1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Operating system and programs going slow, slow, slow now

Discussion in 'All Other Software' started by djangojazz, Jun 29, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. djangojazz

    djangojazz Thread Starter

    Joined:
    Apr 11, 2006
    Messages:
    301
    Okay I'm going to do a full PC check but all my systems seem fine as of yesterday. A little background to help others help me I'm on a Windows Small Business Server 2003 environment with no other server connection but one machine, I have 3 shared drives created on the server and am running Shared Point Services 2.0 as well and all my computers on the network have a login script assigned to them when booting onto the network so their drives are automatically mapped. Oh and I have POS old Sony laptop running as a proxy using Winproxy 5.0, but it has about a gig of speed and 512 RAM and the connection goes: in from the outside, to the proxy, line directly to server, server assigns ISP's by DHCP internally.

    My computer is a Dell Optiplex 2600
    P4 2.0 gig
    512 meg PC 2700 333 meg RAM
    onboard graphics and soundcard

    Here's a question to start from another thread I posted: About two months back or so I noticed if I put cd's into my PC at work I must have downloaded a rootkit or something because now I cannot play some cd's that I can play on my home computer and others in the office. Now in the future is is safer to burn MP3's on an external harddrive and listen that way or avoid Sony cd's?

    Now to the problem, I put in a burned cd this morning it starts up WMP 10 fine and I'm listening to Back in Black then all of a sudden my computer freezes. Crashes my financial program which I think nothing of because I am using Master Builder 11.2 by Sage which sucks anyways and likes to crash constantly on my server. So I clean my temp files, clean my disk, shut down, wait a few minutes, reboot.

    Now what's interesting is my computer takes FOREVER when it get's to the loading preferences screen screen before starting up. Then when I double click my computer it does the infamous flashlight searching for files. Now I have seen this before and I DO NOT know how to get rid of it and it did happen on some computers when changing servers 4 months back. Even though I properly disconnected the shared drives on the computers and shut them down.

    So any thoughts??? I'm going to run the list of computer anti this anti that's, do a clean of everything, run a defrag, go to PC Pitstop, and then try a system restore if need be. I don't want to reinstall the OS but I will if I have to.

    The overall question is "What makes computer give the flashlight search when double clicking my computer and slow down resources?" It's happened on 4 computers now but in the past I had to reinstall OS's because these computers also had the www.cool...... (awful trojan/spider) webhack that cripples a computer on a network and can cause even secure https logs to fail. Any help is much appreciated and the sooner the better in my case, I'm at work now.
     
  2. Rockn

    Rockn

    Joined:
    Jul 29, 2001
    Messages:
    21,334
    Do the hijack this routine and post back the results. YOu may also want to take a look at your running processes and user profile to make sure they are in order. If you are using roaming network profiles and the profile is too large it will give you a similar problem as it has to copy that profile whenever it changes back across the network.

    The CD thing may just be because the drive at work may not recognize the CD-RW, this was a problem with older CD-ROMs, so this may not be your issue. There are rootkit testers out there
     
  3. djangojazz

    djangojazz Thread Starter

    Joined:
    Apr 11, 2006
    Messages:
    301
    What do you mean in order? I am running selective startup and when looking at my computer processes on my task manager no computer resources are being hogged or anything. Also why is everyone so quick to use hi jack this to fix things? I am having no problem whatsoever with my online capability or speed, just accessing my computer.

    Right but I popped in a cd it worked, system froze then crashed, cd did not reed anymore that's a problem. That would be great if you could link me some rootkit testers. I did the one on Sony's site and it said I had nothing but clearly something is wrong other than my optical drive if it can burn, read, and access data fine just with music sometimes cannot for whatever reason.

    I'm running a backup of files, then a simple system restore to see if the easy fix could possibly work. But I doubt it in my experience.

    Also here is something interesting I found out while snooping, I have two admin accounts on documents and settings. Could the system be confused and using one or both instead of just the one? This is a work computer so I have no problem looking at the desktop I am using actively then axing the other one.
     
  4. djangojazz

    djangojazz Thread Starter

    Joined:
    Apr 11, 2006
    Messages:
    301
    Logfile of HijackThis v1.99.1
    Scan saved at 10:13:34 AM, on 6/29/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O14 - IERESET.INF: START_PAGE_URL=http://companyweb
    O16 - DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} (NSHelp Class) - http://ohi-sbs2k3/ConnectComputer/nshelp.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1142303448514
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1142362061312
    O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - http://ohi-sbs2k3/tsweb/msrdp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = example.local
    O17 - HKLM\Software\..\Telephony: DomainName = example.local
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = example.local
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

    Okay that's what I got 2 things I notice right off:

    1. Why in the world can you not destroy the dumprep in Windows/system32? It keeps regenerating even if you rename it and gives the stupid "Win32 has encountered a problem and needs to close..." This is a cyclic error message on a laptop I have here that I still haven't fixed and I hate it and can't ever seem to get rid of it. I can manually go into my task manager, find the process and shut it down, but hey why can't I just get it to not load? I have unchecked it from startup, found the files it keeps generating in a temp folder, they can not be deleted even when the discovery service is stopped and set to disabled it comes up.

    2. Why is MSmessages like a virus and can't be deleted? I have deleted it countless times, turned it off, told it not to run in startup, and now this report is showing it's a running process!??

    Oh yeah I did a system restore, it didn't do jack as expected. Now I'm off to PC pitstop to run some tests, run some anti stuff, and then if all else fails prepare to destroy my partition and resinstall. I do not want to do this but I need to be back up today and I use on average 10 open windows on my taskbar and multitask a lot of stuff. I know some will say I'm running too much for my specs but hey I'm at work and I use what I am given unfortunately. Any thoughts as always are much appreciated and I have about an hour or three before I start to do the destruction and recreation of this thing.

    Ohh yeah too, quick question on Win 2k3 Small business server do I just have to "reset" my computer do get the license back? I accidently deleted WS03 and now the server thinks on my domain that WS03 is still active, can I correct that and get that license back to? I'm better on software with apps than on OS's to be honest and my server experience is pretty basic up til now. See attached.
     

    Attached Files:

  5. new tech guy

    new tech guy

    Joined:
    Mar 27, 2006
    Messages:
    5,178
    Ok quick question, these programs are on the server right? Well here is possibly an idea, do a defrag to both the laptop and the server it needs to access as both may just need somthing as simple as that. I know it sounds silly but sometimes the silly stuff is what fixes the problem and at this point you really dont have much to lose.
     
  6. djangojazz

    djangojazz Thread Starter

    Joined:
    Apr 11, 2006
    Messages:
    301
    No they aren't on the server, that's my PC. Anyways it's what I thought I checked the boxes I bolded, cleaned my temp files again, turned it off and now my PC is fine. Unfortunately the laptop I tried the same thing on has another problem. I pretty much leave my server alone unless it is messing up and I wouldn't want to defrag my server unless I closed on my systems down and had about an hour or two to do it. Since I am using a RAID level 10 card(3 HD's striped, 1 mirrored backup) I am kind of clueless of whether that would make it faster or slower as well since I am new to RAID settings as well.

    Hijack this I really am leery how quickly people here give it out like it is the first fix to something, it's quite a dangerous program if you don't know what you are doing and can permanently destroy things that you may need. It says that on the program itself, but I cannot stress enough, if you have simple things wrong with your PC, DO NOT USE HIJACK this until you have tried:

    cleaning temp files
    defraging and disk cleans
    trying to manually find problem files and fix or delete them(if not part of windows of course)
    running antivirus, antispyware, spybot, and firewall updates
    and anything else you can think of

    Word to the wise: If someone can physically tell you what the problem is, how to diagnosis it and what probably caused it is probably a better source of info then someone that just tells you to download a program to fix something. But in this case it was one of the last things I could try so it's alright since I was about to wipe out my partition anyways if it didn't work.

    Now about that server reset I mentioned, anyone??? Is it as simple as hitting reset to get my license back if I need to. I'm new to Win2k3 so let me know. (see pic attached two posts up)
     
  7. new tech guy

    new tech guy

    Joined:
    Mar 27, 2006
    Messages:
    5,178
    Glad you figured out your problem. Mark the thread as solved so everyone knows that the issue is resolved.
     
  8. djangojazz

    djangojazz Thread Starter

    Joined:
    Apr 11, 2006
    Messages:
    301
    Well no one really answered what was slowing down the "My computer" flashlight problem, the question on resetting the license, or the Win32 problem. But that's okay I'll make 2 new threads and bump an old one. My computer is working fine now I guess.
     
  9. new tech guy

    new tech guy

    Joined:
    Mar 27, 2006
    Messages:
    5,178
    No do not create a newt thread. I misunderstood your last post. I thought you meant that your system was fine. My apologies. Question, have you ever tried a registry cleaning. You can do it with a freeware app called ccleaner. http://www.ccleaner.com/ . Give the registry cleaner there a try and see if it helps.
     
  10. djangojazz

    djangojazz Thread Starter

    Joined:
    Apr 11, 2006
    Messages:
    301
    See this thread That I made about the problem. This Win32 problem seems like one of the toughtest things I have ever encountered, to fix manually at least. I'll try that regcleaner and another one I saw on another thread. I couldn't find the local class key myself though, but maybe those programs can find things I can't. Let's hope so.

    Oh and I'm at work, my PC I maintain a lot this error is on two other laptops. One a Dell one a fujitsu. The Dell laptop get's it forever, the error that is. I can end it manually from the task manager(see thread) but hey I want it gone for good!
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/479263

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice