Unusual slow star-up - advice requested.

[X-Eyed_Bear]

I have a very slow start-up of my system (typically 7 minutes or so). I
have followed all the advice I can find on this ng, but mostly there
has been no improvement (because I think my system was fairly 'clean' so
start with. Any further advice would be gratefully received.

Here's some background:

- Asus A8V mobo
- AMD Athlon 64 Socket 939 3700+ San Diego core running at 2.2 GHz
- 2 Mb ( 4 sticks x 512 Mb) Corsair memory, DDR2 PC 3200 running in
dual channel mode
- Boot disk is Hitachi 60 Gb 7200 rpm IDE with 8 Mb cache
- D drive (paging set) is a raid-mirror of 2 x 250 GB Seagate SATA-I
drives
- Graphics card is Matrox Millennium P650, driving LCD at 1900 x 1200
( replacement with ATI Sapphire X1650 Pro made no difference; I don't
need any 3D acceleration).

- OS is XP-SP2 with the current set of security fixes

- Security is Norton Internet supplied as a service through Brit
Telecom/Yahoo

Application set is rich

What really bothers me is comparison with a 'smaller' system I also
have, with Asus K8V VM mobo and 2 GHz Socket 754 Venice core. The Venice
system presents the Windows desktop in about 15 seconds from boot and
finishes loading in about 90 seconds; the San Diego system requires
about 2 minutes to show the desktop and then another 5 minutes
apparently loading things.

- There is no virus/spyware/trojan infection on system, according to
Norton. I am behind a router firewall.
- System has been 'cleaned' with CCleaner, latest version
- both drives full defragged
- IDE drive is running at DMA mode 5
- system seems to run at about 2 to 5% CPU load most of time
- memory used is mostly about 600 Mb except when Photoshop being used,
when it will rise to 1700 Mb
- BIOS settings all seem to be appropriate
- CPUZ says hardware is running at expected speed, aside from 1
puzzling stat: the 'memory ' tab in CPUZ says the memory is running at
157 MHz (FASRAM = 14), but the 'SPD' tab reports 200 MHz on all 4
memory banks

 

[Daave]

I have a very slow start-up of my system (typically 7 minutes or so).
I have followed all the advice I can find on this ng, but mostly
there has been no improvement (because I think my system was fairly
'clean' so start with. Any further advice would be gratefully
received.

Here's some background:

- Asus A8V mobo
- AMD Athlon 64 Socket 939 3700+ San Diego core running at 2.2 GHz
- 2 Mb ( 4 sticks x 512 Mb) Corsair memory, DDR2 PC 3200 running in
dual channel mode
- Boot disk is Hitachi 60 Gb 7200 rpm IDE with 8 Mb cache
- D drive (paging set) is a raid-mirror of 2 x 250 GB Seagate SATA-I
drives
- Graphics card is Matrox Millennium P650, driving LCD at 1900 x
1200 ( replacement with ATI Sapphire X1650 Pro made no difference; I
don't need any 3D acceleration).

- OS is XP-SP2 with the current set of security fixes

- Security is Norton Internet supplied as a service through Brit
Telecom/Yahoo

Application set is rich

What really bothers me is comparison with a 'smaller' system I also
have, with Asus K8V VM mobo and 2 GHz Socket 754 Venice core. The
Venice system presents the Windows desktop in about 15 seconds from
boot and finishes loading in about 90 seconds; the San Diego system
requires about 2 minutes to show the desktop and then another 5
minutes apparently loading things.

- There is no virus/spyware/trojan infection on system, according to
Norton. I am behind a router firewall.
- System has been 'cleaned' with CCleaner, latest version
- both drives full defragged
- IDE drive is running at DMA mode 5
- system seems to run at about 2 to 5% CPU load most of time
- memory used is mostly about 600 Mb except when Photoshop being
used, when it will rise to 1700 Mb
- BIOS settings all seem to be appropriate
- CPUZ says hardware is running at expected speed, aside from 1
puzzling stat: the 'memory ' tab in CPUZ says the memory is running at
157 MHz (FASRAM = 14), but the 'SPD' tab reports 200 MHz on all 4
memory banks

Does the Venice system also have the "Norton Internet supplied as a
service through Brit Telecom/Yahoo"? That would be the first thing I
would look at.

 

[X-Eyed_Bear]

Does the Venice system also have the "Norton Internet supplied as a
service through Brit Telecom/Yahoo"? That would be the first thing I
would look at.

No, it uses a service provided by Virgin Media, based on Authentium
anti-virus set.

[It is a source of continual amusement: the Venice system #mirrors' all
the data from the San Diego system. It can't find the trojans that
occasionally get delivered to me, but the Norton System always does. On
the other hand Authentium thinks that apps. like Cute-FTP are infected
when Norton tells me they aren't.]

More to the point, I notice that the largest consumer of memory resource
on the San Diego system is Norton/Yahoo. However, my son uses this same
service on a Dell machine which is slower than the Venice system. It
boots at about the same speed as the Venice system.

 

[Daave]

Does the Venice system also have the "Norton Internet supplied as a
service through Brit Telecom/Yahoo"? That would be the first thing I
would look at.

No, it uses a service provided by Virgin Media, based on Authentium
anti-virus set.

[It is a source of continual amusement: the Venice system #mirrors'
all the data from the San Diego system. It can't find the trojans that
occasionally get delivered to me, but the Norton System always does.
On the other hand Authentium thinks that apps. like Cute-FTP are
infected when Norton tells me they aren't.]

More to the point, I notice that the largest consumer of memory
resource on the San Diego system is Norton/Yahoo. However, my son uses
this same service on a Dell machine which is slower than the Venice
system. It boots at about the same speed as the Venice system.

I wonder if this is a function of how the anti-virus program is
configured. If it's configured to update virus definitions and scan the
hard drive at each boot-up, I would configure it to perform these
functions at another time to see if that would affect your boot time
(perhaps your sons's system is configured to update/scan at a time other
than bootup).

 

[Gerry]

Daave suggested on configuring Norton Internet Security is a good
suggestion as NIS tends to dominate proceedings. Many users have
discarded Norton for this very reason.

Try Ctrl+Alt+Delete to select Task Manager and click the Performance
Tab. Under Commit Charge what is the Total, the Limit and the Peak?

You should be able to gather more information from Task Manager. With
the Processes tab open select View, Select, Columns and check the boxes
before Peak Memory Usage and Virtual Memory size. What are the figures
for the 6 processes using the largest amounts?

Open Disk Defragmenter and click on Analyse. Select View Report and
click on Save As and Save. Now find VolumeC.txt in your My Documents
Folder and post a copy. Do this before running Disk Defragmenter as it
is more informative.

Have you tried this approach?
How to configure Windows XP to start in a "clean boot" state
http://support.microsoft.com/kb/310353/en-us


--



Hope this helps.

Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~

Does the Venice system also have the "Norton Internet supplied as a
service through Brit Telecom/Yahoo"? That would be the first thing I
would look at.

No, it uses a service provided by Virgin Media, based on Authentium
anti-virus set.

[It is a source of continual amusement: the Venice system #mirrors'
all the data from the San Diego system. It can't find the trojans that
occasionally get delivered to me, but the Norton System always does.
On the other hand Authentium thinks that apps. like Cute-FTP are
infected when Norton tells me they aren't.]

More to the point, I notice that the largest consumer of memory
resource on the San Diego system is Norton/Yahoo. However, my son
uses this same service on a Dell machine which is slower than the
Venice system. It boots at about the same speed as the Venice system.

 

[X-Eyed_Bear]

X-Eyed_Bear wrote:
I have a very slow start-up of my system (typically 7 minutes or
so).
I have followed all the advice I can find on this ng, but mostly
there has been no improvement (because I think my system was fairly
'clean' so start with. Any further advice would be gratefully
received.

Here's some background:

- Asus A8V mobo
- AMD Athlon 64 Socket 939 3700+ San Diego core running at 2.2 GHz
- 2 Mb ( 4 sticks x 512 Mb) Corsair memory, DDR2 PC 3200 running
in
dual channel mode
- Boot disk is Hitachi 60 Gb 7200 rpm IDE with 8 Mb cache
- D drive (paging set) is a raid-mirror of 2 x 250 GB Seagate
SATA-I
drives
- Graphics card is Matrox Millennium P650, driving LCD at 1900 x
1200 ( replacement with ATI Sapphire X1650 Pro made no difference; I
don't need any 3D acceleration).

- OS is XP-SP2 with the current set of security fixes

- Security is Norton Internet supplied as a service through Brit
Telecom/Yahoo

Application set is rich

What really bothers me is comparison with a 'smaller' system I also
have, with Asus K8V VM mobo and 2 GHz Socket 754 Venice core. The
Venice system presents the Windows desktop in about 15 seconds from
boot and finishes loading in about 90 seconds; the San Diego system
requires about 2 minutes to show the desktop and then another 5
minutes apparently loading things.

- There is no virus/spyware/trojan infection on system, according
to
Norton. I am behind a router firewall.
- System has been 'cleaned' with CCleaner, latest version
- both drives full defragged
- IDE drive is running at DMA mode 5
- system seems to run at about 2 to 5% CPU load most of time
- memory used is mostly about 600 Mb except when Photoshop being
used, when it will rise to 1700 Mb
- BIOS settings all seem to be appropriate
- CPUZ says hardware is running at expected speed, aside from 1
puzzling stat: the 'memory ' tab in CPUZ says the memory is running
at
157 MHz (FASRAM = 14), but the 'SPD' tab reports 200 MHz on all 4
memory banks
Does the Venice system also have the "Norton Internet supplied as a
service through Brit Telecom/Yahoo"? That would be the first thing I
would look at.

No, it uses a service provided by Virgin Media, based on Authentium
anti-virus set.

[It is a source of continual amusement: the Venice system #mirrors'
all the data from the San Diego system. It can't find the trojans that
occasionally get delivered to me, but the Norton System always does.
On the other hand Authentium thinks that apps. like Cute-FTP are
infected when Norton tells me they aren't.]

More to the point, I notice that the largest consumer of memory
resource on the San Diego system is Norton/Yahoo. However, my son uses
this same service on a Dell machine which is slower than the Venice
system. It boots at about the same speed as the Venice system.

I wonder if this is a function of how the anti-virus program is
configured. If it's configured to update virus definitions and scan the
hard drive at each boot-up, I would configure it to perform these
functions at another time to see if that would affect your boot time
(perhaps your sons's system is configured to update/scan at a time other
than bootup).

Thanks for this suggestion - it had not occurred to me.

I am sure that the Norton was not scanning my hard drive at start up
because my regularly scheduled scan takes at least 45 minutes. I have
turned off the only options that appear to be relevant - quick scan
after an update and automatic update. Rebooting the system has made no
discernible difference - the system still sounds like it is doing a
surface scan during boot up. That is, significant disk activity for more
than 5 minutes at boot. It reminds me of a system in page-thrashing mode
because it lacks sufficient real memory. But 2 Gb is surely enough?

 

[X-Eyed_Bear]

Thanks for this advice. The performance data are:

Total = 892,560
Limit = 4,035,756
Peak = 918,884

Performance Tab items are (Peak Memory Usage Kb/Virtual Memory Usage Kb):
(top 6)
Lightroom.exe = 460,468/329,552
AcroRd32.exe = 107,220/99,612
CcSvcHist.exe = 63,998/31,264
AppSvc32.exe = 52,452/5,148
MsMpChg.exe = 32,288/19,220
explorer.exe = 35,168/22,504


These don't surprise me (aside from Adobe Reader memory use)


What still fascinates me is the low memory frequency reported by CPUz
(157 MHz instead of 200 MHz which I expect)


Disk defrag report follows:

Volume Nova_C (C
Volume size = 57.27 GB
Cluster size = 4 KB
Used space = 26.79 GB
Free space = 30.48 GB
Percent free space = 53 %

Volume fragmentation
Total fragmentation = 4 %
File fragmentation = 8 %
Free space fragmentation = 0 %

File fragmentation
Total files = 167,783
Average file size = 192 KB
Total fragmented files = 451
Total excess fragments = 1,807
Average fragments per file = 1.01

Pagefile fragmentation
Pagefile size = 0 bytes
Total fragments = 0

Folder fragmentation
Total folders = 14,161
Fragmented folders = 22
Excess folder fragments = 76

Master File Table (MFT) fragmentation
Total MFT size = 258 MB
MFT record count = 182,179
Percent MFT in use = 68 %
Total MFT fragments = 3

--------------------------------------------------------------------------------
Fragments File Size Most fragmented files
318 138 MB \Documents and
Settings\asquared.NOVA\Local Settings\Application
Data\Google\GoogleEarth\dbCache.dat
274 31 MB \Documents and Settings\asquared.NOVA\My
Documents\My Pictures\Lightroom\Lightroom Catalog.lrcat
125 23 MB \Documents and Settings\asquared.NOVA\My
Documents\My Pictures\Lightroom\Lightroom Catalog
Previews.lrdata\thumbnail-cache.db
70 4 MB \VueScan\vuescan.exe
37 2 MB \VueScan\vuescan.dat
27 1 MB \Documents and
Settings\asquared.NOVA\Local Settings\Temp\Save For
Web\DSC_1063.tmp\DSC_1063.jpg
23 0 bytes \Documents and Settings\All
Users.WINDOWS\Application Data\Symantec\SRTSP\SrtETmp\AB3217DB.TMP
16 63 MB \Documents and
Settings\asquared.NOVA\Local Settings\Temp\Photoshop Temp4082701604
16 777 KB \Documents and Settings\All
Users.WINDOWS\Application Data\Symantec\LiveUpdate\Settings.LiveUpdate
15 3 MB \Documents and Settings\All
Users.WINDOWS\Application Data\Symantec\LiveUpdate\Log.LiveUpdate
15 1 KB \WINDOWS\system32\config\software.LOG
13 598 KB \Documents and
Settings\asquared.NOVA\Local Settings\Temporary Internet
Files\Content.IE5\QTENT6J2\lobby[1].swf
12 538 KB \Documents and
Settings\asquared.NOVA\Local Settings\Temp\Save For
Web\DSC_1238.tmp\DSC_1238.jpg
12 545 KB \Documents and
Settings\asquared.NOVA\Local Settings\Temp\Save For
Web\DSC_1238_001.tmp\DSC_1238.jpg
12 545 KB \Documents and
Settings\asquared.NOVA\Local Settings\Temp\Save For
Web\DSC_1238_002.tmp\DSC_1238.jpg
11 460 KB \WINDOWS\Prefetch\Layout.ini
10 630 KB \Documents and
Settings\asquared.NOVA\Local Settings\Temporary Internet
Files\Content.IE5\UJ39GMEG\mail[2].htm
10 198 KB \Documents and
Settings\asquared.NOVA\Local Settings\Temp\alm.log
10 404 KB
\WINDOWS\PCHealth\HelpCtr\DataColl\CollectedData_8643.xml
9 1 MB \WINDOWS\WindowsUpdate.log
9 285 KB \Documents and
Settings\asquared.NOVA\Local Settings\Application Data\Apple
Computer\QuickTime\downloads\02\08\28ea1a79-d259519b-adef96b5-e4780673.qtch
9 576 KB \Documents and
Settings\asquared.NOVA\Local Settings\Temporary Internet
Files\Content.IE5\index.dat
7 120 KB \Documents and
Settings\asquared.NOVA\Local Settings\Temporary Internet
Files\Content.IE5\QTENT6J2
7 120 KB \Documents and
Settings\asquared.NOVA\Local Settings\Temporary Internet
Files\Content.IE5\SM37MX69
7 124 KB \Documents and
Settings\asquared.NOVA\Local Settings\Temporary Internet
Files\Content.IE5\7OMWOGTK
7 236 KB \Documents and
Settings\asquared.NOVA\Local Settings\Temporary Internet
Files\Content.IE5\SM37MX69\lobby_music[1].mp3
7 219 KB
\WINDOWS\PCHealth\HelpCtr\DataColl\CollectedData_8645.xml
6 149 KB \Documents and
Settings\asquared.NOVA\Local Settings\Temporary Internet
Files\Content.IE5\7OMWOGTK\tg_website_07[1].png
6 24 KB \Documents and Settings\asquared.NOVA\My
Documents\My Pictures\Lightroom\Lightroom Catalog Previews.lrdata\E
6 233 KB \Documents and
Settings\asquared.NOVA\Local Settings\Temp\72exgmrgml5.exe

Daave suggested on configuring Norton Internet Security is a good
suggestion as NIS tends to dominate proceedings. Many users have
discarded Norton for this very reason.

Try Ctrl+Alt+Delete to select Task Manager and click the Performance
Tab. Under Commit Charge what is the Total, the Limit and the Peak?

You should be able to gather more information from Task Manager. With
the Processes tab open select View, Select, Columns and check the boxes
before Peak Memory Usage and Virtual Memory size. What are the figures
for the 6 processes using the largest amounts?

Open Disk Defragmenter and click on Analyse. Select View Report and
click on Save As and Save. Now find VolumeC.txt in your My Documents
Folder and post a copy. Do this before running Disk Defragmenter as it
is more informative.

Have you tried this approach?
How to configure Windows XP to start in a "clean boot" state
http://support.microsoft.com/kb/310353/en-us


--



Hope this helps.

Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~

X-Eyed_Bear wrote:
I have a very slow start-up of my system (typically 7 minutes or
so). I have followed all the advice I can find on this ng, but
mostly there has been no improvement (because I think my system was
fairly 'clean' so start with. Any further advice would be gratefully
received.

Here's some background:

- Asus A8V mobo
- AMD Athlon 64 Socket 939 3700+ San Diego core running at 2.2 GHz
- 2 Mb ( 4 sticks x 512 Mb) Corsair memory, DDR2 PC 3200 running
in dual channel mode
- Boot disk is Hitachi 60 Gb 7200 rpm IDE with 8 Mb cache
- D drive (paging set) is a raid-mirror of 2 x 250 GB Seagate
SATA-I drives
- Graphics card is Matrox Millennium P650, driving LCD at 1900 x
1200 ( replacement with ATI Sapphire X1650 Pro made no difference; I
don't need any 3D acceleration).

- OS is XP-SP2 with the current set of security fixes

- Security is Norton Internet supplied as a service through Brit
Telecom/Yahoo

Application set is rich

What really bothers me is comparison with a 'smaller' system I also
have, with Asus K8V VM mobo and 2 GHz Socket 754 Venice core. The
Venice system presents the Windows desktop in about 15 seconds from
boot and finishes loading in about 90 seconds; the San Diego system
requires about 2 minutes to show the desktop and then another 5
minutes apparently loading things.

- There is no virus/spyware/trojan infection on system, according
to Norton. I am behind a router firewall.
- System has been 'cleaned' with CCleaner, latest version
- both drives full defragged
- IDE drive is running at DMA mode 5
- system seems to run at about 2 to 5% CPU load most of time
- memory used is mostly about 600 Mb except when Photoshop being
used, when it will rise to 1700 Mb
- BIOS settings all seem to be appropriate
- CPUZ says hardware is running at expected speed, aside from 1
puzzling stat: the 'memory ' tab in CPUZ says the memory is running
at 157 MHz (FASRAM = 14), but the 'SPD' tab reports 200 MHz on
all 4 memory banks
Does the Venice system also have the "Norton Internet supplied as a
service through Brit Telecom/Yahoo"? That would be the first thing I
would look at.

No, it uses a service provided by Virgin Media, based on Authentium
anti-virus set.

[It is a source of continual amusement: the Venice system #mirrors'
all the data from the San Diego system. It can't find the trojans that
occasionally get delivered to me, but the Norton System always does.
On the other hand Authentium thinks that apps. like Cute-FTP are
infected when Norton tells me they aren't.]

More to the point, I notice that the largest consumer of memory
resource on the San Diego system is Norton/Yahoo. However, my son
uses this same service on a Dell machine which is slower than the
Venice system. It boots at about the same speed as the Venice system.

 

[Daave]

MsMpChg.exe = 32,288/19,220

Might this be a typo?

If not, I'd be very suspicious of malware since Googling returns *zero*
hits for it.

 

[X-Eyed_Bear]

I have now tried the clean boot approach as referenced in the MS KB
article. Average results after a number of tries are:

Clean boot: 80 secs. to desktop appearing; 150 seconds to system loaded
Normal boot: 125 seconds to desktop appearing; 530 seconds (almost 9
minutes!) to system loaded.

There's clearly something wrong here, but I'm out of ideas as to what.

Daave suggested on configuring Norton Internet Security is a good
suggestion as NIS tends to dominate proceedings. Many users have
discarded Norton for this very reason.

Try Ctrl+Alt+Delete to select Task Manager and click the Performance
Tab. Under Commit Charge what is the Total, the Limit and the Peak?

You should be able to gather more information from Task Manager. With
the Processes tab open select View, Select, Columns and check the boxes
before Peak Memory Usage and Virtual Memory size. What are the figures
for the 6 processes using the largest amounts?

Open Disk Defragmenter and click on Analyse. Select View Report and
click on Save As and Save. Now find VolumeC.txt in your My Documents
Folder and post a copy. Do this before running Disk Defragmenter as it
is more informative.

Have you tried this approach?
How to configure Windows XP to start in a "clean boot" state
http://support.microsoft.com/kb/310353/en-us


--



Hope this helps.

Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~

X-Eyed_Bear wrote:
I have a very slow start-up of my system (typically 7 minutes or
so). I have followed all the advice I can find on this ng, but
mostly there has been no improvement (because I think my system was
fairly 'clean' so start with. Any further advice would be gratefully
received.

Here's some background:

- Asus A8V mobo
- AMD Athlon 64 Socket 939 3700+ San Diego core running at 2.2 GHz
- 2 Mb ( 4 sticks x 512 Mb) Corsair memory, DDR2 PC 3200 running
in dual channel mode
- Boot disk is Hitachi 60 Gb 7200 rpm IDE with 8 Mb cache
- D drive (paging set) is a raid-mirror of 2 x 250 GB Seagate
SATA-I drives
- Graphics card is Matrox Millennium P650, driving LCD at 1900 x
1200 ( replacement with ATI Sapphire X1650 Pro made no difference; I
don't need any 3D acceleration).

- OS is XP-SP2 with the current set of security fixes

- Security is Norton Internet supplied as a service through Brit
Telecom/Yahoo

Application set is rich

What really bothers me is comparison with a 'smaller' system I also
have, with Asus K8V VM mobo and 2 GHz Socket 754 Venice core. The
Venice system presents the Windows desktop in about 15 seconds from
boot and finishes loading in about 90 seconds; the San Diego system
requires about 2 minutes to show the desktop and then another 5
minutes apparently loading things.

- There is no virus/spyware/trojan infection on system, according
to Norton. I am behind a router firewall.
- System has been 'cleaned' with CCleaner, latest version
- both drives full defragged
- IDE drive is running at DMA mode 5
- system seems to run at about 2 to 5% CPU load most of time
- memory used is mostly about 600 Mb except when Photoshop being
used, when it will rise to 1700 Mb
- BIOS settings all seem to be appropriate
- CPUZ says hardware is running at expected speed, aside from 1
puzzling stat: the 'memory ' tab in CPUZ says the memory is running
at 157 MHz (FASRAM = 14), but the 'SPD' tab reports 200 MHz on
all 4 memory banks
Does the Venice system also have the "Norton Internet supplied as a
service through Brit Telecom/Yahoo"? That would be the first thing I
would look at.

No, it uses a service provided by Virgin Media, based on Authentium
anti-virus set.

[It is a source of continual amusement: the Venice system #mirrors'
all the data from the San Diego system. It can't find the trojans that
occasionally get delivered to me, but the Norton System always does.
On the other hand Authentium thinks that apps. like Cute-FTP are
infected when Norton tells me they aren't.]

More to the point, I notice that the largest consumer of memory
resource on the San Diego system is Norton/Yahoo. However, my son
uses this same service on a Dell machine which is slower than the
Venice system. It boots at about the same speed as the Venice system.

 

[X-Eyed_Bear]

Yes, you are quite corect - my apologies; I couldn't read my own writing.

It's MsMpEng.exe - part of Windows Defender (hopefully!) although there
are plenty of articles in Google suggesting people have problems with
it. But I cannot tell if they have some malware masquerading as a
Windows Defender component or not. I'll try running without it, since
Norton is supposed to provide protection against malware.....

 

[Daave]

Yes, you are quite corect - my apologies; I couldn't read my own
writing.

It's MsMpEng.exe - part of Windows Defender (hopefully!) although
there are plenty of articles in Google suggesting people have
problems with it. But I cannot tell if they have some malware
masquerading as a Windows Defender component or not. I'll try running
without it, since Norton is supposed to provide protection against
malware.....

That might be your culprit, then. From
http://computerhaven.info/forum/tm.aspx?m=37712&mpage=1&key=&#37712 :


russell -> RE: Windows Defender's msmpeng.exe (9/2/2006 3:41:27 PM)

Hi Gerry,

Seems to be a common complaint with Windows Defender. Go in and
double-check your program settings for it, then reboot. It's the
complete system scans that cause all of the CPU usage, and if your
computer isn't on at the time that Defender wants to perform its scan,
it'll do it the next time you boot up.

Interesting Microsoft forum thread about it at
http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=352634&SiteID=2

----------------------------------------------------------------

That last link seems to be dead. Instead, try:

http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2707364&SiteID=2

http://www.google.com/search?hl=en&q=windowsonecare+MsMpEng.exe+scan+site:microsoft.com

 

[X-Eyed_Bear]

Daave wrote:
[clipped]

That might be your culprit, then. From
http://computerhaven.info/forum/tm.aspx?m=37712&mpage=1&key=&#37712 :


russell -> RE: Windows Defender's msmpeng.exe (9/2/2006 3:41:27 PM)

Hi Gerry,

Seems to be a common complaint with Windows Defender. Go in and
double-check your program settings for it, then reboot. It's the
complete system scans that cause all of the CPU usage, and if your
computer isn't on at the time that Defender wants to perform its scan,
it'll do it the next time you boot up.

Interesting Microsoft forum thread about it at
http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=352634&SiteID=2

----------------------------------------------------------------

That last link seems to be dead. Instead, try:

http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2707364&SiteID=2

http://www.google.com/search?hl=en&q=windowsonecare+MsMpEng.exe+scan+site:microsoft.com

Thanks for this; the referenced sites made for entertaining reading,
echoing many of my own sentiments '...all over cyberspace...'. I have
been battling with this condition for some months now and have reached
the 'straw clutching'; stage, so I had high hopes that Defender was the
culprit. I removed it completely from my system (via Add/Remove..)

Result: no difference whatsoever in start up performance. Task Manager
confirms that it takes just about 9 minutes to start, with the largest
memory user being WUAUCLT.exe (I've written that in UC because people
have mistaken this for WUAUDT, when written in lower case). The amount
of memory it needs at peak is not significant.

What is significant during start up is that the largest consumer of CPU
resource is the System Idle Process at about 98%. The number of Page
Faults (which, if I cast my mind back to the days of TSO, used to mean
the incidence of a requested data item not being found in memory, but on
the paging data set) is high. There were 127K page faults in the SVChost
process alone in start up, and over 230K faults in the top 4 processes
in start-up.

I don't understand this - I have 2 Gb of real memory; peak memory demand
in start up was about 400 Mb. Everything could have been resident. There
shouldn't have been any page faults. If I am correct, this data shows
that my system is mostly waiting to get data off the paging data set.
This would explain why the disk activity is so high - with one minor
glitch in the argument: the disk activity is all on the C Drive; the
paging file is on the D drive!

I seem to get approaching a solution to my problem at a negative velocity!

 

[Gerry]

I have studied the information provided earlier and your other reponses.
My suspicion is that your slow start-up is the result of Adobe products
loading on system start-up and to a lesser extent the impact of Norton
Internet Security scans. You can check whether this diagnosis is correct
by installing Autoruns and disabling (not deleting) the Adobe start up
items. This process is easily reversed using Autoruns.

http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/Autoruns.mspx

With Autoruns you can uncheck an item, which disables it from starting,
or you can can right click an item and then delete it. If you uncheck
you can recheck to re-enable the item. It is a much safer approach than
editing the Registry. Another useful feature of the programme is that
you can right click an item and select Search Online to get information
about the item selected.

What are your arrangements for a pagefile? Where exactly is it is
located?

Are you using Windows Defender as a standalone programme or as part of
Windows Live OneCare?

--



Hope this helps.

Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~

Daave wrote:
[clipped]

That might be your culprit, then. From
http://computerhaven.info/forum/tm.aspx?m=37712&mpage=1&key=&#37712 :


russell -> RE: Windows Defender's msmpeng.exe (9/2/2006 3:41:27 PM)

Hi Gerry,

Seems to be a common complaint with Windows Defender. Go in and
double-check your program settings for it, then reboot. It's the
complete system scans that cause all of the CPU usage, and if your
computer isn't on at the time that Defender wants to perform its
scan, it'll do it the next time you boot up.

Interesting Microsoft forum thread about it at
http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=352634&SiteID=2

----------------------------------------------------------------

That last link seems to be dead. Instead, try:

http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2707364&SiteID=2

http://www.google.com/search?hl=en&q=windowsonecare+MsMpEng.exe+scan+site:microsoft.com

Thanks for this; the referenced sites made for entertaining reading,
echoing many of my own sentiments '...all over cyberspace...'. I have
been battling with this condition for some months now and have reached
the 'straw clutching'; stage, so I had high hopes that Defender was
the culprit. I removed it completely from my system (via Add/Remove..)

Result: no difference whatsoever in start up performance. Task Manager
confirms that it takes just about 9 minutes to start, with the largest
memory user being WUAUCLT.exe (I've written that in UC because people
have mistaken this for WUAUDT, when written in lower case). The amount
of memory it needs at peak is not significant.

What is significant during start up is that the largest consumer of
CPU resource is the System Idle Process at about 98%. The number of
Page Faults (which, if I cast my mind back to the days of TSO, used
to mean the incidence of a requested data item not being found in
memory, but on the paging data set) is high. There were 127K page
faults in the SVChost process alone in start up, and over 230K faults
in the top 4 processes in start-up.

I don't understand this - I have 2 Gb of real memory; peak memory
demand in start up was about 400 Mb. Everything could have been
resident. There shouldn't have been any page faults. If I am correct,
this data shows that my system is mostly waiting to get data off the
paging data set. This would explain why the disk activity is so high
- with one minor glitch in the argument: the disk activity is all on
the C Drive; the paging file is on the D drive!

I seem to get approaching a solution to my problem at a negative
velocity!

 

[Daave]

Task Manager confirms that it takes just about 9 minutes to start,
with
the largest memory user being WUAUCLT.exe (I've written that in UC
because people have mistaken this for WUAUDT, when written in lower
case). The amount of memory it needs at peak is not significant.

Whether or not this will address your issue, I would switch from
automatic updates to manual updates.

What is significant during start up is that the largest consumer of
CPU resource is the System Idle Process at about 98%.

That's not a process; that's just an indication of what is *not* being
used.

If you're determined to find the culprit, it will involve disabling half
your startup items and noting if there is improvement or not. If there
is, then you can disable half of what you have left, etc. until you
figure it out by process of elimination.

I believe you stated elsewhere you believed that Norton informed you
that you were completely malware-free. It's possible you're not; no one
application can guarantee this. You may want to check this out as a
reference:

http://www.elephantboycomputers.com/page2.html#Viruses_Malware

As a last resort, you could always run HijackThis.

 

[X-Eyed_Bear]

I have studied the information provided earlier and your other reponses.
My suspicion is that your slow start-up is the result of Adobe products
loading on system start-up and to a lesser extent the impact of Norton
Internet Security scans. You can check whether this diagnosis is correct
by installing Autoruns and disabling (not deleting) the Adobe start up
items. This process is easily reversed using Autoruns.

http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/Autoruns.mspx

With Autoruns you can uncheck an item, which disables it from starting,
or you can can right click an item and then delete it. If you uncheck
you can recheck to re-enable the item. It is a much safer approach than
editing the Registry. Another useful feature of the programme is that
you can right click an item and select Search Online to get information
about the item selected.

What are your arrangements for a pagefile? Where exactly is it is
located?

Are you using Windows Defender as a standalone programme or as part of
Windows Live OneCare?

Thanks for further advice.

I have stopped 2 Adobe services from running at Startup (using MSConfig)
and similarly stopped about 5 other items. I removed about 10 desktop
shortcuts (leaving about 20 still active). Boot time has reduced from 8
mins 50 secs to 8 mins 25 secs!

I'll try Autoruns later this evening.

I don't think that Norton nwow does any scans on strat up, but I could
be wrong - the interface is a model of how not to deliver usability.

The pagefile is 'System Managed'; located on my 'D' drive which is a
mirrored pair of 250 Gb Sata II drives. Reading from the D drive seems
extremely quick - for example when I am loading a 100 MB TIFF. The drive
is about 30% full. The defrag report shows nothing red at all.

Windows Defender was standalone. It has now been deleted (without any
obvious benefit).

 

[X-Eyed_Bear]

Whether or not this will address your issue, I would switch from
automatic updates to manual updates.


That's not a process; that's just an indication of what is *not* being
used.

If you're determined to find the culprit, it will involve disabling half
your startup items and noting if there is improvement or not. If there
is, then you can disable half of what you have left, etc. until you
figure it out by process of elimination.

I believe you stated elsewhere you believed that Norton informed you
that you were completely malware-free. It's possible you're not; no one
application can guarantee this. You may want to check this out as a
reference:

http://www.elephantboycomputers.com/page2.html#Viruses_Malware

As a last resort, you could always run HijackThis.

That's all very sensible - thanks. I have used AVG AntiSpyware before,
along with AdAware and Spybot. I removed these (ro reduce the start-up
load!) thinking that Norton and Windows Defender should suffice. I'll
scan my system with these re-installed.

I'll also embark on the ultra-painful process of eliminating start up
process in binary chunks to see if I can identify a culprit (maybe I
should divide into a Fiboncccian ratio?)

I am still wondering about he memory speed on my system....

 

[Gerry]

The principle underlying Clean booting is to remove all third party
applications loading and the adding one back, rebooting and timing the
boot time. Then repeating the process for each application until you
locate which is the cause of a longer boot. Earlier you said this.

Clean boot: 80 secs. to desktop appearing; 150 seconds to system loaded
Normal boot: 125 seconds to desktop appearing; 530 seconds (almost 9
minutes!) to system loaded.

It may be easier said than done but one or two applications are adding 6
minutes to your boot time.


--



Hope this helps.

Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~