Vista thinking too much

Recently I had a problem with Vista. It would be accessing the hard drive and using CPU time, bogging down my computer, at times when I was using it myself. I assumed this was some of Vista's "helper" proccesses, such as search indexing, and was quite annoyed that it would be running those sort of things while I was using the computer.

Hypothesis: I strongly suspected Vista itself, running some proccess to "assist" me or something.

Test: I started closely monitering the resource moniter window (new in Vista, and I really like it) for things running when they shouldn't be, hoping through the disk access or proccesser time use that I would be able to catch who was using the resources.

Result: This method worked, but at the same time proved invalid my original hypothesis. I found the proccess that was using resources, actually I caught it in the Network section, but it wasn't a silly Vista helper proccess - it was rundll32.exe. Knowing what I do about rundll32.exe, I knew that the real culprit was adware or spyware. I was having problems with my virus scanner, so I had disabled it previously. I now went back to there website, and found out that for some reason they had changed the 64bit version from 3.0 back to 2.7, perhaps the 3.0 wasn't working on 64bit and that's why the spyware or adware had gotten through in the first place, and why it was giving me problems before.

I uninstalled the antivirus version 3.0, installed the newly downloaded version 2.7, and ran a scan. It quickly found several infections of an adware program, in memory and on disk. It made the necessary fixes and I restarted. Now I have a running antivirus / spyware and adware remover and I haven't had any problems since.

Conclusion: If your Vista seems to be accessing the hard drive or using the internet more than it should be, you most likely have spyware or adware. You can access the resource moniter by pressing Ctrl-Shift-Esc, going to the Performance tab, and clicking the Resource Moniter button partway down the page. If a rundll32.exe proccess accesses the hard disk or more particularly the internet, it's almost certain. rundll32.exe is very often used by viruses, adware, and spyware to hide under a seemingly legitimate proccess. Keep in mind however that rundll32.exe is in fact a Windows proccess and is used by legitimate programs at times, including windows itself.

Also, if you are using the same antivirus that I am (ESET NOD32, see a previous blog) under a 64-bit environment, make sure you are using 2.7 and not 3.0, at least as of this writing.

Here's a page explaining in greater detail the Resource Moniter and it's uses. It's a pretty good article.

http://articles.techrepublic.com.com/5100-10878_11-6121730.html

ESET NOD32

ESET NOD32 is my new favorite antivirus. It is comparativly small and fast, using few system resources, and works on any Windows OS, including 64-bit. My last antivirus I had to stop using as they did not support 64-bit operating systems. NOD32 is always up-to-date, as any worthwhile antivirus, and includes a variety of security options such as email scanning, http scanning, real-time scanning, and a thorough on-demand scanner. ESET also offers many other security products for home and business.

ESET Home: http://www.eset.com/

Sounds a bit like an ad, but really I just like them.

Troubleshooting Lab

Initially I could not log onto the John Smith account, Vista said the username or password was incorrect.

Hypothises: Since I was not typing in the username, I knew it had to be the password. I logged in as administrator and changed the password for John Smith.

Solution: After changing the password I could log in as John Smith.

After running the second script, I tried to edit the file and was denied access: Vista said the file could not be created.

Hypothises: Folder permissions might be denying John Smith access.

Attempt #1: I logged in as administrator and added the "Users" group to folder permissions and gave the group full access.

Going back to John Smith, I was still unable to edit the file, so the access permissions did not solve the problem.

Attempt #2: The only other reason I know why I wouldn't be able to change a file is if it was read-only.

I checked the attributes and the fale was read only. After turning that off, I was able to edit and save the file.

I thought at first that it was a combination of the two that had fixed it, the folder permissions and the read-only, so I went back to Administrator and undid the permissions changes. After logging back on as John Smith however, I was still able to edit the file, so it was only the read-only attribute that was preventing me from saving it.

Solution: I just had to turn off the read-only attrubute. I was overthinking the problem.

Creating multiple users in Vista

In many cases there are times when you might want to use some automaitc method to create many user accounts at once rather than creating each user by hand. The example I found on the Internet cited adding new students into a computer system each semester.

Hypothises

This should be possible with a script. Almost everything can be scripted.

I found a place online that describes this proccess:
http://szone.berlinwall.org/NetAdmin/BulkUserCreationSmall

I have not yet tested this, but will update this page when I do.