[bct] De-Gunking Windows Part 1 (long)

  • From: "Debee Norling" <debee@xxxxxxxx>
  • To: "Blindcooltech@Freelists. Org" <blindcooltech@xxxxxxxxxxxxx>
  • Date: Sat, 18 Mar 2006 14:49:29 -0800

Below are my notes for my de-gunking cast. It isn't uploaded yet. I've
finished recording and I'm now editing it down so it isn't so tedious.

The purpose of the notes is to help you de-gunk your own system. I'm not as
organized a presenter as I'd like to be, so having me take notes for you
lets you sit back and not worry about finding the main points in my
ramblings. Everything important is written down here. Save it for the time
you de-gunk your own system, and feel free to pass on corrections or
additions.

**********

Notes on the De-gunking Windows Cast Part One

Goals: This first cast doesn't change the system. It analyzes what needs
changing.

Prepare: before changing anything on the system, document what's there. What
works, what doesn't. What needs researching?

Check the system tray. What's running? Do you know what each task is? Do you
know what its dependencies are? For example the  Norton ghost applet
"GHOSTTRAY.EXE" depends on several other services and agents.

Looking through the systray discover How do you exit the task temporarily if
you don't want it active? Does it have its own  technique for removing it
permanently. For example, Winamp lets you pick whether you want its agent
installed; the Book  courier transfer tool installs a shortcut in the
startup group that's easy to remove.

Check also the taskbar. No applications should be running while you diagnose
and later de-gunk.

Next reboot. What error messages appear if any? Do you know why you get
them. Do any unwanted programs run? Where did they  come from? Document what
is left for you to research.

Getting a grip on task manager: Call it up with ctrl-Alt-Del, at the "window
security" screen, press Alt-T. Spend most of  your time in the "processes"
tab.

Avoiding feeling overwhelmed: many columns can optionally appear in the
view. For simplicity, uncheck most of them. Display  the name,CPU usage and
memory usage. Other columns can be selectively displayed while
troubleshooting. Select View-choose  columns to pick which columns to
display. Then back in the list of running processes, click on column heading
to sort  (ascending for one click descending for two) by that column. You'll
need your JAWS or mouse cursor to do this.

Performance: Summarized in the processes list at the bottom of the screen.
Details appear under the performance tab. Helps  you determine how gunked up
the system really is and monitoring performance stats periodically tells you
if something  drastically changes when you add or remove a program.


Research: Task manager shows filenames of the running processes but that
rarely tells you much about the process. You can  google for the name or
check the below websites to browse annotated listings of windows daemons
(usually called start-up  tasks.)
http://www.sysinfo.org (my favorite)
http://www.bleeping-computer.com
http://www.greatis.com
http://www.windowsstartup.com
http://www.pacs-portal.co.uk
http://www.absolutestartup.com

Document: Log each task running and what it is, if possible. Log what you
plan to do, keep, remove, research more, etc.  Documentation never wastes
time, it saves hassles in the long run because you know both what you did
and what you still plan  to do.

Example Log snippet:
BCTStart.exe  Book Courier, auto-loads transfer tool, not necessary will
remove from startup group.
wdfmgr.exe  to research
WorkFlowTray.exe  keep, necessary for OmniPage batch processing
acrotray.exe something to do with acrobat, is it necessary? to research more
jfw.exe  keep, JAWS, necessary.
GhostTray.exe  unhappy when another norton service removed, to research
more, especially its dependencies
smss.exe  to research

How to log: Braillewriter, notetaker, cassette recorder, or use this JAWS
tip. Pull up task list. Turn off graphics  (insert-V, arrow to Graphics,
press spacebar for none, enter.) Maximize window. Arrange and sort columns
in task manager view  as desired. Press CTRL-Insert-W to "virtualize"
current window. Press CTRL-A to select all text in virtual buffer. Press
ctrl-C to copy. Press esc twice to clear virtual viewer and task manager.
Run notepad and paste text. Save as your notes  file. Add your research
results to same file.

MSCONFIG: Microsoft's system configuration utility. Can be used to remove
unwanted startup tasks but I don't like it. Useful  though for diagnostics.
Let's you selectively remove tasks and then all too easily put them back. On
your system explore and  document the services and startup tabs. Pay less
attention to the system.ini, win.ini and boot.ini tabs.

Below is a task manager listing for the three computers used in the cast.
Note these are all pretty gunked up and though they  are examples of
computers that work properly, they are all three computers whose performance
could stand some improvement.  These listings are the end of the Part One
cast notes. Part two will continue the discussion with more research and
diagnostic steps.

        computer A (Dell desktop 800 MHZ Pentium 3 256MB total mem)
Image Name CPU Mem Usage
opware14.exe 00  1,972 K
alg.exe 00  3,344 K
wdfmgr.exe 00  1,596 K
svchost.exe 00  4,048 K
Rtvscan.exe 00  17,788 K
mdm.exe 00  2,740 K
jfw.exe 09  19,992 K
DefWatch.exe 00  1,244 K
jhookldr.exe 00  2,312 K
spoolsv.exe 00  5,340 K
taskmgr.exe 01  5,064 K
svchost.exe 00  4,384 K
svchost.exe 00  3,060 K
svchost.exe 00  19,952 K
svchost.exe 00  3,848 K
explorer.exe 00  18,644 K
BCTStart.exe 00  3,512 K
ctfmon.exe 00  3,512 K
svchost.exe 00  4,296 K
VPTray.exe 00  4,156 K
lsass.exe 00  2,144 K
services.exe 00  3,892 K
winlogon.exe 00  1,204 K
csrss.exe 00  2,872 K
TeaTimer.exe 00  4,556 K
smss.exe 00  372 K
OpScheduler.exe 00  18,992 K
HPLamp.exe 00  3,440 K
WorkFlowTray.exe 00  19,844 K
System 00  220 K graphic 117 System Idle Process 80  16 K graphic 859

Processes: 32 CPU Usage: 22% Commit Charge: 226596K / 640508K

                Computer B (Del Desktop, (1.8 MHZ Pentium 4 512MB total mem)
Image Name CPU Mem Usage
jhookldr.exe 00  2,084 K
taskmgr.exe 02  5,116 K
notepad.exe 00  3,820 K
TheWeatherChan... 00  17,128 K
BCTStart.exe 00  3,256 K
acrotray.exe 00  2,408 K
VPTray.exe 00  6,364 K
TeaTimer.exe 00  4,476 K
OpScheduler.exe 00  8,140 K
alg.exe 00  3,272 K
realsched.exe 00  176 K
explorer.exe 02  17,440 K
wdfmgr.exe 00  1,596 K
Rtvscan.exe 00  29,336 K
opware14.exe 00  1,736 K
mdm.exe 00  2,792 K
jfw.exe 03  22,228 K
DefWatch.exe 00  1,644 K
spoolsv.exe 00  5,284 K
ccEvtMgr.exe 00  2,668 K
ccSetMgr.exe 00  3,940 K
svchost.exe 00  4,340 K
svchost.exe 00  3,024 K
ctfmon.exe 00  3,728 K
WorkFlowTray.exe 00  8,844 K
svchost.exe 00  19,232 K
svchost.exe 00  3,872 K
svchost.exe 00  4,628 K
ccApp.exe 00  8,888 K
lsass.exe 00  1,100 K
services.exe 00  4,196 K
winlogon.exe 00  1,088 K
TotRecSched.exe 00  1,968 K
csrss.exe 00  3,312 K
smss.exe 00  372 K
System 00  224 K
System Idle Process 94  16 K

Processes: 37 CPU Usage: 7% Commit Charge: 217M / 1249M

                Computer C (Fujitsu Laptop, 1.6MHZ Pentium 4 512MB total mem)
Image Name CPU Mem Usage
BCTStart.exe 00  2,704 K
SERVIC~1.EXE 00  5,068 K
TeaTimer.exe 00  7,928 K
GhostTray.exe 00  4,900 K
LAUNCH~1.EXE 00  12,596 K
ApntEx.exe 00  1,376 K
TotRecSched.exe 00  1,484 K
jhookldr.exe 00  1,068 K
CCAPP.EXE 00  16,564 K
Agent_MR.exe 00  1,728 K
tppaldr.exe 00  1,980 K
BtnHnd.exe 00  3,024 K
QuickTouch.exe 00  4,400 K
alg.exe 00  3,300 K
IndicatorUty.exe 00  8,524 K
Apoint.exe 00  4,320 K
LTSMMSG.exe 00  2,112 K
spoolsv.exe 00  5,432 K
CCEVTMGR.EXE 00  2,680 K
SPBBCSvc.exe 00  1,084 K
SNDSrvc.exe 00  2,496 K
CCSETMGR.EXE 00  4,224 K
svchost.exe 00  4,280 K
explorer.exe 01  16,616 K
wdfmgr.exe 00  1,596 K
symlcsvc.exe 00  176 K
svchost.exe 00  3,024 K
svchost.exe 00  3,852 K
svchost.exe 00  23,040 K
svchost.exe 00  4,012 K
svchost.exe 00  4,552 K
lsass.exe 00  1,716 K
services.exe 00  4,084 K
winlogon.exe 00  736 K
csrss.exe 01  3,584 K
NPROTECT.EXE 00  4,532 K
smss.exe 00  372 K
NPFMntor.exe 00  3,344 K
NICServ.exe 00  4,060 K
taskmgr.exe 01  5,380 K
navapsvc.exe 00  6,888 K
jfw.exe 10  22,240 K
gearsec.exe 00  1,004 K
notepad.exe 00  3,620 K
Crypserv.exe 00  1,712 K
ati2evxx.exe 00  1,432 K
System 00  212 K
System Idle Process 54  16 K

Processes: 49 CPU Usage: 46% Commit Charge: 262M / 1249M

--Debee



Other related posts: