Extensive XP Boot-up times on a Sony VAIO

A friend dropped off his laptop the other day and it's been a nightmare since. I'm attempting to get it up to speed without having to reinstall XP. Although if it were my own, I would have done so a long long time ago. Reinstalling though, if need be, will be the last option. I was just worried about all his data. Anyway, here's the breakdown:

System Specs:
*Sony Vaio PCG-Z1RAP Notebook
--Intel Centrino 1.5GHz
--512 Ram
--Hitachi DK23EA-60 HD
--Windows XP Pro (SP2)

*Basic Observable OS Symptoms:
-Normal Mode:
--Boot-up times averaging 25-28 minutes (breakdown shown below)
--Extremely slow system performance (~60 seconds to pull up MyComputerroperties window)
--Hard Drive seems to be constantly accessed (~90% activity)
--No obviously suspicious processes shown in Taskmanager, shows 0%-5% cpu usage

-Safe Mode with network support:
--similar to symptoms of normal mode

-Safe Mode:
--Boot-up times averaging 5-6 minutes (breakdown shown below)
--System performace appears to be on par (to my knowledge--I'm used to a P3-500)
--Hard drive activity seems normal

*Boot-up running timer breakdowns (I'm sure there are applications for this)
-Normal Mode:
timer started after bios splash screen
01:00 White line appears
02:30 finally starts moving
02:50 Windows Splash screen appears
05:35 screen goes blank
14:00 Screen breifly goes black (as if shut off)
16:00 Mouse pointer appears (on black background)
18:15 Blue Welcome screen appears "Windows is starting up"
19:15 "Welcome"
23:55 Welcome jingle wav plays
24:40 Desktop background image appears
27:00 Taskbar appears
28:00 Icons begin to appear

-Safe Mode (no network support):
only noted files with what seemed extensive load times
0:50 load ntoskrnl.exe
2:20 finish ntoskrnl.exe
2:25 config\system
4:22 finished config\system
4:40 KSecDD.sys
5:00 finished KSecDD.sys
5:05 agp440.sys
5:30 finished agp440.sys
6:00 system up and running

Action taken so far and other misc. observations:
At first when I recieved the computer I attempted to do a few scans for spyware. He had told me he had recently scanned with McAffee and that it took a long time but it didn't find anything. Because the abnormal boot hangs, I figured it might have been an XP configuration problem (at that time, he was on SP1). I attempted to update to SP2 the system was running way too slow and would abort after hours. After realizing safe mode (without network support) ran much smoother, I managed to update to SP2. Normal reboot did not change. Downloaded and installed the rest of windows updates, still no improvement. Ran Stinger in Normal Mode and it found nothing after a 13 hour scan.

Ran Spybot in safe mode and cleaned a few misc. bots. Ran McAffee VirusScan, found nothing. Found this site. Followed the spyware, virus removal sticky as best as I could--I had to run in non-network safe mode. So I substituted McAffee VirusScan at the time, which found nothing. Ran Stinger again, found nothing. First run of AdAware found 180Solutions, Bowserraid, CoolWebSearch, Win32.Backdoor.Jeem. SpyBot reported minimal possible hijackers. Nothing else found with other scanners. Rebooted in safe mode w/network. Boot time still rediculous. Downloaded updates for AdAware and SpywareBlaster; nothing newer available for SpyBot. Couldn't d/l McAffee VirusScanner update due to lack of log-in info (but its DAT is dated 10/27/04). Attempted to scan with TrendMicro's Online scan--I let it scan the boot and system areas and that's it (starting to lose patience), found nothing, canceled. Rebooted in non-network safe mode. AdAware cleaned AltnetBDE, CasinoPalazzo, MyWay.Speedbar.

Okay, now I'll probably redo your process using the online scanners despite knowing the scans will take over 24 hours. I just wanted to post just incase you guys think it might be something else, as I do, because of the abnormal boot process. To me, I think I've somewhat narrowed it down to "something dealing with the network access drivers--perhaps a worm of some sort infecting system/boot files" or "some other system configuation problem--ntoskrnl.exe problem or infection". The hard drive is fine according to Hitachi's diagnostic scanner and the Phoenix BIOS is up to date with what I could find off of Sony's site. On the safe mode w/ network boot-up I noticed it hangs extensively on agp440.sys file. I don't have the exact breakdown noted as I'm kind of getting frustrated (Although I'm about to reboot it to do the online scans, so I suppose I can note where exactly it hangs). I've also installed the latest video drivers.

The only thing that keeps an infection in mind is that when he dropped it off on the 26th, he didn't know when he last updated his VirusScanner. Now, when I tried to update, I couldn't log on to download it because I didn't have his log-in info. After installing SP2, and doing other scans, I finally checked and noticed that the VirusScanner said its DAT file creation date is 10/27/2004. I don't use McAfee on my own computer so I'm not completely familliar with how it works, but despite not being able to download the updates manually, is it possible that McAfee automatically d/l and updated itself (during one of those overnighters when I tried to install SP2 via web)?? Or is there a virus that's beating McAfee and modifying its files?

Sorry for the novel, but I thought I'd give as much information as possible. And thank you for anyone that took the time to read through it all and offer any advice.

Mike

 

This log was taken in safe mode with network access, which shows the same symptoms as normal mode. Thanks.

 

Log will be posted in roughly 30 mins.

Unless the about:blank options were set by one of the scanners, then I'm assuming it was from a hijacker. I don't recall setting those myself. IE used to open up to Yahoo.com before I did all the scans, now I believe it opens up to Google.com--a change which I did not make. And AboutBuster (assuming that's what it's related to) did not find anything on its scan.

 

Well, the IE homepage is the least of my worries at the moment, but thanks, =)

Here's the log from a normal boot (ignore list is empty and unchecked ignore safe urls). Any ideas?

 

Oh sorry, my bad. I thought you were just telling me how to set my homepage.

I made the HJT fixes as directed and reset IE web settings. It's rebooting as I'm typing here and is still taking a considerable amount of time. It only now reached the XP splash screen and I restarted 5 mins ago.

I looked at the USB update but it wouldn't allow it because it was made for SP1. As far as disabling the agp440.sys goes, I'll have to wait for an XP cd unless there is a way to access the console without one. But even so, would doing such a thing be necesarry? His laptop was working fine a few months ago, what would cause a need to suddenly have to disable one of the system drivers like this?

And thank you for taking the time to help in solving this problem, chaslang. I really appreciate it as I'm fresh out of ideas on what to do.

 

As stated in my original post, the boot up time for safe mode without network is around 6 minutes. I've already checked the hard drive with both XP's scan and the HDD manufacturer's errorscanning software and they both reported no problems.

Booting up in normal mode without the ethernet plugged in makes no difference to the ~30 minute boot times.