Connecting to server via remotedesktop and shared folders extremely slow and most times locks up

Posted on 2008-10-08
Last Modified: 2013-11-21
Good Afternoon,

I have been trying to find a solution on my own for this problem for awhile now. The problem is from any machine i have tried (XP-Sp2) Remote Desktop into the server is extremely slow logging in and launching applicatios, also browsing the shared folders or even the \\servername\c$ administrative share is extremely slow and most often then not locks up about two or three folders off the root. I have tried pinging from the server and the workstation that works fine. The server can browse other computers no problem and when sitting at the computer no slowness occurs in browsing local files or shared files on other servers. Any help or suggestions would be greatly appreciated.
Question by:thatwaseasy
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 7
  • 3

Expert Comment

ID: 22673053
are you running over a vpn? if so.. the line / connection it slow somewhere.. possibly the upload speed at the server end (rather than your download speed).
if you're local to the machine.. well.. the only thing I can think of quicly is if something like VNC's running at the same time.. that causes those symptoms.. unless someone else if using it or you're getting DoS attacks from the internet (if it's remote)
hope this helps!

Expert Comment

ID: 22674113
are you sure your running at 100MB/s or 1G/s full duplex, on network cards an switches, this may cause some problems if you use autosense. remember if you set full duplex on your cards, set too on your switch


Author Comment

ID: 22678294
All my switches are auto sense, it is 100mb network. I can connect fine to other servers all patched into the same switch and browse network files on other serves no problem. It is not over VPN it is local. The servers are connected into the same 48 port switch that my workstation is.
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now


Expert Comment

ID: 22678744
well, other elements to check are DNS, wins, and of course run process explorer to indentify what proccess are runnning and TCPview to see witch connections are in use, may be one is causing wait or consuming your widthband

Author Comment

ID: 22681429
I created a static entry in the wins server, checked to make sure an A record existed in the DNS server, ran the two tools you suggested on the problem server and two good ones of the same make model and specs and nothing out of the oridinary was being tracked....any other ideas?

Expert Comment

ID: 22681626
is the firewall or antivirus active, try  to turn off| (if is microsoft) or uninstall (any other :mcafee, symantec, etc), put a program like netboy to see if is something using the network, sometimes multicast cause problems in comunication. one way to test -it have you tried to see your shares from the same server, it use always tcpip but don´t use the switch. if is still slow is something in the tcpip (reinstall -it) or any other element in comunication (NIC drivers, antivirus, firewall)

Expert Comment

ID: 22688449
I assume it's not DNS.. as you can connect OK in the first place.. so it HAS to be either a network latency problem .. server lan card driver problem.. or a dodgy switch.. conflicting software or something like that.

Did you confirm that you don't have VNC running?
Is there any chance MalWare has made it's way onto the machine?

Is the server appears 100% OK when browsing the net from the console?

What happens when you try to ping the server from the command line on your machine?
ping servername (or IP address) -t

have a look at Task Manager and add in the columns for IO, Virtual Memory, Page faults etc.. post those back here too. If you like, you can use 'tasklist' from the command line to list what processes are  running.

post a selection of ping, talklist and other results back here please.

Author Comment

ID: 22689181
VNC is not running on this server. I have sy mantec endpoint protection on this machine with the latest updates and i did do a full system scan.
When I am connected to the console everything runs fine no problems whatsoever.
Ping Results:
Reply from bytes=32 time<1ms TTL=128
Reply from bytes=32 time<1ms TTL=128
Reply from bytes=32 time<1ms TTL=128
Reply from bytes=32 time<1ms TTL=128
Reply from bytes=32 time<1ms TTL=128
Reply from bytes=32 time<1ms TTL=128
Reply from bytes=32 time<1ms TTL=128
Reply from bytes=32 time<1ms TTL=128
Reply from bytes=32 time<1ms TTL=128
Tasklist Results:
Image Name                     PID Session Name        Session#    Mem Usage
========================= ======== ================ =========== ============
System Idle Process              0 Console                    0         24 K
System                           4 Console                    0        252 K
smss.exe                       424 Console                    0        660 K
csrss.exe                      476 Console                    0      6,156 K
winlogon.exe                   504 Console                    0     10,688 K
services.exe                   552 Console                    0      8,532 K
lsass.exe                      564 Console                    0     21,648 K
svchost.exe                    724 Console                    0      4,512 K
svchost.exe                    808 Console                    0      6,224 K
Smc.exe                        880 Console                    0      7,384 K
svchost.exe                    904 Console                    0      8,068 K
svchost.exe                    940 Console                    0      5,228 K
svchost.exe                    988 Console                    0     34,080 K
ccSvcHst.exe                  1068 Console                    0      2,772 K
spoolsv.exe                   1548 Console                    0      7,988 K
msdtc.exe                     1576 Console                    0      7,188 K
dbsrv9.exe                    1688 Console                    0     77,492 K
BackupAgent.exe               1760 Console                    0     50,500 K
BackupUpdater.exe             1784 Console                    0     17,848 K
ctnetsvc.exe                  1820 Console                    0     13,320 K
svchost.exe                   1972 Console                    0      3,744 K
inetinfo.exe                   336 Console                    0     14,116 K
ngserver.exe                  2212 Console                    0     16,952 K
svchost.exe                   2248 Console                    0      2,396 K
snmp.exe                      2276 Console                    0      9,488 K
sqlbrowser.exe                2336 Console                    0      3,980 K
sqlwriter.exe                 2400 Console                    0     12,100 K
Rtvscan.exe                   2420 Console                    0      3,300 K
svchost.exe                   2696 Console                    0     17,084 K
SemSvc.exe                    2984 Console                    0    137,664 K
w3wp.exe                      3180 Console                    0     65,748 K
wmiprvse.exe                  4776 Console                    0      8,112 K
svchost.exe                   4996 Console                    0      7,280 K
svchost.exe                   5028 Console                    0      5,900 K
dbserv.exe                    3772 Console                    0        660 K
rteng9.exe                    3804 Console                    0     11,036 K
ctfmon.exe                    4788 Console                    0      4,372 K
ctfmon.exe                    5292 Console                    0      3,836 K
ngtray.exe                    3904 Console                    0        848 K
jusched.exe                   4808 Console                    0      4,512 K
BackupStatusIcon.exe          2116 Console                    0     25,252 K
ccApp.exe                     6032 Console                    0        684 K
explorer.exe                  3780 Console                    0     17,432 K
SmcGui.exe                    3820 Console                    0      4,176 K
ProtectionUtilSurrogate.e     4328 Console                    0     13,084 K
sqlservr.exe                  5524 Console                    0    132,164 K
pvlsvr.exe                    4136 Console                    0     22,116 K
SNAC64.EXE                    5168 Console                    0      1,300 K
beserver.exe                  2168 Console                    0    111,712 K
beremote.exe                  3172 Console                    0     47,340 K
bengine.exe                   3656 Console                    0     33,720 K
benetns.exe                   4036 Console                    0     11,840 K
DLOAdminSvcu.exe              3540 Console                    0     91,304 K
dlomaintsvcu.exe              3284 Console                    0      6,780 K
SymDB.exe                     5272 Console                    0      9,848 K
csrss.exe                     6260 RDP-Tcp#69                 2      5,264 K
winlogon.exe                  3608 RDP-Tcp#69                 2      4,428 K
rdpclip.exe                   2528 RDP-Tcp#69                 2      1,628 K
explorer.exe                  5180 RDP-Tcp#69                 2      7,976 K
ctfmon.exe                    5984 RDP-Tcp#69                 2        556 K
ctfmon.exe                    6720 RDP-Tcp#69                 2        784 K
ngtray.exe                    2652 RDP-Tcp#69                 2        840 K
jusched.exe                   6664 RDP-Tcp#69                 2        112 K
BackupStatusIcon.exe          1716 RDP-Tcp#69                 2      7,332 K
ccApp.exe                     5892 RDP-Tcp#69                 2        636 K
iexplore.exe                  1112 RDP-Tcp#69                 2      4,868 K
BkupExec.exe                  5660 Console                    0    119,120 K
DLOConsoleu.exe               6788 Console                    0     48,956 K
logon.scr                     6176 Console                    0      3,044 K
LUALL.EXE                      732 Console                    0      8,644 K
LUCOMS~1.EXE                  5132 Console                    0     17,492 K
LuCallbackProxy.exe           5304 Console                    0      2,124 K
LuCallbackProxy.exe           7040 Console                    0      1,956 K
LuCallbackProxy.exe           6852 Console                    0      1,952 K
LuCallbackProxy.exe           3800 Console                    0      2,052 K
LuCallbackProxy.exe           5592 Console                    0      2,048 K
LuCallbackProxy.exe           7016 Console                    0      2,040 K
LuCallbackProxy.exe           4960 Console                    0      2,044 K
cmd.exe                       6864 RDP-Tcp#69                 2      2,568 K
tasklist.exe                  7140 RDP-Tcp#69                 2      5,528 K
wmiprvse.exe                  5184 Console                    0      7,596 K
I attached two screenshots of the task manager.
Thank you for taking the time to look at all of this.


Expert Comment

ID: 22689900
very briefly, I'm not sure if it's the cause of your current problem, but I'd consider checking to see if there are any updates to Symantec..I'm surprised mdef25builder has so high page fault delta and sinimarly, ngserver.. it's getting late here in the UK, so I'll take more of a look tomorrow.

Expert Comment

ID: 22700861
The last point's worth making.. has the server always been like this (is it a new build), or has it only recently started happening?
I have to confess that I've no idea what BackupStatusIcon.exe is, but, other than that.. no particular problems I've noticed here. However.. it's ALWAYS worth suspecting something like Symantec.. by virtue of the sheer number of processes it's running and the resources it's taking.. as well as it's pivotal role in all  network, there are a few reported issues of Endpoint Protection causing something similar, so I wonder if it's possible for you to:
1) see if there are updates available for it
2) temporarily remove it to see if it's the problem

Separately... **so you could do this first**, check Windows Update for any Optional Hardware driver updates.. i.e. LAN cards etc etc as, again.. it could well be a driver issue causing sluggish network performance.. or.. a failing network card or cable.. I assume you've tried swapping cables and ports etc,

Author Comment

ID: 22712891
It is a new build but was working fine for a long time before this started happening. I would not be surprised if it was Endpoint either, it causes a lot of funkiness.  
I ran the updates, symantec and windows. and i have tried switching out the ports.
Thanks for taking the time to look at this.

Expert Comment

ID: 22714274
Hmm... that's not promising.
1) *what's the exact version of endpoint you're running? I *think* you may have to check manually to see if there's an updated program file rather than updates to your existing verision.
2) Is there any other software running on there you can think of which may conflict.. or even hardware.. maybe a Remote ILO board or something..
3) if you have an HP or other big name server, please could you run the diagnostics on the LAN card which come with it? Intel / HP server drivers etc should be able to tell you the state of the LAN card including the noise on the line, attenuation, cable length etc.
4) Do you have managed switches you could take a look at the media state with?
5) Try pining with bigger data packets both to and from the machine "ping server/pc -l: 65500 -t" to see what response you get... it just loads the lan card up a little .. if 65500's a problem, try 32000 or something like that (ctrl+c to stop the ping -t BTW)
6) exactly how're things connected? how many PCs? switch or hub (exact models).. I'm wondering if there are collisions or multiple routes on your network causing the problem
7) how's PC > PC (rather than PC>server) comms? i.e. open a share or Remote Desktop Connection on another XP Pro machine..

sorry there's lots here to try, but you've got *that* sort of problem I think

Author Comment

ID: 22744870
I think i may have fixed it a little bit. I had the firewall turned off, i turned it back on and added exceptions for print sharing and remote desktop and it seems to be working a lot better, not perfect but definitely a huge improvement.
1)Symantec Endpoint protection 11.0.2
2)The only optional board that i put in was a SCSI card but this was happening before i installed that. Other software includes backupexec and ghost. I have shut down all their services and tried with the same problem.
4) They are not managed switches, the one the server is connected to is a 48+2 3com gigabit swithc. 13C6476 is the model number.
5) I could not get the ping to go through with anything greater then 2000. I am guess that is a problem?
7) Comms to the pc and other servers connected in the switches work fine.

Expert Comment

ID: 22755986
That's odd... either the firewall would block it or it wouldn't..
1) There's at least one upgrade available as I've found release noted for 10.0.3.
I'd certainly apply it if it were my server.
2) I doubt that'd cause any of the symptoms (if it were, I'd expect local server performance to be poor).
3) Any joy finding LAN card diagnostics? It's worth doing (after you've done symantec if that doesn't fix it).
4) Switches.. OK, no trouble as we can't use them to troubleshoot
5) Ethernet supports 1500bytes as standard, so I believe it means your lan card or switch doesn't support large packets. Not necessarily a problem. I'll do some research.
7) OK, so it's not the switch and, if you've swapped the port the server is in, it's not that individial port

see how you get on with Symantec and diagnostics.

Accepted Solution

chops_uk earned 500 total points
ID: 22757413
I wonder if there's some extraordinary load or bottleneck going on at your server's NIC or switch port?
Could you confirm the switch model as I've not been able to find a reference to the model number you gave..

ref 5) .. as I mentioned, Ethernet's MTU is 1500. Most Gb switches can handle jumbo frames, otherwise it should be fragmented... You said that your switch is 48+2 .. it sounds like the core chassis is therefore 48 ports of 100Mbps with 2 x gigabit.   How are you using these.. one for the Server, one for uplink to another switch?  If not, I wonder if this is where a network bottleneck lies, hence my previous q6).. unless there's a 'loop' created somewhere if you have multiple switches?

If there's no response, it probably means that the fragmented packets are being dropped by a firewall (i.e. symantec) as a measure against DoS attacks such as Ping of Death.. although I doubt this needs to be done internally.. are the client computer and server both on the same ip address range and is the firewall set to trust the entire network range?


Author Comment

ID: 22769826
Sorry for the delay was a at a conference for the last two days. I am going to install the updates that you send over.
The switch is a 48 + 2 the server is connected into one of the giga bit upliks along with the uplinkg between the other switch. 3c16746 super stack 3.

Author Closing Comment

ID: 31504423
Thanks for all your time and effort. I think there was some kind of bottleneck happening at the switch level, I took a crappy Linksys 8 port gigabit swtich and plugged an uplink and the server in to that then tried to connect to it remote desktop and it worked fine as well as browsing the directory tree from another computer. I think there is something funky with the switch so I will have to investigate that further.

Expert Comment

ID: 22821277
I am SO happy it's sorted.. it was bugging me :)

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question