"The web is with you, young Skywalker. But you are not a Jedi yet."
August 11, 2006 10:23 AM   Subscribe

"I want to come with you to Redmond and learn the ways of the Registry. I want to be Teh Haxorz, like my father before me."

Good morning, hive mind. I have grown tired of the stressful life of a noob technochondriac, and seek self-education that will allow me to use my computer with confidence.

With the help of three dear friends, I built a powerful PC. My friends with know-how have already gone above and beyond in helping me learn my way around Windows. I've no wish to trouble them further with my ignorance and panic. My computer has slowed a bit from lunging, mercurial machine it was in the first weeks after assembly. I open the task manager and examine the Processes list, but really don't understand what I'm looking at. Is that stack of "svchost.exe" a spyware cell or a routine process? Without straining the patience of my friends, I have no way to know for sure.

So self-reliance is the answer. I've heard tell that mastering the arcane art of The Registry is the key to supremacy for Windows XP. I've also heard that this is a most dangerous place to meddle. Please, mefites, if you can think of a web resource on registry management written with the beginner in mind, I would very much like to begin my training. Being that I'm a luddite at heart, I'll even settle for a book.

Useful pieces of registry manipulating software are also appreciated, but I'm more interested in developing the knowledge that will help me appraise a program's usefulness for myself.

My main aims are to get my computer running at peak efficiency, tightening up security by learning how to spot malware's machinations and the ability to spot and correct anamolous behavior before serious damage is done. A tall order, I know, but I've seldom seen this forum stumped.

Your time and input is deeply appreciated.
posted by EatTheWeek to Computers & Internet (15 answers total) 2 users marked this as a favorite
As far as running processes and figuring out what they are: Google them. There are a ton of sites that keep track of such things in organized data bases.

That's the first thing that comes to mind upon reading your question. :)
posted by routergirl at 10:32 AM on August 11, 2006

The registry is just a place to store settings. So, what you really want to know is what programs use what registry keys and what the allowable values mean. Easiest way to do that is to Google for "program name tweaks" e.g. "Windows tweaks." You will find a lot of Web pages out there devoted to the hidden settings of various programs.

While you're at it Google "Windows service tweaks" to find out what services you can disable. Indeed, many of the default ones use up memory and CPU for no functionality you'll ever actually use, so disabling them can be helpful.

For monitoring changes to the registry, what you want is Windows Defender (or Spybot's TeaTimer), which will alert you when a program changes your registry. Then you can look at what's being changed, Google it, and learn what the change means, and accept it or reject it accordingly. Basically if an alert pops up about registry modification when you weren't intentionally installing something, that's generally a red flag for malware.

The only registry editing software you need is regedit, which comes with Windows. Well, msconfig is more convenient than regedit for dealing with the portion of the registry that contains startup items and serivces; you can do tihs in regedit too but msconfig has a better UI for the task.
posted by kindall at 10:39 AM on August 11, 2006 [1 favorite]

I open the task manager and examine the Processes list, but really don't understand what I'm looking at. Is that stack of "svchost.exe" a spyware cell or a routine process? Without straining the patience of my friends, I have no way to know for sure.

Run tasklist /svc to get a list of what's running under each svchost process.

Do use the Process Explorer tool from Sysinternals to do your monitoring when possible (along with their other excellent utilities).
posted by j.edwards at 11:15 AM on August 11, 2006

SVCHost is a windows processthat acts as a host for services, hence the name. While it, in itself, is neutral there a processes from the dark side that often hide within it's seemingly innocuous shell. These dark lords of the processor can be found with sysinternals process viewer. You do, of course, have anti spyware and anti virus software installed? A good firewall?
posted by IronLizard at 11:15 AM on August 11, 2006

Some general principles that will keep most problems tractable are:
  • do as little tweaking as possible(if it ain't broke, don't fix it)
  • install as few apps as possible
  • avoid apps that install a bunch of unnecessary crap
  • avoid "desktop management", screensaver, and search bar apps and plug-ins.
  • keep the system tray clean.

    Many programs install "agents" or other continually running services which add another icon to your tray. For the most part, when you close a program, make sure it's closed and no longer shows up on the running processes list. Avoid programs which fight your efforts to use them this way. You can also check the list of running services, and set the optional ones to run as needed, instead of on startup.

    Some tweaks published are a little on the extreme side, and have unintended consequences which don't manifest themselves until you've forgotten all about them.

    Many applications change the way other programs work, and when you layer these things on top of one another, you get unpredictable behavior and you don't know where to start to fix things.

    Just keep things as simple and clean as possible and you'll avoid most problems and be more able to spot anomalies when they occur.

  • posted by Mr. Gunn at 11:16 AM on August 11, 2006

    Drat! Foiled again!
    posted by IronLizard at 11:16 AM on August 11, 2006

    If you want to keep your computer running nice and smoothly, I'm not sure if knowing how to manually alter the registry is your best answer. There are plenty of other things you can do to help stave off the inevitable slowing of Windows, however. Here's a few of the things I like to do:

    1. Select what programs automatically load on startup. To do this, go to start, run, and then type "msconfig". Under the startup tab, you can see the different programs that load at startup. The program name might be hard to find when looking under the "Startup Item" list, but I find that if you stretch out the "Command" field, you can trace the program back to the folder it is in under program files to determine whether you want it to load or not.

    2. Run the Disk Cleanup and Disk Defragmenter by going to start, programs, accessories, system tools. Many people are unhappy with the disk defrag that comes with windows, and there are a plethora of 3rd party defrag programs which can probably be found using Google.

    3. Use Firefox! One of the biggest problems with computers today are issues that come about from malicious spyware. Internet Explorer is infamous for being an insecure web browser. Rather than IE, use Firefox. I can't stress this enough.

    4. Scan and remove spyware and adware on your computer. There are a lot of free utilities that do this, but one of the best is Lavasoft's Ad-Aware .

    5. Tweak your computer's registry and other settings using a 3rd party application. This is an excellent program with a full-featured, 30 day trial. If you like it, you can purchase it.

    6. Be aware of what you're installing on your computer. Many programs and files from the internet contain spyware. Only install software from reputable companies. Also, try to keep the number of programs you install/uninstall at a minimum. Installing and uninstalling programs addes needless clutter.

    7. Finally, reformatting the computer. It seems like Windows machines slow down over time no matter what the user does to prevent it. Because of this, I and many other people choose to do a full reformat every year or so. All the data on your hard drive is erased, but installing the OS on a clean hard drive makes your computer run like the first day you built it. Reformatting looks intimidating, but it's really a simple, painless process. Just be sure to back up all of your data and be sure you have your driver and software installation CD's handy. Again, this is not something to be done every week or so, but on a yearly or bi-yearly basis.

    I hope this helps somewhat!
    posted by Paul KC at 11:25 AM on August 11, 2006

    This is just a humble suggestion; please don't interpret this as some sort of proselytizing (especially since I don't even use one), but this

    My main aims are to get my computer running at peak efficiency, tightening up security by learning how to spot malware's machinations and the ability to spot and correct anomalous behavior before serious damage is done. A tall order, I know, but I've seldom seen this forum stumped.

    screams "Use the Mac, Luke" to me. Is it too late to go to the light side of PC security? Of course, this depends on if you're a gamer, etc., and need some Windows-centric software. If you ARE, or do, consider boot camp., which will at the very least allow you to infect only your windows partition when something goes horribly wrong.
    posted by hoborg at 11:27 AM on August 11, 2006

    Ditto on Process Explorer.
    posted by frenetic at 12:02 PM on August 11, 2006

    As a piggyback question, why the heck hasn't someone yet written the app the displays your process list and from a cached database will tell you what each one really is and if it doesn't know, pings a configurable internet database?

    Windows/linux/MacOS would all benefit from an ipndb (Internet Process Name Database).
    posted by plinth at 12:10 PM on August 11, 2006

    Thanks frenetic - that looks like it. Thanks for reading my post and going back in time and posting the answer before I asked the question.
    posted by plinth at 12:17 PM on August 11, 2006

    Reminder: sysinternals *was bought by Microsoft* a couple weeks back; people have already detected changes in the downloadable programs.

    And there are links to older version which are still available, but caution is indicated.

    I feel like we've talked about this before...
    posted by baylink at 12:21 PM on August 11, 2006

    screams "Use the Mac, Luke" to me

    Nah, it really just screams:

    (1) Avoid MS net software. No IE, no Outlook.
    (2) Don't be a pinhead. Don't click on random shit, and don't frequent dubious warez and porn sites.
    (3) Don't install piles of crap you never use.
    (4) Let Windows keep itself updated.

    Really the only thing that takes maintenance is turning off all the goddam agents. Apple is particularly bad about having Every. Fucking. One. of their programs also install little helper programs that just sit there consuming resources and that steal file associations without asking nicely. itunes has two little assistants, for shit's sake.

    But even that isn't very hard if you only boot your machine once a week or less. Just kill the processes after boot.

    The security and spyware aspects of life with Windows are hugely overblown. If everyone using your machine has decent habits, you're very unlikely to have any problems and can just let the automatic MS malware thing run once a month. The reason you see so many infected Windows machines is that there is a vast sea of pinheads out there.
    posted by ROU_Xenophobe at 1:28 PM on August 11, 2006

    Response by poster: I really appreciate all the input here, my friends.

    IronLizard had a question earlier as to what I'm running - for anit-virus, AVG. For Spyware, I run Hitman once every couple of weeks.

    As for a firewall, I'm using a cable modem from Charter Communications. One of my friends who helped me build this thing said the modem had a firewall on it already. Windows doesn't seem aware of it, as I'm often warned one is not on. When I was playing WoW, however, that program seemed to spot it.
    posted by EatTheWeek at 5:24 PM on August 11, 2006

    get my computer running at peak efficiency

    Install more RAM. Then install more.

    tightening up security

    Put PC behind router. Firewall every port, in and out. Release a port, one at a time, as needed, for specific programs.

    Get to love netstat and ethereal.

    correct anamolous behavior

    Get large external disk. Make regular backups. Detect something? Step back to before it can be noticed.
    posted by meehawl at 6:57 PM on August 11, 2006

    « Older Help me make a DVD.   |   Weight loss for active cyclist Newer »
    This thread is closed to new comments.