On this page you'll find:
[The files that change]
[Annoying starting programs]
[Pre-Preparing for the search]
[Avoid some Microsoft spying]
[Various tips]
[On-the fly searchmasks: AV]
On other pages of mine
[Those annoying pdf files]
Let's imagine you have a brand-new PC with windows on it. I'm not saying you
SHOULD have a windows PC, I'm just assuming you have. See: I wont even try
to push you onto the GNU/Linux optimum path, because it is NOT necessary: you'll do it by yourself once
you will
have understood some basic lore (always with sound caveats, eh :-) I will just, instead,
try to help you hic et nunc to iron some things out... and
to understand some issues you may not be aware of...
<Newbies mode on>
The files that change
Slowly everyone is learning what a can of worms windows is... but sadly there are still
some people that are not aware of the consequences of having such a "vicious", buggy and poorly
documented operating system. Let's begin with some MUST KNOW about the "hidden" activities
going on under the hood. Bear with me: those of you that did not know nothing will
begin to see some light...
If you want to have some
exhilarating experiences on your own computer, you may begin by pointing your iexplorer
browser to [this link] (also note that there are a couple of
hidden directories there that you cannot see this way),
or your
Netscape browser to [this link] (you'll need to click on your own profile in
this case), or
your Opera browser (that you should by all means use instead of the two browsersaurii above) either
to [this link]
or to [this link].
For obvious anonymity reasons you should not
forget to check and tamper as well, for Opera, C:\Program Files\Opera\cookies.dat &
C:\Program Files\Opera\vlinks.dat ("visited links"). There is almost no way you
can have any control over your own data if you use iexplorer, so I'll not even try to
explain you the MANY places where this Microsoft abomination gathers and hides info about you
(see the old mm256 discussions or just do a grep for your data on your c:\ drive). Either you
set iexplorer and windows into a special
harddisk all on its own, and then you reformat and reinstall every day, or you - better -
just de-install it.
That's pretty scary eh, yet it is NOTHING: carry on:
just try the following command sequence: Start ~ Find ~ Files or Folders ~ tag DATE ~
Find all files ~ Modified ~ During the Previous ~ 1 day ~ Find now...
Have you done it? I got 371 files found a minute ago... Of course there
is a much quicker dos way: Start ~ Programs ~ MS-dos prompt Then you'll have the magic
dos box, and you can issue either the command
dir /od
(for c:\windows only) or the commands cd..
~ dir /s /od > lemmesee.txt (to get a listing for the
whole c:\drive inside lemmesee.txt)
Do you want some more thrills? Download Filemon by Mark Russinovich and Bryce Cogswell
(you are supposed to be searchers, so I really
do not think that I should
provide a link to this gorgeous utility) and fire it..
Do you want to descend even more deep into this buggy operating system?
Fetch and use Softice, by Numega, and once installed - windows will run
"inside" it - have "a good look around"
using the various
heap / thread / addr / class / task / tss (task state seg) / gdt (general
descriptor) / ldt (local) / hwnd / map32 / mod / vxd and so on commands...
scary
eh?
Mind you: it is not so much the fact that windoze is complicated (every operating system
is complicate) but the fact that it is so buggy and that it
leaves so many "open" (and hidden) traces that is
quite annoying, as you will soon discover on your own.
Annoying starting programs
Ok, this is a must know, that seekers should be able to find by themselves, but since
many friends don't know how to 'clean' their own system, I decided to post
this basic stuff here.
Just follow the instructions below, you'll learn quite a lot just doing it.
Older Windoze 9*
Under Windows98 click Start, then choose the
option Run, then
type in C:\windows\system\Msconfig.exe
and finally press
enter. Note that Msconfig can also be run on Windows 95 once you
have first downloaded from the web (or from the windows CD-ROM) the
correct version.
Once Msconfig is running click the Startup
option and uncheck
every box
except TaskMon, SysTray and LoadPowerProfile. If you'r scared and you'r
really convinced that
some other options must be kept checked then, by all means,
leave them checked... (you'll
later be able to finetune the system even more unchecking them
as well :-)
Once you have unchecked the unwanted parasites, re-boot and now check that
Windows loads without error prompts and especially
check that sounds and everything else
you need is working fine.
This procedure disables the automatic loading of most software that
has been happily installing itself since Windows was first setup.
This plethora of unwanted crap is one of the more
annoying aspects of the annoying Windoze OS people believe to be
compelled to use (until
they understand the need to move to GNU/Linux :-)
Having
everything loaded all the time eventually causes conflicts and generally makes the
system run slow. Almost ALL those programs can be run from
on the fly
when needed, and should be closed after finishing.
Newer Windoze XP
Under Windows XPpro, click Start, then choose the
option Run, then
type in cmd
and finally press
enter.
In the dos box, at the command prompt, type cd c:\ (and enter)
Now type tasklist in the dos box
If you want to see all the services running, grouped per svchost instance, type tasklist /svc
If you want to see all the services running and save the output to a file, say myservices.txt, type
tasklist /svc > myservices.txt
Alternatively, to have a look att the services running on your box,
type at the command prompt
msconfig, and then choose the 'services' tag. However,
do NOT use msconfig to disable services, type services.msc
at the command prompt instead.
In order to kill any instance of svchost that in your opinion hogs too many resources for
nothing, use
tskill (pid), where pid is the process id number you have
previously seen using tasklist...
For windows 2000 use, instead of tasklist, tlist.exe
from the Windows 2000 Diagnostics Tools CD-ROM: the syntax is tlist -s at the command prompt.
SVCHOST.EXE
This is one of the most annoying (alongside ctfmon.exe) of the windows processes,
hogging resources, memory and CPU-time
like there were no tomorrow. It is however responsible for
(quite a few) useful things, e.g. printing spool, sound drivers etc,
so you should not eliminate it, just disable the services you do not
need (type services.msc
at the command prompt, click on your unneded service and disable through the 'options' tag). The original svchost.exe file is located in the
c:\windows\System32 folder (or C:\WINNT\system32) folder;
a copy may exist in the
c:\windows\System32\dllcache (or C:\WINNT\system32\dllcache) folder.
In ALL other occurrences, a svchost.exe file is a virus, spyware, trojan or worm, hence you should
regularly check your computer for all instance of *host*.exe.
Note also that a few trojans mix the letters before "host", like scvhost.exe or add numbers after "host",
like svchost3.exe hence the reason
for the asterisks in the search for *host*.exe.
When checking for files on your own harddisks, use
a good free filefinder, like
agent ransack... (use options/dos expression and then input
*host*.exe).
Do not -NEVER- use
windows' own "search" function: the start/search function in windows xp
is just spyware that has been
built inside windoze itself, and will connects on port 80 to sa.windows.com (207.46.248.249) in order
to deliver to microsoft's spyes your IP and what you are searching for on your own harddisk.
ONLY two SVCHOST.EXE files should be found, they reside in your
c:\windows\System32 (or
C:\WINNT\system32)
and in your c:\windows\System32\dllcache (or C:\WINNT\system32\dllcache) folders.
If you only have these two SVCHOST.EXE files your system is fine.
Pre-Preparing for the search
"Pre-Preparing for the search"? Since there is a whole searchsession phase,
the first one, called
"Preparation (layout of the search strategy)" I should probably have found a better description for
this part, which is aimed to newbies. What I want to point out is that many readers don't know the most
elementary tricks you can apply in windoze, so that for some of you (of course
I am not daring to speak to the real conoisseurs out there :-) the following could
be of some use.
Glide your icons! (windoze 98)
You have obtained Opera, Ultraedit & the Proxomitron (the "starting set"
or
"little seeker's box n.1")
and want to use my own collection of search engines forms as homepage?
Then do the following
Opera ~ Navigation ~ Set home ~ file://localhost/c:/main.htm
Now glide Opera into the startbar of windoze98:
Start ~ Programs ~ Windows Explorer
"navigate" your Windows Explorer to
c:\Program files\Opera (assuming you
have installed it there)
Click right on Opera.exe and choose create shortcut
Click ctrl and glide this shortcut to the
taskbar (one centimeter right from "Start"). Now you have the shortcut
there.
Do the same for the Proxomitron and for Ultraedit.
Glide the three shortcuts to the c:\windows\Start subdir
as well
Glide Ultraedit to the c:\windows\send subdir as
well.
OK... banal, but necessary if you want to work a little more effectively.
Avoid some Microsoft spying
Microsoft offers 'automatical' and often hidden updates
and fixes through your connection to the internet using their
Registration Wizard application.
However this 'feature'
allows Microsoft to gather information from your system, including what
programs are installed, who they are registered to and so on. You may prefer
not to make available such info.
You may modify the register importing the key
Regwiz-off.reg
and you may prepare a batch file that automatically executes the
following command in order to turn off Registration Wizard at Dll level.
Here is how you do it right now on the fly:
Start,
Run
and then copy this line, paste it inside and run it:
regsvr32.exe -u regwizc.dll
Bye bye registration wizard!
Various Microsoft-savy tips
Make a shortcut on the desktop (rightclick on the desktop and choose
New,
Shortcut)
and enter this command in order to start Windows
Explorer in a mode to show everything:
C:\WINDOWS\EXPLORER.EXE /e, ::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
once you have done it, glide the icon on th bottom bar (see above how to glide)
Ever wondered why windoze seems 'to go asleep' for quite a while when you
browse your harddisks?
The swap file in Windows stores information to your hard
drive when memory runs low but week after week will grow huge, making the system
load slower and run slower (it takes longer to find data
inside such an huge file). The option to limit this file in windows itself
is VERY unreliable and prone to crashes (the whole windoze bazar is prone to crashes,
come to think of it).
Once every month restart your machine in dos mode and delete
C:\windows\win386.swp, the swap
file that cannot be deleted while windows is running. You'll notice a
remarkable performance improvement.
While doing that
use the powerful (and potentially destructive) command
Deltree to remove all temporary files in the Windows temp
folders (besonder nasty is the Temporary Internet Files
folder. Windows will rebuild all these folders when it restarts.
<Newbies mode off>
All the above is in fieri, of course, in the meantime those among you that
are security conscious may enjoy following quote:
"For their next act, they'll no doubt be buying a firewall running
under NT, which makes about as much sense as building a prison out
of meringue"
