[vox-tech] [OT] Windows Question for Relative

Karsten M. Self kmself at ix.netcom.com
Sun May 8 17:47:14 PDT 2005 

A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing on usenet and in e-mail?

For clarity and to support conversational discussion style, please use
bottom-posting format:  your reply goes below the material cited.  Trim
your quotes appropriately and ensure your attributions are accurate.  

See: 

    http://www.catb.org/~esr/jargon/html/email-style.html
    http://www.faqs.org/rfcs/rfc1855.html
    http://mailformat.dan.info/quoting/top-posting.html

Thank you.

on Sun, May 08, 2005 at 12:58:34PM -0700, tech_dev(Alex Mandel) (tech_dev at wildintellect.com) wrote:

> Bob Scofield wrote:

> > My sister has a relatively new (one year or so) Dell computer
> > running XP.  It has always run very slowly.  I've made some
> > suggestions which have not worked, such as running Spybot.  I think
> > she's defragged.  I think she's cleaned up with Norton Clean Sweep. 

IME, defragging generally provides a minimal (if any) performance
benefit, unless things are *really* bad.  It's not a bad step, but it's
rarely much of a gain.

> > I'm going up to her house in Eureka next weekend and she's asked me
> > to try to look into the problem.  The only thing I can think of is
> > to see if she's got some memory resident programs that I can close
> > down.  Other than that my recommendation is for her to take it into
> > a computer repair shop.

My own exceptionally eye-opening exposure to how utterly fscked legacy
MS Windows system security is these days was a 9 months stint running a
computer lab at a youth center.  Managed to get an NY Times mention out
of it, also posted my own more technical response to the article:

    http://www.nytimes.com/2004/09/19/business/yourmoney/19gator.html?pagewanted=all

    http://kmself.home.netcom.com/Rants/spyware.html



Two words:  adware & spyware.

I've seen a grand total of _one_ Internet-connected XP box that wasn't
festering with this stuff.  A typical AdAware scan turns up 300-500
"objects" (mostly cookies), but includes a few noxious processes.  Worst
scans to date have turned up 1650+ objects, 20+ processes, and multiple
viruses.  These slow down systems, make them unstable, and in one
notable case, led to a Loss Of Magick Smoke from the power supply.

I've created a disk image I use for myself, which unfortunately due to
restrictions on most of the tools detailed, I can't share, or apparently
even discuss in full, though general guidelines are mentioned here:

    http://twiki.iwethey.org/Main/WindowsRescueDisk

Basically, it includes:

  - WinXP SP2

  - AdAware & SpyBot Search-and-Destroy

  - Microsoft Baseline Security Analyzer.  For Win2K/XP/2003
  
        A tool designed for the IT Professional that helps with the
        assessment phase of an overall security management strategy.
        MBSA Version 1.2.1 includes a graphical and command line
        interface that can perform local or remote scans of legacy MS
        Windows systems.

    Find it at:
       
        http://www.microsoft.com/technet/Security/tools/default.mspx

  - ClamWin (http://www.clamwin.com/), the Win32 port of the Free
    Software ClamAV package.  While it doesn't support virus removal or
    on-access scanning, it is free, up-to-date, and pretty effective.

  - Sophos has extensive documentation and removal tools at

        http://www.sophos.com/virusinfo/topten/

    ...and thereabouts.


> > Does anyone have any other ideas of things I can look into?  

Memory.  128 is an absolute bare minimum.  I'd recommend 384+ and 512 is
probably better.  

Actually, I'd recommend Ubuntu GNU/Linux.

    http://www.ubuntulinux.com/


> > Is there any reason to think that reformatting and reinstalling
> > would help?  (I'll take my SuSE 9.2 CD's up there just in case.)

Wipe & reinstall will take you to a baseline.  As others have said:

  - Vendor OEM disks are full of useless crap.

  - Time-to-infect is as low as 15 seconds.  On dialup.

There's a reason my rescue kit includes XPSP2.


If you're comfortable supporting SuSE, go with it.  I've long used
Debian and find that Ubuntu is a really good fit for newbies.


> Here's a few things to check,
> 
> You're on the right track with background services
> Access them by Start->run->services.msc

> ,as well as background programs that launch at startup
> Start->run->msconfig
> and Start->Programs->Startup Folder

Agreed to both, particularly msconfig.  Specific IIRC to WinXP, possibly
Win2K as well.
 
> http://www.pcpitstop.com/spycheck/SWList.asp
> Lists most of the windows programs as seen in the Task Manager 
> (Ctrl-Alt-Del) so you know whats important, whats not and whats spyware.

That and "HijackThis", which lists processes from many user systems, a
good place to try to figure out what's what.

Incidentally, this is a place where GNU/Linux shines.

Under legacy MS Windows, there is AFAIU no way to determine which system
binary is running for a given process.

Under Linux, you'll find this as the target for the symlink /proc/<pid>/exe

You can then determine if that file is or isn't sane.

 
> How much Ram does she have, a base WinXP with anitvirus running eats at 
> least 150MB all the time, with excessive stuff turned off. I recommend a 
> min of 256mb but realistically nothing less than 512mb.

Agreed.
 
> Also check the she has enough swap space, I usually set it at the same 
> as ram - twice the ram.
> My Computer->Advanced->Performance->Advanced->Virtual Memory

This won't affect performance of itself, though it will allow the system
to run (or walk) when a lot of stuff is hitting RAM.  My understanding
of legacy MS Windows' VM management is that it's decidedly suboptimal
from a performance standpoint.
 
> I doubt there's anything a computer shop could do other than run a 
> better defrag program and compact the registry.

I'd bring along Knoppix and try the following:

  - What's the CPU speed?  /proc/cpuinfo.

  - How much memory?       'free'

  - What's hard drive performance?

       hdparm /dev/hda      # show Knoppix's autoconfigured settings.

       hdparm -tT /dev/hda  # test actual performance.

   The critical value is the second number, buffered disk reads.  Good
   values are in the 10 - 50+ MiB/s range.  Anything < 1 MiB/s indicates
   a pathalogically slow drive.  I got *massive* system performance
   boosts by swapping out a disk getting ~150 KiB/s (yes, kilobytes) for
   one hitting 60-80 MiB/s.


I don't know how to apply drive tuning parameters under XP, but the
system should be using DMA at the least.


Another trick is to boot safe mode and compare performance.  If it's
notably snappier, check RAM usage and running programs.

    

> The other thing to think about although this is nit picky is to look
> at the case cooling situation. Dell is very bad about this. You can
> download a free program(for home use) called Everest to check the ram
> performance and CPU temp.

Cooling won't affect performance.  It will affect component longevity.
 
> Last tip, move files out of her profile, especially the desktop to 
> increase the boot up speed.

Not a factor on Workstation / Workgroup boot.  Matters in Domain boots.
WinXP Home Edition *CANNOT* do a domain boot.


Peace.

-- 
Karsten M. Self <kmself at ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
   The golden rule of technical design:  complexity is the enemy.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://ns1.livepenguin.com/pipermail/vox-tech/attachments/20050508/f2fde733/attachment.bin

More information about the vox-tech mailing list