Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Change Admin To Limited, Windows Crawls


  • Please log in to reply
6 replies to this topic

#1 davec1000

davec1000

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 28 October 2005 - 08:06 AM

I got unlazy the other day and changed the acct. I normally use from an admin acct. to a limited acct. As soon as I logged back into the acct. the machine (Sony Vaio running XP Home, SP 2) slowed to a crawl, with CPU utilization around 100%. When I logged off, changed the acct back to full privileges and logged back on the acct performed normally. I'm wondering what could cause this, and my wondering does not suggest anything good. Could there be some malware eating cpu cycles in the limited account? I normally run Zone Alarm and PC-cillin on this machine, as well as Spybot and Ad Aware about once a week. Process Guard free version is running (a late addition, however) and I run Root Kit Revealer about once a month (don't know that I have the chops to make an informed decision from the info it gives me, though.) Any ideas? Thanks

BC AdBot (Login to Remove)

 


#2 franktiii

franktiii

  • Members
  • 309 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 28 October 2005 - 02:16 PM

try opening taskmanager, ctrl/alt/del, then click on the task manager tab and look at processes that are running when it is a limited account and compare it to when it is an administrator account, see if there are any programs that are running in one and not the other or using more resources.

It may be a virus or spyware, but it looks like you are doing a pretty good job scanning for problems.

The other possibility is some program is unhappy with limited rights. I have noticed that as security gets cranked up in xp, many programs want to run as administrator.

#3 davec1000

davec1000
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 07 November 2005 - 12:38 AM

Here's a follow-up if anyone is still reading this thread. Sorry it took so long.
I watched the processes in both admin and limited and noted that vsmon.exe was taking up 99% of CPU cycles in the limited account. Vsmon is part of Zone Alarm and when I shut it down, voila! everything sped up. Things get worse, however. I realized tha ZA was not updating the way it should and my version was very old, so I did it manually, which screwed up ZA and my network. I am now supposedly connected to the network, but cannot even ping the router. I'm still working on this one.

#4 Rimmer

Rimmer

  • Members
  • 2,159 posts
  • OFFLINE
  •  
  • Location:near Sydney, Australia
  • Local time:10:23 AM

Posted 07 November 2005 - 02:12 AM

I'd do a System Restore back to before you manually updated Zone Alarm, then uninstall the original ZA and freshly install the latest version. Some firewalls are better behaved in particular circumstances than others you might want to try some other free firewalls from here Recommended Freeware.

You do only have ONE firewall running, right?
:thumbsup:

Soltek QBIC, Pentium 4 3.0GHz, 512MB RAM, 200GB SATA HDD, ATI Radeon 9600XT 256MB, Netgear 54Mb/s WAP, ridiculously expensive Satellite Broadband
Windows XP Home SP2, Trend Micro Internet Security, Firefox, Thunderbird, AdAwareSE, Spybot S&D, SpywareBlaster, A-squared Free, Ewido Security Suite.

#5 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:08:23 PM

Posted 07 November 2005 - 07:53 AM

I don't like the ZA firewall because of problems that I had several years ago with my system then. Now, I keep hearing stories about current problems with ZA - I'm wondering if "It's Deja-Vu all over again!"

I switched to Sygate Personal Firewall back then and haven't looked back.

If the uninstall doesn't fix it (as I recall, it may leave some stuff on your system when it's uninstalled), you may have to reinstall using a program like Total Uninstall to monitor it - then use Total Uninstall to remove it - and then use the Total Uninstall log to find and delete the files that couldn't be deleted automatically.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#6 davec1000

davec1000
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 07 November 2005 - 08:23 AM

Thanks for the System Restore and Total Uninstall ideas. I should have thought of System Restore and I'll try that first. I only had the one firewall running. Steve Gibson seems to think if you have a router and Windows firewall you don't really need anything else, although I would worry about outbound traffic. What do you think? I'll look into the Sygate and the freeware options as well.

#7 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:08:23 PM

Posted 07 November 2005 - 09:59 AM

Well, if you do everything the way that you're supposed to - supposedly the Windows Firewall will protect you.

But, are you willing to take that chance? Or, do want the added security of knowing what's leaving your system? That's what I use a software firewall for. It doesn't get hit often - but when it does, it's a life saver (and it also serves as notice that some "baddy" got into my system - prompting me to get rid of it).
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users