Why is Explorer.exe taking so long?

Every so often your beloved Windows XP computer decides to switch into a permanent mode of spending its royal time doing nothing after you logged in. No Taskbar, no Desktop icons and no response to Window-E. Task Manager shows that a bunch of svchost.exe’s are running, Explorer.exe is running (low CPU cycles) and the System Idle Process is taking about 99% to just sit and idle! Not even the hard drive light is flickering.

Quite a number of times you can get some wonderful response by killing Explorer.exe and File->New Task (Run…) it again. But not always. And then most of the time, if you let the computer boot while making tea, you can get a quick working Desktop by logging in after you had your tea!

There is no sign of any tool on the internet that will help you find this kind of problem while Windows is booting or logging you in, but here is what I’ve done, to rescue a fourth computer from infinite idling:

CCleaner is my favorite tool to shrink down the list of applications starting up when you log in.  Tools->Startup  and Disable is your friend! Also a good idea to make sure the Registry has no hiccups and that your Temp and Cache files are gone. Task manager will show you most of the things currently running, so keep reducing the list until it barely works.

– Regedit with a search for run and runonce might also catch something neglected.

– As a follow on to the Temp and Cache cleaning, also make sure that your hard disk drive is defragged and has some room for all the swap and temp files Windows creates on the fly.

– Also uninstall all those unused, 5 year old applications that you don’t even plan to use.

– While there, if you don’t use Windows Components like Outlook Express, Windows Messenger, MSN Explorer, remove them in Control Panel->Add or Remove Programs->Add/Remove Windows Components. Bye-bye Games!

– I have never used a System Restore Point, so CCleaner will allow you to select them all (except the last) and delete them. Maybe a good idea to turn it off in System Properties (right click on My Computer and select Properties at the bottom, then go to the System Restore tab)

– Hibernation is also a no-no for finding things that slows you down, so turn that off in

– The next thing to clear is the Scheduled Tasks (in Control Panel) that Google loves to populate. These things only run when they are scheduled? Yeah right, but when the run, they add some stuff back to the Startup and Run locations, almost randomly always!

– When your computer is not on the network like at work any more, you might want to remove all those mapped drives to network shares that you don’t have access too. The same for those network printers that you can’t see from home, especially their little utilities checking every so often if the printer has paper or ink!

– Also make sure that no one is connected to Shares on your computer. Sharing less is always better. Shares and Sessions in Computer Management will shed some light (right click on My Computer and select Manage)

– Hidden device drivers for devices not attached any more? Add variable ‘devmgr_show_nonpresent_devices’ with value ‘1’ to your Environment Variables and View->Show hidden devices in Device Manager to delete all those hundreds of shaded, unused drivers that probably loads when you boot the computer up, all for nothing.

– If you do run a good firewall like ZoneAlarm and use Firefox with NoScript and you don’t click on weird Internet links and you don’t open all your joke emails, spam and attached Office documents, then your chance is small of having a virus/malware slowing you machine down, but I did find one suspect item (Start_ShowSearch (Hijack.StartMenu) ) with “Malwarebytes’ Anti-Malware”  (I am absolutely no fan of using online ‘fix your PC’ scanners and neither of Spyware catchers that run when you start the machine up…just like CCleaner, Anti-Malware, notepad and paint runs when I tell it too!!! And when I close them, they are done)

– Some sites suggest that you uninstall ZoneAlarm or VMware when things tend to slow down, but I’ve removed both with no impact. Bringing them back online had no change either.

– I’ve also tried with multiple Network devices to give them static IP addresses, instead of waiting for DHCP to do its thing, no luck. I’ve even disabled the devices in Device Manager and turned them off in the BIOS with no faster Explorer.exe!!!

– Then you can try removing CVS and SVN from your system, no improvement either.

– Autoruns, from Sysinternals has shown plenty of “file not found”s in the Image Path column, so uncheck all the lines without sources and use this opportunity to evaluate what other useless things you are pampering. A previous trip to Services might also help…no iPhone any more? Remove “Apple Mobil Device” and “iPod Service” then! Bonjour? Google Software Updater? Google Update Service? What, am I already part of the distributed Google server network?

– Also uncheck the “Hide inactive icons” in the Taskbar Properties, so you can see what is running, even though said to be inactive.

– And then on to the final straw…most of the reason my Computer spend 3 minutes logging in was found in the System Event Viewer: Somewhere in the past I disabled the Telephony Service, so Remote Procedure Call Service could not start and Plug and Play Service could not start, so the Computer spends and eternity trying to resolve this before showing me my Desktop!!! So clear the Event Log completely and reboot to see what are all the messages that just showed up and when they did.

With Telephony back on, I can log in at any time (immediately after a restart, or after my tea) and access my Desktop in less than 7 seconds now!!!

(also check out SIW! – by Eric)

– And it is slow again, so I found a MS article to enable user environment debug logging

regedit:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UserEnvDebugLevel  as REG_DWORD  Hex:10002  where Hex is the combination (OR) of
NONE 0x00000000
NORMAL 0x00000001
VERBOSE 0x00000002
LOGFILE 0x00010000
DEBUGGER 0x00020000

Default is NORMAL|LOGFILE (0x00010001).

Let’s hope there is some clue in the %Systemroot%\Debug\UserMode\Userenv.log file now!

– Well not much there, but did notice in Services that there is a “Remote Procedure Call (RPC) Locator now that is started, but set to Manual, so an Automatic to that and I am logged in within 10 seconds with Desktop icons shown and all the taskbar icons loaded 15 seconds later!!!

Advertisements

~ by nambabwe on 2010/06/23.

 
%d bloggers like this: