Slashdot Mirror

Download tools from SysInternals.
Autoruns will list everything that gets started. Check that out for unnecessary entries.
Process explorer will show all running processes and exactly where cpu time is spent, down to the thread, with stack information.
Filemon can show all disk activity down to the lowest level; even writes to the file table.
There are many others, try them out.

As for stuff that already comes with Windows:
Look at the Event Viewer; what is causing the crashes? Is it a specific driver that could be replaced/upgraded? Include bus drivers listed under system devices. Ignore driver signing; there are bad signed drivers and good unsigned drivers out there. Generic drivers will be more stable but might be slower.
In XP, run verifier.exe to run some extra checks on drivers (restart requried) to help identify problems. Using the checked build of the kernel can also be quite useful, if you know any kernel debugging. If possible, buy hardware from vendors that write quality drivers. (sounds like Linux; buy hardware for the software support.)

Run spybot/adaware to rid the computer of spyware, and institute protection from future infection by running IE and the shell as a lesser user. Runas, psexec, and SUD can help with this.

Otherwise, try to figure out when and how the computer is slow. Is the hard drive running all the time? Mabye the computer is low on memory and it's time to stop some unnecessary services? Is it CPU usage caused by some rogue process that you can track down with Process Explorer?

Black Viper is a good resource for windows services configuration.

Also if I would have an iPod, I would not have the thing connected to my PC every time I use my PC, so the processes would use resources that I can use for something else when they are not needed. My personal project is always to disable all services I do not need when installing a new PC (I use black viper as my reference). And to add to the grandparent post, the memory usage displayed in the taskmanager are not the real memory usage or at least not for all processes. I mean to say that the sum of all Mem Usage or VM Size does not add up to the commit charge.

windows services

My guess is Routing and Remote Access, which along with the alarming Remote Registry Service, should be one of the things you turn off by default on a new install. No different from turning off all the crap that is installed on a typical default Linux installation.

• call BS. On my family's XP box (a P4@2.6 GHz) it takes about 20 seconds from the "login" screen to when icons actually appear on the desktop

You want WindowsXP lite? Jeebus, save me I'm giving XP tips on /.

I found this site one time (in band camp) and it's made me tolerate WindozeXP ever since.

The site (listed above) is way too complex, so the summary is this -- create another "Hardware Profile" then when you go into Services, click on the "Log On" tab under "Properties" for each service, and disable just about everything except RPC and Server for your new profile. Then on bootup you'll see nifty new boot profile with no damage to registry or real changes to system. And when you need to let M$ remotely log into your computer or spread viruses or take part in the latest worm... you can reboot into original HW profile.

My $0.02 on the whole worm thing is that 100% of the blame goes to M$ and not the average user (also all of the Outlook script problems in the past). M$ by DEFAULT ships with stupid crap turned on. It's hard for *me* to know how / what to turn off, let alone what a Service is, let alone what Services are running. DID YOU FORGET they had to tell people that it is SAFE to turn off the computer!?! And people (including M$) are bitching cause 'users need to patch their computers'. Car makers have millions of recalls and people don't pay attention to those and their lives are at risk! (Granted, computer user's lives might be somewhat more valuable than the average Ford driver's) [1 in 2 American homes has a computer --- 1 in 7 American males are currently in prison --- 1 in 100 Americans are mentally ill or retarded --- No actual facts we harmed or used in the formation of this sentence]

This site is good too: http://blackviper.com/

The Messenger service sends and recieves messages not using the NetBIOS protocol, but RPC. Therefore, you need to block port 135 to stop the messenger.

As many others have said, you could also just turn the service off. I haven't seen anyone mention Black Viper as a resource for explaining what could be shut off and how to do it.

Don't know if I agree. The main reason for using XP vs. 2000, IMHO, is ClearType font smoothing technology. I also like that you have a little more control in XP - you can turn off a bunch of unnecessary crap via MyComputer->Properties->Advanced->Performanc e - and also follow Black Viper's recommendations for enhancing XP's performance. I'm using this across the board (particularly on VPC 6.01 on OS X).

Better yet, go through the entire hardening process of disabling Alerter, Messenger, Server, Print Spooler (unless necessary), Indexing Service, Uninterruptible Power Supply, Telnet, Universal Plug and Play, Fax Service, Network DDE, QoS RSVP, Remote Registry Service, and whatever else you don't need.

(Those listed above tend not to be useful for 90% of users out there)

Then change the password policies, login audit policies, and a whole mesh of other things :)


Windows 2000 Professional and Server Services Configuration 411