a older system to its' knees

These are not necessary and can be disabled in startup

C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\QUICKENW\QWDLLS.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe

3. ### blkwlnt64

Joined:
Mar 28, 2005
Messages:
651
Hi simpswr, I think we should wait for 1 of the moderators on this one. Java level is very out of date and I am not sure if Norton is totally installed properly because of the number of 'file missing's in the O23 section of the log.

4. ### Old Rich

Joined:
Jan 17, 2003
Messages:
10,254
Is Norton ever properly installed?

Good catch on the Java . . missed that . .

Joined:
Jan 18, 2007
Messages:
9
Thanks very much for your feedback. FYI, we had Norton Internet Security 2006 and it was not anywhere near this slow at first and then in the past 3-4 months perhaps the startup has slowed down considerably.

Dell Alert starts every time, but I never use it and would like to get rid of it. The computer does not let us do anything else until after Dell Alert's icon pops up on the lower right corner, which is why I think it might be part of the problem.

Also to be honest, I am not sure what happens with Hijack This if I check a box and hit fix this - is that deleting the file or just stopping it from running on startup? I am good at following directions (I turned off WIndows Messenger from the Microsoft directions) but am not sure how to prevent these things from starting up if Hijack This is not the tool to use.

I will wait until there is consensus on what to do, and apologize for the slow reply - I thought it might take much longer to hear anything back. Thanks again, JW

Joined:
Jun 17, 2005
Messages:
3,148
7. ### Old Rich

Joined:
Jan 17, 2003
Messages:
10,254
You can uninstall the Dell Support or just disable it from the startup list, without interfereing with anything else . . just post another HJT list in the Security Forum if you want a security guru to look at it.

To disable from startup . . click on Start . . Run . . type msconfig . . click on Startup Tab. Uncheck the item for Dell Alerts ( and any other Dell stuff that may be in there as well ). When it restarts, put a check in the "do not bother me" line.

To uninstall . . go to Control Panel and uninstall it.

Joined:
Jan 18, 2007
Messages:
9
Thanks everyone - as I wrote in my original report for some reason I am unable to uninstall Dell Alert from the control panel:

"I have tried to uninstall Dell Alert (which starts every time) but am unable to with Uninstall Programs and cannot find DAMon.exe to just delete that."

The uninstall starts and then just exits. I have searched on the web and seen that problem listed elsewhere too, but if I can turn it off so it does not start up, I will try that before uninstalling it.

So should I still wait on a moderator or should I try turning off Dell Alert (first) and then Windows Defender?

Appreciate the help very much, JW

9. ### Old Rich

Joined:
Jan 17, 2003
Messages:
10,254
Turning off Dell alerts will not affect anyting else as long as you post another HJT after you do . . why Defender?

10. ### Old Rich

Joined:
Jan 17, 2003
Messages:
10,254
That is typical of NIS as it starts loading up on updates and running scans . . It is almost as bad a pest as AOL

11. ### Rich-M

Joined:
May 3, 2006
Messages:
22,443
Personally I would uninstall Defender too, it is useless.

Joined:
Jan 18, 2007
Messages:
9
Thanks again to everyone. Replying to the last three posts, TRS 80 Vet posted a link to a link that Defender can cause this exact problem. I have Defender and will uninstall it - my vague recollection is that there was a Defender update about the time this problem became pronounced.

As I said, I have had Norton Internet Security 2006 installed from Jan 2006 and the problem only started after July, so although I do not doubt that it slows the startup process, I do not see how it could be the only reason for it. If the "NIS accumulation equals slowdown" theory is correct, wouldn't I have seen a gradual slowdown? This was a very marked, sudden increase in boot time, not gradual. And wouldn't installing new NIS 2007 a few weeks ago have made things better as there is not much accumulated yet?

In any case I am at work and can not uninstall or turn anything off at home until about 6 -7 hours from now. I will try to: 1) disable Dell Alerts in start up, and 2) then uninstall Defender. I will reboot after each to see what effect it has on the computer. I will also 3) try to disable the other items mentioned above in start up. They are:

"C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\QUICKENW\QWDLLS.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe"

I have several questions.
1) Is this proposed course of action OK, or should I still wait on a moderator's advice?
2) If this OK, is the proposed order OK or should I do these in a different order?
3) Should I run HijackThis after each action or just after all three are done? I will save the log file(s) in any case for possible posting.
4) Should I post the HJT logs here in any case, or only if I have trouble? I will report back what happens after trying all three actions.
5) Do you have any other advice (updating Java was mentioned, for example)?

Thanks again for your help - it is greatly appreciated,
JW

13. ### Old Rich

Joined:
Jan 17, 2003
Messages:
10,254
1) Is this proposed course of action OK, or should I still wait on a moderator's advice?

Your call . . but the log does not seem to get as much attention here as it does on the Security Forum . . the limited number of Security Guru's mean they are busier than a one legged man in a frog stomping contest, so be patient.

2) If this OK, is the proposed order OK or should I do these in a different order?

Order is fine . . do the uninstalls first, reboot, then trim the Startup list

3) Should I run HijackThis after each action or just after all three are done? I will save the log file(s) in any case for possible posting.

No need to run another HJT until after all the changes if you make them . . then post on the Security Forum.

4) Should I post the HJT logs here in any case,

No . . or only if I have trouble? I will report back what happens after trying all three actions.

5) Do you have any other advice (updating Java was mentioned, for example)?

Updateing Java is a good idea . . http://www.java.com/en/download/index.jsp Uninstall the existing versions in Add/Remove Programs and delete their folders in Program files, reboot prior to installing the new version.

Joined:
Jan 18, 2007
Messages:
9
Thanks again - I will try my proposed actions later and report back the results. Hopefully that will resolve the problem. JW

Joined:
Jan 17, 2003
Messages:
10,254
Great! . .

As Seen On