Member Avatar for jbennet

For some reason my development rig has become quite slow lately
Its got 2gb of ram, a Core1duo and Server 2008 (SP1) Standard x32

Every once in a while taskeng will go crazy and spawn like 200 process and eat all my ram and CPU time. Looking at scheduled tasks, it seems to be IE Feed Synchronisation?

Spyware? Log included. Its a Lenovo/IBM. Originally i thaught this wierd behavior was due to the FW blocking the sync but even with it off it still does it. Means my box crashes basically every night which is bad as it needs to be left to compile / serve webpages and download crap.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:29:47, on 22/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Pidgin\pidgin.exe
C:\Users\jdbennet\Desktop\2\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = [url]http://www.google.co.uk[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.daniweb.com/[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url]http://www.google.co.uk[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url]http://www.google.co.uk[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = [url]http://www.google.co.uk[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [url]http://www.google.co.uk[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://www.google.co.uk[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.google.co.uk[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = [url]http://www.google.co.uk[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [url]http://www.google.co.uk[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = [url]http://www.google.co.uk[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\WEB2~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - [url]http://www.srtest.com/srl_bin/sysreqlab_ind.cab[/url]
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: IntelĀ® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Fn+F5 Service (FNF5SVC) - Lenovo. - C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IntelĀ® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 4879 bytes
  • 3 Contributors
  • 5 Replies
  • 166 Views
  • 3 Days Discussion Span
  • Latest Post Latest Post by jbennet

Recommended Answers

All 5 Replies

Member Avatar for crunchie

Log is clean :). Online scan at kaspersky may reveal something.

Member Avatar for jbennet

Nope. Its wierd, it even seems to do it in safe mode.

Will try and roll back to IE7 and see what happens

Member Avatar for badage1988

ya basically your log is clean. you even activate teatimer under spybot search n destroy there wont be much problem. maybe you need to monitor further

Member Avatar for jbennet

Hmm it seems to be extremely slow whenever there is network traffic (e.g when downloading a file, i get mouse lag)

I have it set up so its as a developer box, i changed the settings so that it will give priority to user apps instead of background services, and prioritise user network traffic vs that of sql server etc.... (usually this is the case with windows server) so i dont see why this is happening....

Im gonna remove ZoneAlarm and Spybot and see what happens. Btw, i solved the taskeng slowness. I found a site (msdn blog) where a guy had a similar issue. The defauly firewall setup on server 2008 blocks IE RSS sync and each time it fails it spawns a new process to try again leading to crash. Its a shame MS let this bug into the RTM version of a server OS.

Member Avatar for jbennet

Yeah, seems zonealarm doesnt like the network stack on Server 2008 (wierd because its basically a tweaked vista sp1, they use the same codebase)

zonealarm was making everything slow

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.