FAQ of the Software/Operating Systems section

Discussion in 'Operating Systems' started by Animatrix, Oct 12, 2005.

  1. Animatrix

    Animatrix Ancient Guru

    Messages:
    6,836
    Likes Received:
    4
    GPU:
    BFG 8800GT OC2 512
    Guru3d FAQ Software and Operating Systems section. If you have a problem or question have a look here first, you never know.

    If you are new here at Guru3d.com please do start by reading The be-all of announcements

    Please feel free to comment and contribute.


    Part 1

    Operating System
    Page file/Swap file/Virtual Memory
    Memory related topics
    XP Services: Links for services guides
    Multi-booting/dual-booting
    File system
    SP2 slipstream guide/ nLite Guide / Unattended CD's / Customization
    Microsoft Windows 64-bit: Devices, drivers and software
    Miscellaneous questions and problems
    Troubleshooting help

    [post=1449374]Part 2[/post]

    Error Reporting and Dr. Watson
    Windows shutdown problems
    Hard Disk, File system, Data corruption
    Disk space
    Moving a Windows installation to different hardware
    Moving Windows to a new hard disk
    Installing Windows without using a CD/DVD
    Install issues
    Manually Installing device drivers under XP
    Uninstall issues
    Program and process control
    Run Commands and Hotkeys

    [post=1449607]Part 3[/post]

    Security, Privacy, Virus and Spyware Help

    [post=1451629]Part 4[/post]

    Programs
    Miscellaneous stuff
    Tweaks

    [post=1451631]Part 5[/post]

    Information on various Tweaks




    Operating System:


    Page file/Swap file/Virtual Memory:

    Windows Swap/Page File Defined
    Virtual Memory Optimization Guide Rev. 4.1!
    How to determine the appropriate page file size for 64-bit versions of Windows Server 2003 or Windows XP
    RAM, Virtual Memory, PageFile and all that stuff
    How to overcome the 4,095 MB paging file size limit in Windows
    Understanding Virtual Memory
    How to configure paging files for optimization and recovery in Windows XP
    The Memory-Optimization Hoax (reg required), (web.archive version is dead)
    Inside Memory Management, Part 1 (reg required), (web.archive version is dead)
    Inside Windows 2000 (Module 8-3, Physical Memory Management)
    Virtual Memory in Windows XP
    Paging File Considerations for Windows NT (and family)
    Index of Virtual Memory Terms (old stuff)
    Guru3d thread: Virtual memory

    Guru3d thread: PF Usage graph

    forums.anandtech: Performance-oriented Windows tweaking


    Memory related topics:

    Virtual Address Space
    Memory Limits for Windows Releases

    Managing Virtual Memory in Win32
    Large Memory Support
    A description of the 4 GB RAM Tuning feature and the Physical Address Extension switch
    /3GB, /PAE, AWE what??? (basic)
    Summary of the recent spate of /3GB articles
    Comment on Virtual/Physical/Processor address space
    Guru3d thread: Memory leaks

    XP Services: Links for services guides:

    MS: Default settings for services
    Service overview and network port requirements for the Windows Server system
    Windows XP Services Default Settings Guide
    theeldergeek: services guide
    blackviper: services guide
    Services overview
    To enable or disable a service for a hardware profile
    Create or Delete A Service in Windows XP
    How to delay loading of specific services
    SC (Service Controller)

    Multibooting

    The definitive dual-booting guide: Windows 7, Linux, Vista and XP step-by-step

    Dual-Boot Centre
    Understanding the Multiboot Process
    Understanding MultiBooting

    Boot.ini

    How to edit the Boot.ini file in Windows XP
    How to Use and Edit Boot.ini in Windows XP
    How Do I remove An Invalid Boot Path From The Boot Ini File

    BCD

    Boot Configuration Data Editor Frequently Asked Questions
    BCD Boot Options Reference
    How to use the Bootrec.exe tool in the Windows Recovery Environment to troubleshoot and repair startup issues in Windows Vista

    Third party BCD editor

    EasyBCD
    EasyBCD Documentation
    EasyBCD forum sticky

    *nix

    Booting and Boot Managers
    Booting Linux from Windows' Boot Manager
    Ubuntu Linux / Windows Dual Boot Instructional Video
    Ubuntu / Vista dual boot and keeping previous Ubuntu
    SDB:Uninstalling the Boot Manager GRUB from the MBR
    SDB:Uninstalling the Boot Manager LILO from the MBR


    Related information

    Boot Process: Windows Vista vs. Windows XP

    Windows Vista no longer starts after you install an earlier version of the Windows operating system in a dual-boot configuration
    You cannot start Windows XP after you install Windows Vista in a dual-boot configuration together with Windows XP

    The partition that hosts Windows Vista may disappear if you use Windows XP to create a partition on a computer that has both Windows XP and Windows Vista installed, more info Disappearing Partitions

    No restore points are available when you use Windows Vista or Windows Server 2008 in a dual-boot configuration together with an earlier Windows operating system

    Definitions for system volume and boot volume
    How did I get a Boot and System partition?


    File system:


    Guru3d Poll: WindowsXP Users What file system do you use?
    Guru3d: FAT32 or NTFS for gaming

    NTFS vs FAT
    NTFS or FAT32?
    The Default Cluster Size for the NTFS and FAT File Systems
    NTFS Preinstallation and Windows XP
    CONVERTING FAT32 to NTFS


    Slipstream guide/ nLite Guide / Unattended CD's / Customization :

    Google: slipstream+service+pack
    XP SP2 slipstream
    Slipstreaming Windows XP with Service Pack 3
    Vista SP1 Slipstream

    nLite Guide
    msfn.org: nLite
    Complete Beginners Guide to nLite Unattended CD's
    Hotfixes For Windows XP Professional SP2

    Microsoft Windows XP Hotfix Installation and Deployment Guide
    AutoPatcher
    Unattended CD Guide


    Service Pack

    Windows XP Service Pack 2/3 Problem Solver
    Windows xp service pack 2 faqs & best practices
    Windows XP Service Pack 2 Problem Solver


    Microsoft Windows 64-bit: Devices, drivers and software:


    ukgamer.com: Microsoft Windows 64-bit compatibility list
    Windows 64bit Compatibility Guide: Native 64-Bit Software

    Planetamd64.com, Planetamd64 application forum
    Extended64.com, Extended64: Driver Database
    Start64.com

    Guru3d :Windows 64-Bit needs found here


    Miscellaneous frequently asked questions and problems:


    There is no user names in Task manager:

    Enable Terminal services


    Task Manager Menu Bar and Tabs Are Not Visible:

    Double click the frame.


    Reported system memory is less then installed:

    The system memory that is reported in the System Information dialog box in Windows Vista is less than you expect if 4 GB of RAM is installed
    Dude, Where's My 4 Gigabytes of RAM?


    My system idle process is showing very high CPU usage:

    The OS will also issue a HLT command. That is what the CPU cooling programs like Waterfall, Rain and cpuidle (made for the Windows 9x series) was for, as 9x did not issue any HLT commands like XP/2000.

    Windows XP hangs on logo at start up:

    Disabling Event Log service may cause the delay in start up.

    Windows stops loading for about 15 seconds
    WinXP starts up for 10 secs
    windows xp slow shutdown (event log)


    Task Manager, msconfig, regedit issues:

    Task Manager, MSCONFIG, REGEDIT launch issues
    Error Message: "Task Manager has been disabled by your administrator"


    Internet Explorer issues:

    You cannot open a new Internet Explorer window or nothing occurs after you click a link
    Repair Internet Explorer 6
    IEFix - General purpose fix for Internet Explorer


    Windows Media Player troubleshooting and error codes:

    Troubleshooting Windows Media Player 11
    Error Codes for Windows Media Player 11, 10,9
    KB886273: Error code information for Windows Media Player 9 Series
    KB234019: Windows Media Player Invalid File Format Error Message


    Access denied, System Volume Information folder:

    How to gain access to the System Volume Information folder:


    Show hidden files and folders:

    Enable viewing of hidden files and folders:


    You Cannot Change the Read-Only of Folders:

    You Cannot View or Change the Read-Only or System Attribute of Folders


    Windows Update issues:

    Windows Update error codes

    You cannot install some updates or programs
    MS kb: The necessary services are disabled or unavailable
    Cryptographic Service Error

    How to read the Windowsupdate.log file
    Command-line switches for Windows software update packages

    Windows Update Gripes
    Windows Update Fails
    Windows Update Keeps Prompting
    Search on page for "Windows Update"

    The Windows Update Web site and the Microsoft Update Web site do not scan for updates when you repair a failed installation of Windows XP Service Pack 2 or of Windows XP Service Pack 1

    Repaired installations of XP can't be updated; 80 Windows Updates fail to install, more

    You receive an access violation error and the system may appear to become unresponsive when you try to install an update from Windows Update or from Microsoft Update

    Force install Windows Update Agent:

    Use the /wuforce switch Links for the latest Version of the Windows Update Agent



    Undeletable files:

    You cannot delete a file or a folder on an NTFS file system volume

    First you should make sure no program is "using" the file and have it locked/in use. Close all running programs including any processes stuck from programs which has failed to closed correctly, use the Task Manager.

    If the problem is frequent one possibility, other then programs messing up is the Hard Disk. So run a full disk check and get any errors fix. If it's very frequent and you are getting overall file corruption, the Hard Disk may be dying. Simple cable issues may be the problem check the cable connections and the cable itself.


    Technique One: Use a tool

    Unlocker
    Locked Files Wizard
    killbox


    Technique Two: Use Safe Mode

    Boot in safe mode (F8 before Win loads) and delete the file normally or using cmd.


    Technique Three: Use the CMD

    This can be done from both safe or normal mode. Depending on what is "locking" the file safe mode may assist, but should not be used unless needed to save the time on reboots.


    1. Find the directory in which file is and copy the path and file name.

    Directory: C:\Documents and Settings\%UserName%\Desktop\
    File:stupidfile.exe

    Or copy the full path to the file, including the Drive letter and file name extension.

    Full path: C:\Documents and Settings\%UserName%\Desktop\stupidfile.exe


    2. Close all open programs.


    3. "Start" > "Run" type cmd press ok

    This will open the Command Prompt window leave it open.


    4. "Start" > "Run" type taskmgr press ok, or right click the Task bar and select Task Manager.


    5. In Task Manager go to the Processes tab and find Explorer.exe then use "End Process" on Explorer.exe to kill the shell. Leave the Task Manager open.


    6. Go back to the Command Prompt window and paste or type del <full path to file>. Or cd <directory path> enter DEL <filename>

    Using full path:
    del C:\Documents and Settings\%UserName%\Desktop\stupidfile.exe

    Using directory and file name:
    cd C:\Documents and Settings\%UserName%\Desktop
    del stupidfile.exe


    7. Go back to Task Manager, click File, New Task and enter explorer to restart the shell.



    Troubleshooting:


    Troubleshooting check list


    Startup problems

    Resources for troubleshooting startup problems in Windows XP
    Troubleshooting the Startup Process
    How to perform a clean boot in Windows XP
    How to perform advanced clean-boot troubleshooting in Windows XP
    How to troubleshoot by using the System Configuration utility in Windows XP
    How to recover from a corrupted registry that prevents Windows XP from starting
    Troubleshooting Disks and File Systems
    Tools for Troubleshooting

    System Restore

    How to restore the operating system to a previous state in Windows XP
    How to start the System Restore tool at a command prompt in Windows XP
    Running System Restore from the Recovery Console (well, sort of)
    Troubleshooting steps for issues when you try to use the System Restore tool in Windows XP

    Recovery Console and Command line

    Description of the Windows XP Recovery Console
    Recovering Windows XP using the Recovery Console

    An A-Z Index of the Windows NT/XP command line

    How to enable an administrator to log on automatically in Recovery Console
    Loosen the Recovery Console restriction to other partitions


    Operating system crash (BSOD):


    BSOD: Stop Messages

    Troubleshooting Windows STOP messages
    STOP Errors
    Bug Check Codes
    Interpreting Bug Check Codes


    Memory dump

    Preparation Before You Contact Microsoft After Receiving a STOP Message on a Blue Screen
    How to read the small memory dump files that Windows creates for debugging
    How to Use Dumpchk.exe to Check a Memory Dump File
    Overview of memory dump file options for Windows 2000, for Windows XP, and for Windows Server 2003


    Debugging memory dumps, tutorials, tools and references:

    Debugging Tools for Windows - Overview
    Windbg Tutorials
    Crash Dump Analysis

    Debugger Reference
    Common WinDbg Commands


    More debugging:

    Dumpanalysis.org
    Debugging Toolbox
    Debuginfo.com
    It Goes To Eleven
    NTDebugging Blog
    Nynaeve.net
    Windbg.info


    Driver and Hotfix Verifier

    Qfecheck.exe Verifies the Installation of Windows 2000 and Windows XP Hotfixes
    How to uninstall a hotfix or Service Pack via the Recovery Console ?
    Driver Verifier
    How to Use Driver Verifier to Troubleshoot Windows Drivers


    Device Manager

    How to troubleshoot unknown devices that are listed in Device Manager in Windows XP
    Explanation of error codes generated by Device Manager in Microsoft Windows XP Professional


    Command Line Device Management

    There is a tool called devcon which can be used for command line device management. You can not use DevCon with Windows 95, Windows 98, or Windows Millennium Edition. (Note: According to MS DevCon is unsupported and not redistributable. It's intended for use as a debugging and development tool)

    DevCon
    Device Management: DevCon
    [post=1518750]DevCon quick guide[/post]


    Event Viewer

    How To View and Manage Event Logs in Event Viewer in Windows XP
    Events and Errors Message Center
    Windows XP Event Viewer
    Event ID


    Troubleshooting links

    Aumha.org
    Doug Knox
    Kellys-korner
    PCguide
    winhlp.com
    Troubleshooting Error messages in Windows XP
    Troubleshooting Windows XP
    Smartcomputing: Tech Support Center
    Windows XP Professional Resource Kit: Understanding Troubleshooting
    Windows XP Software-Related Errors

    TechNet On-Demand Webcast: Advanced Windows Troubleshooting with Sysinternals Process Monitor

    Repair Install
    Clean Install
    www.windowsreinstall.com

    How to obtain Windows XP Setup boot disks
    bootdisk.com
    UBCD4Win
     
    Last edited: Aug 16, 2009
  2. Animatrix

    Animatrix Ancient Guru

    Messages:
    6,836
    Likes Received:
    4
    GPU:
    BFG 8800GT OC2 512
    Error Reporting and Dr. Watson

    How To Configure and Use Error Reporting in Windows XP
    Description of the Dr. Watson for Windows (Drwtsn32.exe) Tool
    Dr. Watson overview
    Interpreting the DrWtsn32.log
    How to Install Symbols for Dr. Watson Error Debugging
    labmice.techtarget: Dr. Watson

    How to disable Dr. Watson for Windows

    To disable Dr. Watson it's suggested (in the MS link above) that you delete the key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug. Remember to export to key first. To enable Dr. Watson again, at a command prompt type drwtsn32 -i then double-click the .reg file you exported. Note that other debuggers (such as WinDbg) will use the same key if installed as the automatic debugger.

    To simply disable the auto start of debugger(s), change the "Auto" data value from 1 to 0

    Windows shutdown problems

    Resources to help troubleshoot shutdown problems in Windows XP
    theeldergeek: Troubleshooting Windows XP Shutdown Issues
    aumha: WINDOWS XP SHUTDOWN & RESTART TROUBLESHOOTING

    Troubleshooting Hard Disk, File system and Data corruption

    Data Corruption
    Windows XP Professional Resource Kit: Troubleshooting Disks and File Systems
    Windows 2000 File Systems (FAT, FAT32, NTFS)
    Hard Disk Drive Problems: Fix Hard Drive Problems

    Disk space

    How to locate and correct disk space problems on NTFS volumes in Windows XP
    Description of the Low Disk Space Notification in Windows XP
    How the System Restore Tool Handles Hard-Disk Space Usage


    Moving a Windows installation to different hardware

    motherboard.windowsreinstall.com
    How to replace the motherboard on a computer that is running Windows Server 2003, Windows XP, or Windows 2000
    Replace Motherboard on a Windows XP System

    Changing a Motherboard or Moving a Hard Drive with XP Installed
    Moving an Entire Installation
    How to move a Windows installation to different hardware
    Move your drive with Windows 2000 (or XP) to a new system

    How to use the Sysprep tool to automate successful deployment of Windows XP
    How to Use Sysprep: An Introduction

    Moving files and settings to a new computer running Windows XP


    Moving Windows to a new hard disk

    Most hard disk manufactures have free tools for transferring the OS to a new drive, go to the manufactures web page and look for a download. For example for Seagate and Maxtor hard disks you have MaxBlast and DiscWizard, both are free versions of Acronis imaging software.

    If the software provided by the manufacture is doing a drive-to-drive copy (i.e. it simply copies the files and is not using imaging) i would suggest looking at some of the free imaging software as well, because drive-to-drive copying is not always the most reliable approach. They do work but for the result to be reliable it should preferably be done "off-line", i.e. not booted into the OS.


    Free Imaging Software


    Installing Windows without using a CD/DVD


    With or without Windows using floppy:

    Obtaining Windows XP Setup Boot Disks
    HOW TO: Install Windows 2000 (or XP perhaps) from DOS without a bootable CDROM

    With Windows and no CD/floppy, using a second system to copy from:

    Make a image of the CD using the second system and transfer it, then use a virtual drive to install.


    With Windows and no CD/floppy, using a second system to copy from:

    Use the second system to copy and transfer the install files needed, then install from hard disk -- http://www.easydesksoftware.com/I386.htm


    Without Windows or CD/floppy, using a second system to copy from and DOS;

    Harddrive Windows XP installation - no floppy/CD drive


    Installing to USB device:

    Windows In Your Pocket The link for the HP tool is dead so here is another link HP USB Disk Storage Format Tool

    How To Boot From A USB Flash Drive


    Install issues:


    General:

    1. Extract the install files using Winrar or Universal Extractor
    , right click the installer and extract. Now look in the extracted files for the installer (setup.exe, install.exe, name varies).


    2. Clear temporary files.

    3. Move your temporary folders to another partition if one exist, otherwise just try a new location.
    • 1. Right-click My Computer, and then click Properties.
    • 2. Click the Advanced tab.
    • 3. Click Environment variables.
    • 4. Change the TMP and TEMP folder location to another partition.

    DirectX installation:


    1. Follow the steps in General.


    2. Try the DirectX Redistributable instead of the Web Installer

    DirectX End-User Redistributable
    http://www.majorgeeks.com/DirectX_Redistributable_d2924.html

    DirectX End-User Runtime Web Installer
    http://www.microsoft.com/downloads/...38-DB71-4C1B-BC6A-9B6652CD92A3&displaylang=en

    DirectX install errors:

    A Cabinet file necessary for the installation cannot be trusted
    You cannot install some updates or programs
    You may receive the "DirectX did not copy a required file" error message when you install DirectX 9.0 on a Windows XP Professional-based computer
    Description of DirectX Setup Error Codes
    Guru3d: DirectX 9c Installation Failed

    DirectX SDK:

    DirectX SDK
    What's New in the DirectX SDK
    Installing DirectX with DirectSetup


    Installshield:


    1. Follow the steps in General.

    Common installation errors
    Google search: Installshield+install+troubleshooting add your program to the search
    Google search: demoshield+has+encountered+a+problem
    Windows Installer:

    1. Follow the steps in General.

    Windows Installer
    Windows Installer Cleanup Utility
    Microsoft KB search on Windows Installer Error
    Windows Installer: Error Codes
    Windows Installer Team Blog: Troubleshooting
    Windows Installer FAQ
    How to resolve Common "Windows Installer" Problems
    How to Enable Windows Installer Logging in Windows XP


    Intel chipset INF Update Utility:


    1. Follow the steps in General.

    2. Look in the key HKEY_LOCAL_MACHINE\SOFTWARE\Intel\InfInst for the installed version. Install success status, and to see if a reboot is needed at all, "reboot" on "yes/no". Start > Run > type regedit find the key.

    3. Third party drivers are currently installed and/or no update is needed/possible. Which is why there is a Overwrite switch IF needed. DO NOT USE unless you know what you are doing.
    4. You can also use the -B switch on the extracted setup file SETUP.EXE -b (with path) to test if a install is successful, but no boot prompt is given (Silent success), like what you should be able to see in the Registry.
    Look in readme.txt for help (readme (from 7.2.2.1006))

    Flash player:

    Troubleshoot Adobe Flash Player installation for Windows
    Exe installer
    Uninstaller
    Shockwave Player


    CD/DVD:


    1. Follow the steps in General.

    2. Copy the CD/DVD to the Hard disk and install.

    3. Disable or uninstall any emulators and/or virtual drives (blows i know).

    4. If your getting CRC errors often then your RAM may be bad, run test www.memtest.org, Download (Pre-built & ISOs)


    Drivers:

    1. Follow the steps in General.
    2. Do a manual install using the extracted file.



    Manually Installing device drivers under XP:


    1. Open the Device manager. Start > Control panel, click System go to the Hardware tab and click Device manager. Or Start > Run > type devmgmt.msc


    2. Look for the device you want to update the driver for, double click it.


    3. Go to the driver tab and click on update driver.


    4. This will pop up the "Hardware update install Wizard". Select No, not this time click next. Select Install from a list or specific location (Advanced)click next. Select Don't search. I will choose the driver to install


    5. Select Have Disk, click the Browse button. Navigate to where you have extracted the files/driver and find the .inf file to your device. XP will help by filtering the files by extension (inf).


    Optional step:

    If your in the dark about what file to use you can tell XP to search the extracted files.

    Repeat steps 1 to 3:

    4. This will pop up the "Hardware update install Wizard". Select No, not this time click next. Select Install from a list or specific location (Advanced) click next. Select Search for the best driver in these locations. Uncheck search removable media and check on Include this location in search. Click the Browse button and go to the directory where you extracted the files/driver, click next and let it scan, install if driver is found.

    Again XP will filter the files by extension (.inf) but this time folders are excluded i.e. You can't press ok on a folder which has no driver.

    HOW TO: Manage Devices in Windows XP


    Uninstall issues:

    DirectX

    There are DirectX uninstallers, but you should be warned that they seem to in some cases cause issues and there are mixed reports on their sucess.

    DirectX Happy Uninstall
    DirectX Eradicator 2.0

    Symantec/Norton

    Removing Norton AntiVirus 2003 or earlier by using the Rnav2003.exe removal utility when Add/Remove programs fails
    Removing your Norton program using SymNRT
    Norton Removal Tool (SymNRT)
    Guru3d: complete way to remove nav2004-5 from xp

    Macromedia Flash

    How to uninstall the Macromedia Flash Player plug-in and ActiveX control
    Installers and Uninstallers

    Uninstall, Clean Up and file deletion tools

    Description of the Windows Installer CleanUp Utility
    Revo Uninstaller
    ZSoft Uninstaller
    Freeware-guide: Uninstallers
    Brute Force Uninstaller (BFU) and other Merijn tools
    Killbox (file deletion)
    Sysinternals Process-Explorer
    Sysinternals Autoruns
    Sysinternals: has various tools for tracking


    Program and process control

    Uninstall Programs Manually
    Windows Program Automatic Startup Locations
    A Collection of Autostart Locations
    How to manage Windows Startup?
    Default Processes in Windows 2000
    A description of Svchost.exe in Windows XP
    How to determine what services are running under a SVCHOST.EXE process
    Glossary of Windows 2000 Services
    Default Processes in Windows 2000
    CurrentControlSet\Services Subkey Entries
    Windows NT Subsystems and Associated Files
    How to troubleshoot by using the System Configuration utility in Windows XP
    Description of Windows XP System Information (Msinfo32.exe) Tool
    ProcessLibrary.com Search on process name


    Run Commands and Hotkeys:

    List of the keyboard shortcuts that are available in Windows XP
    Windowsnetworking: Windows XP Keyboard Shortcuts
    How can I navigate in Windows and NT and XP using just keystrokes on the keyboard?
    Guru3d: Windows Hot Keys
    Useful Run Commands
     
    Last edited: May 4, 2009
  3. bakuryu

    bakuryu Ancient Guru

    Messages:
    3,270
    Likes Received:
    1
    GPU:
    XFX GeForce 6600LE @ 430/490
    Here's another site for 'STOP errors' :
    http://aumha.org/win5/kbestop.htm

    And just to add to the tools for "deleting files" I used HijackThis, open it's misc tools section, and there's an option to delete a file on reboot.

    Ohh and here's just a backup of blackviper's site :
    http://web.archive.org/web/20041128094512/http://www.blackviper.com/

    A tool to furthur customize your XP cd, integrate hot-fixes, remove certain components, along with service pack integration.

    nLite

    and adding to the Miscellaneous issues:
    My system idle process is showing very high CPU usage

    It's normal. It gives a measure of how much idle your CPU is. Higher percent shown is good ! ;)


    Ohh , btw .. great work Animatrix :thumbup: :thumbup:

    Should get a sticky ;)
     
    Last edited: Oct 12, 2005
  4. Animatrix

    Animatrix Ancient Guru

    Messages:
    6,836
    Likes Received:
    4
    GPU:
    BFG 8800GT OC2 512
    Security, Virus and Spyware Help:


    1. Keep your Operating System fully updated

    Operating System vulnerabilities are bad and needs to be patched. Because of the level and integration at which the flaw exists they can be used to compromise systems easier and deeper. If updating with the latest service pack is giving you trouble please try making a Slipstream and do a fresh install using that new CD.


    2. Keep your applications updated

    Application vulnerabilities

    In theory all or most applications can be misused and exploited. If the application does something it can do it wrong and that can lead to bad things if misused. Don't be fooled into thinking seemingly powerless applications are safe and pose no threat. Obviously the more popular and widely used the application is the larger the attack surface and motivation to attack will be. Looking at flaws in browsers and integrated applications like Flash, Java and Java script when used on popular sites, the numbers of people it can reach in a short span of time is quite large.

    Exploits using flaws in applications can be used to attacks systems involving such things as malformed files, pdf, image, sound, video etc.

    Secunia Software Inspector

    These vulnerabilities start out as 0day exploits

    Depending on the actual vulnerability some security programs may catch the exploit. But this will all depend on both the program and vulnerability. An example might be the windows metafile vulnerability, this was blocked by some programs generically and others needed a update. As this type of exploit always starts out as a 0day exploit most definition based protection will fail to stop the exploit at first. 0day exploits are combated using 0day protection, there is more then one type of protection which qualifies as 0day protection.


    3. Secure your connection

    People behind NAT routers are well protected from unsolicited traffic (guests knocking at your door you did not invite). NAT routers may have build-in firewalls and do filtering. NAT (Network Address Translation) however offers no protection for outgoing traffic, unlike most software firewalls. If you run a router remember to change the default administrator password and pick a strong pass. Disable all features of the router you don't use. If you are relying on UPnP i urge you to do the configurations manually instead, having software change router setting behind your back is not cool, if the software turns out to be untrustworthy you may have a problem (NAT Router Security Solutions). The people connecting directly to a modem should really have a firewall in place like Windows own firewall. Net-aware malware like worms do not need any user interaction to spread. Dialup'ers should take special care of spy-ware known as dialers.


    4. Run Anti-malware, do system scan every week or two

    Just how badly you need Anti-malware protection like Anti-virus and Anti-spyware software do somewhat depend on your habits and computer know-how. Just remember malware can come from unexpected places.

    If you install software left, right and center with no regard, you surf blindly and unsafe places, well then you probably need Anti-malware protection. Or you can do what most people does who have to reinstall windows, again. Wait until you get infected and then install them for cleaning, oh and pray they can clean it so you wont have to reinstall, again. Remember protection is not used retroactively and cleaning after the fact is not how you best protect yourself, that's just damaged control.

    If you have a bad habit of installing software that ends up damaging the system or if you just like to install more software then is healthy, you should look into virtual machines and virtualization in general. It will isolate and contain any issues caused by software to the guest OS, and can't harm the main system, known as the host OS. You can do a lot of testing and fun stuff without having to worry about the system (Note: Malware should be handled with care, there are procedures to testing malware in a VM).

    Your browser and it's settings are also important, my recommendation is go with Firefox and use NoScript or Opera. If you use IE make sure your IE security settings are not set low and install Spywareblaster for some extra passive protection. Update to IE7 if you haven't. If you are a high risk surfer i would suggest looking into sandboxing, like Sandboxie and other forms of strong protection (Virtualization, HIPS, disaster recovery and system restore/rollback).

    Understanding Spyware, Browser Hijackers, and Dialers
    Malware FAQ

    The scanning programs databases must be updated regularly.

    It is very important to keep the Anti-virus program "database" ("signature file", "definition file") updated. The database is needed for AV programs to recognize viruses reliably. Having a updated database is needed for the programs to recognize new viruses reliably. Without a database the Anti-virus program will have to rely on Heuristics and other techniques. Even with the best Anti-virus programs that's not where you want to "lay all your eggs". Heuristics are not meant for, or to be used as a replacement for databases. When a new virus strikes, in the early stage before the database can get updated Heuristics is used.

    If money is preventing you from running an updated Anti-virus program or you just feel you can't be bothered to renew your update service, i strongly advice you to pick a free Anti-virus program as the updates are what really counts. There are perfectly good free Anti-virus programs out there and compared to some old Anti-virus program with a old database, it's a "no brainer".


    Free Anti-Virus Programs


    AntiVir Personal Edition Classic
    http://www.free-av.com

    avast! home
    http://www.avast.com

    BitDefender Free Edition
    http://www.bitdefender.com/PRODUCT-14-en--BitDefender-Free-Edition.html

    Grisoft AVG AntiVirus Free Edition
    http://free.grisoft.com/


    All scans should preferably be done on a regular basis, say weekly. You don't have to scan the same 250GB every week but do scan your system drive or just the Windows, Documents and Settings and Program Files folders.


    If any of this is missing please do it now.


    Online scanners



    Multi-engine single file scan:

    virusscan.jotti.org
    virustotal.com
    virscan.org
    scanner.virus.org

    Single engine fully system scan:

    Bitdefender
    Kaspersky (no cleaning)
    Panda (activescan triggers detection by some AV's)
    Trendmicro, new version
    Ewido
    Webroot

    Malware Analysis:

    Cwsandbox
    Threat-expert
    Anubis
    Norman

    Security tests

    Browser Security test
    Secunia Software Inspector
    McAfee Siteadvisor


    E-mails for submitting samples to AV companies

    Firewall and Antivirus

    Free Windows Firewalls (Big list)
    Spywarewarrior: Antivirus list
    Free Antivirus, online and normal
    Other Firewalls Sticky Posts and Other Useful Links


    Anti-Malware/Spyware, Rootkits

    a-squared Free
    Ad-aware
    Comodo BOClean
    Malwarebytes
    Google Pack: Spyware Doctor Starter Edition and Norton Security Scan
    Spybot Search & Destroy
    Spyware Blaster (residual protection)
    SpywareBlaster Troubleshooting and Tips & Tricks
    Windows AntiSpyware
    SUPERAntiSpyware


    Trustworthy Anti-Spyware Products
    Rogue/Suspect Anti-Spyware Products

    List of Dedicated Anti Trojan Products

    Sandbox, HIPS, Virtualization, & System Hardening apps
    SECURITY OVERFLOW
    Wiki HIPS

    Antirootkit.com
    Rootkit Detection and Removal
    Rootkits and how to combat them


    Tools, Command line and stand-alone scanners

    CCleaner, general system cleaner
    ATF Cleaner, temp file removal tool
    Killbox, file deletion tool
    Microsoft Windows Malicious Software Removal Tool, More Information
    Stinger Stand-alone AV
    ArcaMicroScan
    Dr. Web: Cure-it
    Kaspersky: AVPTool, Info
    AVZ (Russian site but they have a English version)
    A-squared command line scanner
    Mcafee command line scanner (win_betaengdat.zip)
    Sophos command line scanner, definitions
    Trend Micro command line scanner (Sysclean), definitions
    Ikarus command line scanner
    ClamWin Portable
    Automated virus / spyware removal script

    Boot CDs

    Avira AntiVir Rescue System
    http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html

    Bitdefender: LinuxDefender Live! CD
    http://www.bitdefender.com/site/LinuxDefender-Mirrors.html

    Dr.Web LiveCD
    http://www.freedrweb.com/livecd

    Kaspersky Rescue Disk
    http://ftp.kaspersky.com/devbuilds/RescueDisk/
    http://fileforum.betanews.com/detail/Kaspersky_Rescue_Disk/1213647614/1

    Ultimate Boot CD for Windows
    http://www.ubcd4win.com/index.htm

    Word of warning on cleaning with boot CDs
    http://www.wilderssecurity.com/showpost.php?p=736011&postcount=12


    Specialized removal tools:

    These tools should really only be used after specific instructions telling you to do so. Make sure you know what you are doing and used them responsibly, at your own risk. More often then not analyzing a hijackthis log will be need before you can really tell which tool you should use. However if your system is already completely hosed by malware to the point were you are about to format and reinstall just run them all, follow the instructions.

    VundoFix
    VirtumundoBeGone (if VundoFix do not work)
    VundoFix/VirtumundoBeGone Guide: How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo

    SmitFraudFix
    SmitFraudFix Guide: How to remove the Smitfraud / Generic Zlob / Quicknavigate / Virtual Maid

    ComboFix
    Running ComboFix
    A guide and tutorial on using ComboFix

    SDFix
    Using SDFix

    CWShredder, for CoolWebSearch
    AboutBuster


    HijackThis, log tutorials and guides, online analysis

    Hijackthis is a tool for dealing with unwanted run commands. It can make logs for people to help assist in the removal (note HijackThis was bought by Trend Micro and is now at version 2. Most still use the old version unless v2 is needed for when running Vista).

    HijackThis V1
    HijackThis V2

    HijackThis Tutorial - How to use HijackThis to remove Browser Hijackers & Spyware
    Spywareinfo.com
    Aumha.org

    HijackThis log file analysis


    LSP-Fix Repairs Winsock 2 settings, caused by buggy or improperly-removed Internet software, that result in loss of Internet access.


    Sysinternals Tools:

    Sysinternals
    Sysinternals Forum

    Process Explorer, a real task manager
    Process Monitor, shows real-time file system, Registry and process/thread activity.
    TCPView, detailed listings of all TCP and UDP endpoints
    RootkitRevealer, no cleaning capacities
    Sysinternals Suite


    Uninstallers, integrity checkers/snapshot compare, system logging (live)

    pcBaseline: Snapshot
    SysAnalyzer: Snapshot
    Tiny Watcher: Snapshot/Integrity checker
    Sentinel: Integrity checker
    freeware-guide: Uninstallers
    ZSoft Uninstaller: Uninstaller
    Osiris: Host Integrity Monitoring


    Reviews and Tests

    AV-comparatives
    Virus Bulletin
    av-test.org
    westcoastlabs.org
    check-mark.com
    virusinfo.info
    anti-malware.ru (babelfish)

    matousec.com
    Pcflank.com
    Firewallleaktester.com
    ShieldsUP
    Personal HIPS Tests


    Malware Removal Guides

    Guru3D: Malware cleaning guides

    GENERAL Virus and Trojan removal Instructions
    How to remove a Trojan, Virus, Worms, or other Malware
    Dealing with Unwanted Spyware and Parasites
    Spyware and Malware Removal Guides and Reading Room
    Viruses/Spyware/Malware, preliminary removal instructions
    TechNet On-Demand Webcast: Advanced Malware Cleaning


    Databases and search engines to help identify objects

    http://www.systemlookup.com
    http://www.bleepingcomputer.com/filedb/
    http://gladiator-antivirus.com/forum/index.php?showtopic=24610


    System Setup and Hardening

    Protecting Your Privacy & Security
    Security Configuration Guides (NSA)
    Home computer security
    Home network security
    Securing Your Web Browser
    Internet Explorer 6 Security and Privacy
    Internet Explorer: Setting Up Security Zones

    HARDENING WINDOWS HOST Part 4: ACCOUNTS AND RIGHTS MANAGEMENTS
    Windows Worms Doors Cleaner
    Secure-It
    Harden-It


    LUA/Non admin:

    Aaron Margosis' "Non-Admin" WebLog,
    Non-admin for home users

    http://nonadmin.editme.com
    Reducing browser privileges
    suDown
    Wilderssecurity: SuRun: Easily running Windows XP as a limited user
    Ruin a malware author's whole day with a Software Restriction Policy!
    Using Software Restriction Policies to Protect Against Unauthorized Software


    Articles, Papers

    Windowsecurity.com: Whitepapers
    Sans.org: Reading room
    Pcvirus.org: Antivirus Links & Papers (Computer Virus/Antivirus Resources)
    Malware Defense History and its Secrets
    The Antivirus Defense-in-Depth Guide
    Can Viruses Be Detected?
    Internet Firewalls: Frequently Asked Questions


    Vulnerabilities and advisory

    Microsoft Security Bulletin Search
    Microsoft: Virus Alerts
    Microsoft: Security Bulletins and Advisories
    Secunia.com
    SANS Internet Storm Center
    FrSIRT: Security Threats Watch 24x7


    Malware status pages

    Dr.Web http://live.drweb.com/
    Eset http://www.virusradar.com
    Frisk http://www.f-prot.com/virusinfo/index.html
    F-secure http://worldmap.f-secure.com
    Fortinet http://www.fortiguardcenter.com/map/worldmap.html
    GDATA http://www.antiviruslab.com/index.php?lang=gb
    Kaspersky http://www.kaspersky.com/viruswatch3
    Mcafee http://www.mcafee.com/us/threat_center/
    Microsoft http://www.microsoft.com/security/portal/
    Symantec http://www.symantec.com/business/security_response/threatexplorer/threats.jsp
    Symantec http://www.symantec.com/norton/security_response/index.jsp
    Trendmicro http://www.trendmicro.com/vinfo/
    Trendmicro http://wtc.trendmicro.com/wtc/summary.asp



    Links

    Bleepingcomputer.com
    Spywarewarrior.com
    Spywareinfoforum.com
    Wilderssecurity.com
    bluetack.co.uk: Malware News, Research & Removal

    Security news portal
    Insecure.org
    Securityfocus.com
    Governmentsecurity.org
    Windowsecurity.com
    Peter Gutmann, Encryption and Security-related Resources
    http://www.f-secure.com/weblog/
    http://www.viruslist.com/weblog

    http://www.cert.org/nav/index_main.html
    http://www.cert.org/contents/contents.html
    http://www.cert.org/nav/index_green.html
    http://www.cert.org/encyc_article/tocencyc.html
    http://www.cert.org/tech_tips/
    http://cme.mitre.org/index.html
    http://honeynet.markoer.org/



    Test your AV installation:

    The Anti-Virus test file



    Privacy:

    wikipedia: Privacy, Anonymity, Internet privacy, Proxies

    Free Anonymous Surfing
    eff.org: Tor (Look for the Tor link on the left side)
    Onion routing
    Vidalia
    Privoxy
    Torpark
    OperaTor

    wikipedia: Cryptography and encryption, Steganography, Security through obscurity

    Truecrypt
    Snake Oil Warning Signs: Encryption Software to Avoid


    Data sanitization and secure deletion

    Technically what happens varies depending on both the operating system and file system used, so do the recovery method.

    Deleted Files, FAT and NTFS
    Recovery of deleted files
    The Windows XP MS-DOS Startup Disk: An Example in Basic Forensics and Data Recovery
    Gromit's Technical Guide to Partitions/Formatting/Data Recovery
    Computer forensics
    Peter Gutmann: Secure Deletion of Data from Magnetic and Solid-State Memory Read the Epilogue.
    Can Intelligence Agencies Read Overwritten Data? A repsonse to Gutmann.

    To avoid recovery of data it should be overwritten. To avoid recovery of any non-secure deleted data and data which may have leaked into free space (such as decrypted data leaked into non-encrypted free space), all free space including slack space should be overwritten. There are both free and pay File Shredding and Disk Wiping software. Some hard disk manufactures may have a utility used to do what is often referred to as a low level format (it's not really a low level format, ReInitializing). This Reinitializing will fill the hard disk with ones and zeros and should do just fine for when you are getting rid of old drives. To clean partitions/drives booting to a CD like Dban is another option.

    Snake oil appears here as with most software. So if you really are in need of secure deletion and your not just doing it for psychological reasons then you should scrutinize the validity and trustworthiness of the software. Test has shown commercial secure deletion software that partially fail the secure deletion, and then there are programs that simply don't do anything. One way to do a test is to use data recovery software and see if you can recover the files you securely deleted.

    Evaluating Commercial Counter-Forensic Tools (PDF)
    Wilderssecurity: How to verify secure deletion
    The Hard Disk Shred/Wipe Page Test shows time used for wipes with different patterns
    Wikipedia: File wiping


    Overwrite patterns or sanitization matrixs can be used when doing overwrite passes. The pattern is just what data is used to overwrite with. For modern hard disks a few passes with random data should do just fine. A known and pretty fast pattern is, "a character, then its complement and then random characters".

    Unless you have some good reason for fearing data recovery i would not concern myself about it to much. If you have any concerns about privacy information or sensitive data purge the hard disk with random data. If you do decide to overwrite using multiple passes i would keep it down to 3 passes, say with ones and zeros and then random data. Anything more is just a waste of time if you ask me. Depending on the size of the drive it can take quite some time doing the very "secure" overwrite passes, and passes such as the 35 Gutmann wipe on a 200GB hard disk is just plain silly.

    Anyway it was made for a completely different hard disk type and covers a "blend of scenarios". From the epilogue of Gutmann's paper (read the full epilogue).

    If your talking about situations with zero margin for error, then destruction is the only viable option, there are just to many variables. Software is prone to error. You will need to confirm that all overwrite passes are a success every time, so just counting the man hours or labor it's cheaper and safer to just destroy.


    Contrary to popular belief data overwrite sanitization appears to no longer be approved by anybody in the US and Canada for truly sensitive information.

    NSA only approves degaussing or physical destruction for hard disks.

    NSA/CSS STORAGE DEVICE DECLASSIFICATION MANUAL
    http://www.nsa.gov/ia/government/MDG/NSA_CSS_Storage_Device_Declassification_Manual.pdf


    DSS now follows the NSA guidelines.

    DSS Clearing and Sanitization Matrix
    https://www.dss.mil/portal/ShowBina.../clear_n_san_matrix_06282007_rev_11122007.pdf


    NISPOM (National Industrial Security Program Operating Manual) remove the guidelines found in section "8-304. Maintenance" and now refers to DSS.
    Old DOD 5220.22-M, chapter 8-306. Maintenance, Clearing and Sanitization Matrix (using web.archive)

    2006 NISPOM (DoD 5220.22-M)
    https://www.dss.mil/portal/ShowBina...s_internet/isp/fac_clear/download_nispom.html


    NIST (National Institute of Standards and Technology) only recommends overwrite sanitization for so called cleaning, i.e. to avoid software recovery methods. To protect against laboratory attacks or truly sensitive information only purging is recommend, meaning degaussing or physical destruction.

    NIST Special Publication 800-88
    http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf


    RCMP (Royal Canadian Mounted Police) only allows data overwrite sanitization (i.e. cleaning) for hard drives containing the following security level of information:

    Protected “A” (Protected)
    Protected “B” (Protected)
    Confidential (Classified)

    Using triple pass, binary 0s are written on the first pass, binary 1s on the second pass and an ASCII text pattern composed of the DSX version number and date/time stamp for the third pass. Each overwrite pass is followed by a read verify pass.

    For a hard drives containing the following security level of information:

    Protected “C” (Protected)
    Secret (Protected)
    Top Secret (Classified)

    Or for a hard drive which is deemed to be non-functioning. Only degaussing or physical destruction is approved.

    Hard Drive Secure Information Removal and Destruction Guidelines
    http://www.rcmp-grc.gc.ca/tsb/pubs/it_sec/g2-003_e.pdf

     
    Last edited: Feb 17, 2009

  5. bakuryu

    bakuryu Ancient Guru

    Messages:
    3,270
    Likes Received:
    1
    GPU:
    XFX GeForce 6600LE @ 430/490
    Last edited: Oct 13, 2005
  6. omarmakki

    omarmakki Ancient Guru

    Messages:
    4,075
    Likes Received:
    2
    GPU:
    Inno3D GeForce 6800 (12x1,6vp)
    Man, this is just great. That's one hell of a job Animatrix.
    And if I get anything on my mind that I think it could be added here, I'll post it for sure...

    Another vote for a sticky...
     
  7. omarmakki

    omarmakki Ancient Guru

    Messages:
    4,075
    Likes Received:
    2
    GPU:
    Inno3D GeForce 6800 (12x1,6vp)
    I think this could be added to Task Manager issues. It was asked for a few times on this forum.

    If you get a "Task Manager has been disabled by your adminstrator" error message.

    1- Open Registry Editor (Regedit.exe) and navigate to:
    HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies\ System

    In the right-pane, double-click DisableTaskMgr and set it's data to 0

    2- Get this registry fix
     
  8. Finchwizard

    Finchwizard Don Apple

    Messages:
    16,424
    Likes Received:
    11
    GPU:
    -
    Stuck, because I'm so nice =)

    Great FAQ, I'll be changing and combining my Linux guides soon probably, just so we don't end up with a lot of stickies.
     
  9. Animatrix

    Animatrix Ancient Guru

    Messages:
    6,836
    Likes Received:
    4
    GPU:
    BFG 8800GT OC2 512
    Programs:

    Freeware

    http://www.giveawayoftheday.com
    http://www.techsupportalert.com/best_46_free_utilities.htm
    http://www.pricelesswarehome.org
    http://www.thefreecountry.com/index.shtml
    http://www.all4you.dk/FreewareWorld/links.php
    http://www.p2pforum.it/forum/showthread.php?t=164494
    http://www.woundedmoon.org/win32_freeware.html
    http://www.aplusfreeware.com
    http://freewarewiki.pbwiki.com
    http://www.freeware-guide.com
    http://www.321download.com/LastFreeware/index.html
    http://www.softwareawards.net
    http://freewareupdates.info
    http://www.donationcoder.com
    http://sourceforge.net
    http://aumha.org/freeware/freeware.htm
    http://www.dedoimedo.com/computers/collection.html
    http://dimio.altervista.org/eng/
    http://www.benchmarkhq.ru/english.html?/be_cpu.html

    Software sites

    http://www.majorgeeks.com
    http://www.softpedia.com
    http://www.download.com
    http://www.tucows.com
    http://www.versiontracker.com
    http://lists.thedatalist.com/index.html


    Guru3d: software threads:

    Guru3d: Freeware / Opensource Programs
    Guru3d: Software u just CAN'T go without
    Guru3d: Poll Best P2p ?
    Guru3d: Poll What Anti Virus do you use ?
    Secure Yourself
    Guru3d: Firefox and Mozilla: The Monsters Garage


    Video and Audio:


    Gspot establishes what audio and video codecs are required to play a media file.

    free-codecs
    Winamp or other? Which is your favorite?
    Make Winamp sound better
    Winamp Equalizer


    Miscellaneous

    Guru3d: Sticky's

    MS Beta links:

    Microsoft Beta
    Microsoft Connect
    MSDN


    Various Windows XP Information:


    Windows Product Activation (WPA) on Windows XP
    Data Execution Prevention (DEP)
    A general description of IRQ sharing in Windows XP
    IRQ Conflicts
    Scheduling, Thread Context, and IRQL
    Locks, Deadlocks, and Synchronization

    Windows XP: Kernel Improvements Create a More Robust, Powerful, and Scalable OS
    Kernel Enhancements
    Memory Management

    Windows XP Performance
    Benchmarking on Windows XP

    Changes to Functionality in Microsoft Windows XP Service Pack 2

    Windows XP supported upgrade paths

    Windows XP Home Edition Comparison Guide
    Windows XP Home Edition vs. Professional Edition: What's the difference?

    SHELL32 Function Usage
    Using Rundll


    Random stuff:


    Windows Registry

    Inside the Registry
    Description of the Microsoft Windows registry


    Shell

    Customizing Right-Click Menu Options in Windows

    Add Target > Open Container to the right-click context menu of your shortcuts (Like Vista's open file location), link.


    Shell-extensions

    What other shell enhancements or other tweaks do you recommend for Windows 2000/XP/2003?
    Google search: Shell enhancements


    Tweaks:

    Links, if you have a good link just let me know:

    rojakpot.com
    theeldergeek.com
    tweakguides.com
    speedguide.net
    broadbandreports.com
    Tweakhound: Bad Tweaks
    techspot: Gaming Guides
    Optimize XP
    Benchmarking on Windows XP
    Performance Tuning Guidelines for Microsoft Services for Network File System
    1001 Secrets for Windows NT Registry
    jsifaq: Windows Tips and Tricks
    Performance-oriented Windows tweaking
    Guru3d: PCI latency? a Q for Gurus



    Boot Time:


    As boot time is often asked about, i'll just post a few things.

    1. Set BIOS for fastest boot

    Set the HD as first boot device. Use quick boot check, default/on for most BIOS some may have a separate fast/slow check for the HD as well. Disable all devices not used on the motherboard in the BIOS.


    2. Set OS for fastest boot

    Disable devices and channels not in use:

    Open the Device manager, Start > Run > type devmgmt.msc

    Using Device manager disable any other devices not in use that you can't disable using the BIOS (not on-board etc.). With at least a decent BIOS most on-board devices like COM ports, firewire etc. can be disabled using the BIOS and when disabled they won't show up in device manager.

    Using Device manager find IDE ATA/ATAPI Controller (other wording may be used, anyway it's the HD Controller) expand and double click the IDE channels > go to the Advanced settings tab and set Device Type: on None for all channels NOT in use.


    Disabling Group Policy (gpedit.msc)

    (*Group Policy Editor is only available in XP Pro)

    Disabling Group Policy may give a faster boot. For me it seem to give a faster log off (reboot) but in any case if your not using the Group Policy i see no reason not to give it a try.

    Start > Run > type gpedit.msc > right click "Local Computer Policy" and click properties > under "Disabled" check both computer and user, press apply.

    Run ProcessIdleTasks:

    This will force all pending IdleTasks to complete and will invoke the boot optimization routines found in XP. ProcessIdleTasks is suggested as something to do before running benchmarks by MS, it can also be beneficial on newly installed systems to force all IdleTasks to complete.

    Idle Task Scheduling: The ProcessIdleTask API

    Go to Start > Run > type or paste Rundll32.exe advapi32.dll,ProcessIdleTasks hit enter, let it finish (look at the case led light), after perform a normal system defrag.

    Alternatively you can also preform just the boot optimization defrag from the console: Got to Start > Run > type cmd > type defrag C: -b hit enter, when the prompt appear again it is done. Optionally BootVis can also be used and it has a on-screen visual indication of when the task has completed.


    Keep the system clean

    The more that has to load at time of boot the longer it will take. Learn to control windows startup of software. Don't install what you don't need. Uninstall what you don't use. Programs, windows components and features, get rid of services you do not need, remember to defrag the system drive, rebuild the registry hives (NTREGOPT)


    Tools

    Bootvis is a "tracing and visualization tool" which can be used to trace the boot time and load delays (drivers etc.). It can also force the file placement optimization routine to be run by using Trace > Optimize System from the menu.
    *Note: There are some trace data issues with HT CPU's and XP SP1, hotfix exists but MS would rather you'd install SP2.
    Performance trace data from the BootVis.exe tool is corrupted or missing

    The file placement optimization routines invoked by Bootvis.exe is not really documented anywhere but appears to simply be the same as running the command defrag <system drive> -b from the console which im thinking is part of the ProcessIdleTasks routine. The -b switch is not documented either (i can't find it) but do "work" 1). there is a defrag performed and it's short 2.) There is no error given by the prompt.

    Time wise the task performed by Bootvis fit's with the defrag <system drive> -b. The ProcessIdleTasks routine performs other tasks as well as the file placement optimization. The so called "pre-determined times" referred to is system idle time, plus the fact that the operation is done "no more often than once every three days".
    Links:
    Idle Task Scheduling: The ProcessIdleTask API
    Fast System Startup for PCs Running Windows XP
    Fast Boot / Fast Resume Design

    neowin.net: SpeedUp Improve XPs Boot and Start Up Time
    Hack #3: Speed Up Boot and Shutdown Times

    Windows Program Automatic Startup Locations
    How to manage Windows Startup?
    Default Processes in Windows 2000


    Free Defrag Programs:

    JkDefrag
    http://www.kessels.com/JkDefrag/

    JkDefrag GUI
    http://www.emro.nl/freeware/

    Power Defragmenter GUI 2.0.125
    http://www.excessive-software.eu.tt/

    Defraggler
    http://www.defraggler.com/

    Ultra Defragmenter (uses kernel-mode driver)
    http://ultradefrag.sourceforge.net/

    Auslogics Disk Defrag
    http://www.auslogics.com/disk-defrag/index.php

    IObit SmartDefrag
    http://www.iobit.com/iobitsmartdefrag.html

    Diskeeper Lite 7.0 Build 418
    http://www.majorgeeks.com/Diskeeper_Lite_d1207.html

    O&O Defrag 2000 Freeware Edition 3.5.562
    http://www.majorgeeks.com/O&O_Defrag_2000_Freeware_Edition_d4545.html

    PageDefrag
    http://www.microsoft.com/technet/sysinternals/FileAndDisk/PageDefrag.mspx

    Contig
    http://www.microsoft.com/technet/sysinternals/FileAndDisk/Contig.mspx



    Rebasing dlls

    Disclaimer: This is not for all and i will take NO responsibility for anything going wrong.

    So what's this all about ?
    Rebasing Win32 DLLs: The Whole Story
    Rebasing Win32 DLLs
    Optimizing DLL Load Time Performance
    Overcoming Windows Memory Allocation Limitations
    Map Files And DLL Rebasing
    Rebase those dlls


    With that said, here is how you rebase .dlls using rebase.exe

    1. Get Rebase.exe SDK

    2. Get Process Explorer to find dlls base addresses (info on dll address range later). Start Process Explorer click View > Lower Pane View > select Dlls. Then View > Select columns > go to the DLL tab and check on Base Address. Then Options > Configure highlighting > check on Relocated dlls and pick a color.

    3. Use whatever method you like and works for you for editing/changing files in use, just realize that as long as the dll is in use you can't rebase it.

    People who don't know how to work with system files should probably just stop now or only rebase the dlls not loaded at boot and/or program dlls easily controlled. The rest will know what the issue is and how to work around it. (*Hint* The recovery console do NOT support the rebase command).

    Rebase usage: rebase -b HEX base address

    Example: rebase -b 0x70000000 xpsp2res.dll



    Infomation on ranges:

    So what dlls to rebase ?. Well either dlls which are using bad or conflicting addresses i.e. An address which is in use and so "If a DLL cannot load at its base address because the memory is already occupied, the loader places the DLL elsewhere in virtual memory, then updates all calls into the DLL to reflect the new base address." which obviously takes time slowing the load. It can also lead to virtual memory fragmentation (see hotfix last).



    xpsp2res.dll base address:
    Information on base address of XP SP2 xpsp2res.dll
    I have rebased my xpsp2res.dll to the address suggested above and have seen no harmful side effects from it, however im not truly sure of the effect. But in theory xpsp2res.dll base address is bad and goes against MS's own suggested base address for system dlls (0x70000000 to 0x78000000).

    There is even a hotfix for it.
     
    Last edited: Nov 29, 2008
  10. Animatrix

    Animatrix Ancient Guru

    Messages:
    6,836
    Likes Received:
    4
    GPU:
    BFG 8800GT OC2 512
    Information on various Tweaks:

    This is just meant as a collection of information about various tweaks, both functional and non functional. Not all settings here are bad, but surprisingly many are. Either they are non functional, OS version specific, or misinformation has simply taken over and it's true function is unknown. I will add more stuff along the way.

    Registry keys:

    HKLM = HKEY_LOCAL_MACHINE

    DisablePagingExecutive

    Key: HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
    REG_DWORD: DisablePagingExecutive
    Data: 0

    Prevents pageable "User-mode and kernel-mode drivers and kernel-mode system code" from getting paged out (from memory) to disk (page file). This one is used by many and do "work" (i.e. it's not bogus). The MS documentation for workstation OS (2000/XP) mainly points to it's usefulness for debuging purposes, the server documentation also points to improved performance. However don't expect any miracles (if anything) and certainly nothing near what's often claimed by many tweak apps and guides.
    Adobe referring to the use of DisablePagingExecutive


    LargeSystemCache

    Key: HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
    REG_DWORD LargeSystemCache
    Data: 0 (Default value Windows XP Professional: 0 Windows Server 2003: 1)

    LargeSystemCache 1 is the same setting as System > Advanced > Performance Settings > Advanced > Memory usage on System Cache.

    Server OS has a Server Optimization tab in Network and Dial-up Connections which is the interface for setting the "Size" key registry data value (interface is not in XP or 2000 pro, but the "Size" key is).

    "This entry (LargeSystemCache) and the "Size" entry (which is in the HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters subkey) store the setting of the Optimization section of the Server Optimization tab in Network and Dial-up Connections."
    LargeSystemCache is for file heavy I/O operation needs like the type file servers has. "It is not appropriate for application servers" (such as Web server). "Many applications, such as SQL Server and Microsoft Exchange, change the value of the LargeSystemCache entry to 0".

    2003: LargeSystemCache
    2000: LargeSystemCache
    File Cache Performance and Tuning


    Win32PrioritySeparation

    Key: HKLM\SYSTEM\CurrentControlSet\Control\PriorityControl
    REG_DWORD: Win32PrioritySeparation
    Data: 2

    Or using the XP interface Control Panel > System > Advanced tab > Performance settings button > Advanced tab > Processor Scheduling


    When you install XP this data value is set to 2 for backwards compatibility with NT (NTs version of foreground priority). XP's normal value for foreground priority is 26 in hexadecimal or 38 in decimal (the same value). If you go to Processor Scheduling and set it to Background services and apply, this will set the data value to 18 hexadecimal/24 decimal. Now set it back to Programs and apply, the value/data will change to 26 hexadecimal/38 decimal which as said is XP normal value for foreground priority. This setting as of windows 2000 has changed and now uses whats known as Quantum Accounting.
    Quantum calculation:

    Table of the three 2 bits values:
    [​IMG]

    Default:

    Optimize Performance for Applications:
    32 + 4 + 2 = 38 Dec / 26 Hex = Short Quantum, Variable Quantum for foreground, High foreground boost.

    Optimize Performance for Background Services:
    16 + 8 + 0 = 24 Dec / 18 Hex = Long Quantum, Fixed Quantum, No foreground boots.

    Variations:

    32 + 8 + 2 = 42 Dec / 2A Hex = Short, Fixed , High foreground boost.
    32 + 8 + 1 = 41 Dec / 29 Hex = Short, Fixed , Medium foreground boost.
    32 + 8 + 0 = 40 Dec / 28 Hex = Short, Fixed , No foreground boost.

    32 + 4 + 2 = 38 Dec / 26 Hex = Short, Variable , High foreground boost.
    32 + 4 + 1 = 37 Dec / 25 Hex = Short, Variable , Medium foreground boost.
    32 + 4 + 0 = 36 Dec / 24 Hex = Short, Variable , No foreground boost.

    16 + 8 + 2 = 26 Dec / 1A Hex = Long, Fixed, High foreground boost.
    16 + 8 + 1 = 25 Dec / 19 Hex = Long, Fixed, Medium foreground boost.
    16 + 8 + 0 = 24 Dec / 18 Hex = Long, Fixed, No foreground boost.

    16 + 4 + 2 = 22 Dec / 16 Hex = Long, Variable, High foreground boost.
    16 + 4 + 1 = 21 Dec / 15 Hex = Long, Variable, Medium foreground boost.
    16 + 4 + 0 = 20 Dec / 14 Hex = Long, Variable, No foreground boost.

    Win32PrioritySeparation


    Resolution of system timer

    The system timer tick interval affects thread scheduling.
    Here is his run down on the quantum, Master Your Quantum

    As mentioned, applications can change the resolution. For example running Windows Media Player will set it to 3.906 and when playing something set it to "0.977". Using the "/TIMERES=" switch in the boot.ini will set the resolution of the system timer.
    Set Windows Timer Resolution
    ClockRes
    CSS game server (Tickrate)
    Inside Windows NT High Resolution Timers



    IoPageLockLimit

    Do only work for Windows versions before 2000 SP1

    http://www.microsoft.com/resources/...s/2000/server/reskit/en-us/regentry/29931.asp

    IRQ# Priority - There are no IRQ priority boosting possibility on windows through registry entry. IRQs have a priority level at which they are interrupted by the CPU. The IRQ number (which is fix for some hardware components and otherwise relates to the install process where hardware gets detected and assigned a IRQ) determines the priority level.
    IRQ

    Secondly if we look at linux where there's actually a app called IRQTUNE which can changes the IRQ priority of devices, it is using a kernel module, which is not quite the same as just adding a registry entry.

    SecondLevelDataCache - Will do nothing for modern CPU's (P2 and later).

    SecondLevelDataCache


    AlwaysUnloadDlls

    For operating systems prior to Windows 2000.



    EnablePrefetcher

    Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters
    REG_DWORD: EnablePrefetcher
    Data: 3, looks like this 0x00000003 (3)

    Only 1, 2 and 3 are valid values, not 5 or whatever else people may claim.

    1 = app prefetching
    2 = boot prefetching
    3 = app and boot prefetching

    Memory Management


    Extensible Performance Counters

    guru3d thread


    Other tweaks:


    QoS - The actual workings of QoS, both in use, use of, technical background, OS version differences etc. is not at all well known by most, even the people using it.

    1. There is no global bandwidth de/increase.
    2. Only QoS aware programs can take use of the "reserved" bandwidth, 20% by default.
    3. Only applies to when QoS aware programs are sending data.
    4. If the program that reserved the bandwidth is not sending sufficient data to use it, the unused part of the reserved bandwidth is available for other data flows on the same host.

    In my opinion people should simply uninstall the protocol, that is if not needed (VoIP stuff and the like) , removing all unneeded protocols is more likely to improve the network, this includes the file and printer sharing.
    QoS Technical Reference
    Quality of Service Technical White Paper

    Introduction to QOS (programming)

    win 2000
    QoS Traffic Control in Windows 2000
    Description of Reservation State in RSVP
    Description of the Resource Reservation Protocol (RSVP)
    Cisco: Quality of Service (QoS)



    /prefetch:# commandline "tweak"

    The prefetch commandline flag is used for multipurpose programs (works generically but only WMP seems to use it). By specifying a /prefetch:# flag with a different number for each "mode" the multipurpose app can do, each mode gets its own separate hash file so as to get the prefetch done properly. It do NOT speed up the launch of programs beyond what prefetching does in the first place. Unless various dll's are used at launch time, for a "mode" of opration there is no point using it. As this is a part of prefetching and how it generically works, and all apps gets prefetch, you would think that software makers would be using the flag if it was needed for their apps, but they don't.
     
    Last edited: Jul 23, 2007
    SatsuiNoHado likes this.

  11. omarmakki

    omarmakki Ancient Guru

    Messages:
    4,075
    Likes Received:
    2
    GPU:
    Inno3D GeForce 6800 (12x1,6vp)
    That is probably better. Links will free up space and make the thread neat and clean...
     
  12. Animatrix

    Animatrix Ancient Guru

    Messages:
    6,836
    Likes Received:
    4
    GPU:
    BFG 8800GT OC2 512
    Yes i think so, plus im unsure what the character limit is now. It used to be 15000 but i am using more already (unless my word count is screwed) , i bumped my old qustion in the Feedback & News forum.


    Edit: Oh man 20000 nice, even if it's "only" 5000 more :D ;)
     
    Last edited: Oct 14, 2005
  13. omarmakki

    omarmakki Ancient Guru

    Messages:
    4,075
    Likes Received:
    2
    GPU:
    Inno3D GeForce 6800 (12x1,6vp)
    Yea... I just read that.
    167xx... Something like that.
    Let's wait for a reply from Hilbert...

    EDIT
    According to IB, the limit should be 20k now...
     
    Last edited: Oct 14, 2005
  14. bakuryu

    bakuryu Ancient Guru

    Messages:
    3,270
    Likes Received:
    1
    GPU:
    XFX GeForce 6600LE @ 430/490
    Last edited: Oct 14, 2005
  15. bakuryu

    bakuryu Ancient Guru

    Messages:
    3,270
    Likes Received:
    1
    GPU:
    XFX GeForce 6600LE @ 430/490

  16. Animatrix

    Animatrix Ancient Guru

    Messages:
    6,836
    Likes Received:
    4
    GPU:
    BFG 8800GT OC2 512
    The "Disaster Recovery Tools" link under Windows troubleshooting, has a section on "Backup".
     
  17. stormy

    stormy Ancient Guru

    Messages:
    2,671
    Likes Received:
    56
    GPU:
    Pulse RX5600XT
    NVM, just found the link I was going to post.
     
    Last edited: Nov 1, 2005
  18. bakuryu

    bakuryu Ancient Guru

    Messages:
    3,270
    Likes Received:
    1
    GPU:
    XFX GeForce 6600LE @ 430/490
    LOL ..... i just realized that ALL of MS hotfixes and security updates can just be integrated as SP2 is integrate like ::

    kb****** /integrate:<location where xp files are saved in the hard disk>
     
  19. Animatrix

    Animatrix Ancient Guru

    Messages:
    6,836
    Likes Received:
    4
    GPU:
    BFG 8800GT OC2 512
    EDIT: For stuff

    DevCon quick guide

    Enable/disable a device using devcon (devcon.exe copyed to system folder i.e. windows or system32 for easy access)


    1. Start > Run > type cmd press ok > type devcon help for a list of all commands.


    2. To disable a device first we need to get the hardware ID either by using the Device Manager or the Console and devcon.

    2.1. Using Device Manager to get hardware ID;

    Double click the device your interested in and go to the Details tab, using the Property dropdown menu select Hardware Ids. Depending on the device there may be multiple strings and long string with "&" connecting parts (layman term). We are only intrested in the first part of the string (ID) before any "&" character.

    Example of Hardware Ids:

    COM Port = ACPI\PNP0501

    Sound card, first full string = PCI\VEN_1102&DEV_0004&SUBSYS_20021102&REV_04

    Part of Sound card string we will use = PCI\VEN_1102

    2.2. Using the Console to get hardware ID;

    Type devcon /classes a list of device classes is presented. Find the device class your interested in e.g. MEDIA for sound card. Using the MEDIA device class as
    example we now type devcon /listclass MEDIA, this will give a list of devices. Again we are only interested in the first part of the string before any "&" character.

    Example of "devcon /listclass MEDIA".
    Code:
    PCI\VEN_1102&DEV_0004&SUBSYS_20021102&REV_04\4&2E98101C&0&58F0: Creative SB Audigy 2 ZS (WDM)
    
    SW\{EEC12DB6-AD9C-4168-8658-B03DAEF417FE}\{ABD61E00-9350-47E2-A632-4438B90C6641}: Microsoft Kernel DRM Audio Descrambler

    3. Continuing using the sound card as example we now have the ID and can enable or disable it by typing devcon /enable PCI\VEN_1102 or devcon /disable PCI\VEN_1102 in the console.

    bat. file example.
    Code:
    @echo off
    devcon /enable PCI\VEN_1102

    Msconfig

    The System Configuration Utility, aka Msconfig, is a diagnostic tool. It's used for troubleshooting and diagnosing Windows configuration issues. By using check boxes it's much easier to work with the settings, and to toggle between settings (on/off toggle style) then it would otherwise be when working with the settings in the actual files (like boot.ini), using the tools (like the services snap-in), or otherwise having to be many places, e.g. regedit, services snap-in, the boot.ini file. Check boxes also reduce the risk of typing errors.
    Practically non of the configurations you can modify through msconfig is meant for permanent changes, as i otherwise often see it referred to. Most of the time it's the startup programs and services which some believe should be controlled through msconfig, this is not true.

    Services should be controlled using the "Services" snap-in found under your Administrative Tools. To do more advance things like deleting a service you need to use the command prompt (start > run > type cmd press ok) typing sc ? in the prompt displays all commands.

    Controlling what starts up along with windows is in reality quite difficult as Windows has about a million ways to auto start programs and other stuff. This is also how and why spyware can hide it's run command from the casual PC user.

    A Collection of Autostart Locations

    The three places most used by legitimate programs are:

    Code:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    :\Documents and Settings\*UserName*\Start Menu\Programs\Startup

    I'd suggest getting Autoruns from sysinternals.

    Ask the Performance Team: Who’s That Hiding in my Windows?

    What to uncheck and what not

    FAQ: Common Autoruns Issues


    For those who are interested i'd suggest learning a bit about how windows can start stuff, as well as getting acquainted with system tools like Regedit, Services, CMD and so on.
     
    Last edited: Feb 23, 2009
  20. Animatrix

    Animatrix Ancient Guru

    Messages:
    6,836
    Likes Received:
    4
    GPU:
    BFG 8800GT OC2 512
    Troubleshooting check list:


    1. Look for updates to software, drivers and the operating system.


    2. Run System File Checker.

    Instructions: Vista / XP


    3. Run a disk check. Also go to your hard disk manufacture support page and look for a diagnostic utility.

    Instructions: Vista / XP


    4. Test your RAM for errors.


    5. Troubleshoot background running processes, use process of elimination. Autoruns is a tool used as msconfig only it's much more powerful. Process Explorer is another tool, it work like task manager only again much, much more powerful.
     
    Last edited: Oct 5, 2008

Share This Page