[Oniketsoku]

WinPatrol:

http://senduit.com/f4e675

Process Explorer:

http://senduit.com/fb6c84

[Advertisements]

Well! A remarkably short start-up list! I'm impressed! So many users have dozens of things going on.

You'll notice that Winpatrol even lists itself. I do like having Scotty on patrol for me at least for a while each session. He will 'woof' and give me a dialog if new things try to auto-start or my home page changes. He offers other alerts as well. The 'Options' tab lets you modify how it works. I chose to use the 'old' Scotty image. Just 'used to' it I guess.

A couple of the things that you have auto-starting do give me pause, though. Number one is Free RAMXP. If you have that configured to run full time and "free RAM" at a preset level, that may actually be part of the problem.

Windows uses the physical structure of the machine's memory sticks (RAM) as a sort of 'solid hard drive' in which it stores information about how it should handle all those 1's and zeros. When there is no more room to do it in RAM. Windows 'makes notes to itself' by placing the information on the hard drive in what is called "Virtual Memory." This is sometimes also called the "Page File." Since the Page File is actually written to the hard drive and then, when needed, read back into the system, it is much slower than activity that takes place entirely in RAM. RAM memory is just electricity patterns. Very quick.

A utility like Free RAMXP limits the amount of RAM available to the system, and forces XP to write anything else it needs to 'remember' to the page file. So~ If you have FreeRAMXP set to activate at say 65%, that means that as far as Windows is concerned, you only have 65% of your listed RAM to use. After that--page file time.

I know it sounds like a good thing to have free RAM available, but really, you want Windows to use all the RAM it can and as little of the page file as is necessary. I really think that you should disable it in WinPatrol.
Just left click it once on the list to highlight, and then press the "Disable" button at the lower right. It won't disappear from the list, and will still start manually if you desire, but try running without it for a while.

You're going to want to keep Kaspersky and the mouse, but the Adobe Reader will still work just fine without the 'Speed Launch" utility.

Do you have a RAID array of hard drives/partitions connected to your system? I notice a "RAID" tool on the list, and am unfamiliar with that one.

I notice in Process Explorer that you have Lavasoft Ad-Aware working for you. I'm wondering... Does your Kaspersky also have an "anti-spyware" component? Having 2 different engines attempting to do the same job (full-time anti-spyware client) often results in slow-downs and even freezes just like 2 anti-virus programs.

Interestingly, testing has shown that having more than one engine running at a time actually results in poorer protection because they are spending too much time working against each other and miss vectored attacks.

See how you feel about making some of these changes. I think they just might help. And we're not doing anything that can't be easily reversed.
Reboot after and let me know if things seem better. (or not)

I also think we should investigate your Services, but that's another day. Looking forward to hearing about your progress.

PS: Add 'CPU Time' to your Process Explorer columns, and click on that column header to sort when you open it up. Makes it easier to read the most active processes.

[1101doc]

Well! A remarkably short start-up list! I'm impressed! So many users have dozens of things going on.

You'll notice that Winpatrol even lists itself. I do like having Scotty on patrol for me at least for a while each session. He will 'woof' and give me a dialog if new things try to auto-start or my home page changes. He offers other alerts as well. The 'Options' tab lets you modify how it works. I chose to use the 'old' Scotty image. Just 'used to' it I guess.

A couple of the things that you have auto-starting do give me pause, though. Number one is Free RAMXP. If you have that configured to run full time and "free RAM" at a preset level, that may actually be part of the problem.

Windows uses the physical structure of the machine's memory sticks (RAM) as a sort of 'solid hard drive' in which it stores information about how it should handle all those 1's and zeros. When there is no more room to do it in RAM. Windows 'makes notes to itself' by placing the information on the hard drive in what is called "Virtual Memory." This is sometimes also called the "Page File." Since the Page File is actually written to the hard drive and then, when needed, read back into the system, it is much slower than activity that takes place entirely in RAM. RAM memory is just electricity patterns. Very quick.

A utility like Free RAMXP limits the amount of RAM available to the system, and forces XP to write anything else it needs to 'remember' to the page file. So~ If you have FreeRAMXP set to activate at say 65%, that means that as far as Windows is concerned, you only have 65% of your listed RAM to use. After that--page file time.

I know it sounds like a good thing to have free RAM available, but really, you want Windows to use all the RAM it can and as little of the page file as is necessary. I really think that you should disable it in WinPatrol.
Just left click it once on the list to highlight, and then press the "Disable" button at the lower right. It won't disappear from the list, and will still start manually if you desire, but try running without it for a while.

You're going to want to keep Kaspersky and the mouse, but the Adobe Reader will still work just fine without the 'Speed Launch" utility.

Do you have a RAID array of hard drives/partitions connected to your system? I notice a "RAID" tool on the list, and am unfamiliar with that one.

I notice in Process Explorer that you have Lavasoft Ad-Aware working for you. I'm wondering... Does your Kaspersky also have an "anti-spyware" component? Having 2 different engines attempting to do the same job (full-time anti-spyware client) often results in slow-downs and even freezes just like 2 anti-virus programs.

Interestingly, testing has shown that having more than one engine running at a time actually results in poorer protection because they are spending too much time working against each other and miss vectored attacks.

See how you feel about making some of these changes. I think they just might help. And we're not doing anything that can't be easily reversed.
Reboot after and let me know if things seem better. (or not)

I also think we should investigate your Services, but that's another day. Looking forward to hearing about your progress.

PS: Add 'CPU Time' to your Process Explorer columns, and click on that column header to sort when you open it up. Makes it easier to read the most active processes.

[Oniketsoku]

The programs I have installed for Antispyware: SuperAntiSpyware, Spybot S&D, Kaspersky, and Ad-Aware SE Personal
Though I do frequently close out of kaspersky and (nearly) every other program / process before I launch a game

I'm not sure all what I have concerning VIA or RAID or IDE drivers and stuff but I do know I upgraded several drivers in my last topic in the malware forum; I still have a couple out of date drivers

Thanks for the tip about the RAM, I had no idea

Edited by Oniketsoku, 27 November 2007 - 06:44 AM.

[Oniketsoku]

PC is going a little bit faster.

[1101doc]

Hey! Good news!

It is fine to have as many 'scanners' for malware as you like. But best to have only one running full time as a 'client' in the tray.

The reason I asked about RAID is the WinPatrol startup entry. I think that is more than just a driver. What does SIW tell you about your hard drives?
Any mention of RAID there?

I have some afternoon responsibilities out in the 'real world.' This evening I'd like to talk a bit about your Services. If you have time, perhaps you could get an overview by checking out these 2 sites:
http://www.theelderg...vices_guide.htm
http://www.blackvipe.../servicecfg.htm

Just investigate and get familiar with the basics. We can take a look at what you've got running tonight. Like I said--a step at a time and we'll get there.

[Oniketsoku]

Im not sure what to look for in SIW

I dont see RAID under software or hardware

Read a bit on both of those sites..
Not sure what I understood from them though

Edited by Oniketsoku, 27 November 2007 - 04:45 PM.

[1101doc]

See what SIW has to say when you click "Storage Devices" in the left panel. Anything about RAID there? If not, rather that just having WinPatrol stop it from auto-starting, you may want to see what happens when you ask Process Explorer to 'suspend' the process. Right click the ProcExp entry for the "RAID" process and select suspend. If things go goofy, right click again and resume. If things go really goofy, reboot. The process is set to auto-start.

If nothing seems to change, let the system run for the evening without it, and make sure all your devices and drives work properly. Once you're sure, then you can have WinPatrol stop it from auto-start.

Do you know about "Last known good configuration?" It is one of the choices displayed after using the F8 key as boot begins. The same method as going to Safe Mode. "Last known good.." is a system snapshot that Windows updates periodically. Any time "goofyness" occurs, and for sure when you have to do a 'hard' powerdown by holding the power button. Always use "Last known good..." for the very next boot. Almost always will get you back to normal if used immediately.

[Oniketsoku]

I could try the Last Known Good configuration if you want - i have no idea when it it'll reset back to though

[Oniketsoku]

The only things i can see under Storage Devices are Fixed hard disc media and 2 things titled DVD

I also seem to be unable to locate anything RAID related in ProcExp

Edited by Oniketsoku, 27 November 2007 - 06:38 PM.

[1101doc]

When you select "Storage devices" from the SIW left side, a list appears on the right side. it may be off the screen to the right, but use the slider bar if necessary to find the "Type" column. That's where it will say RAID if it is going to be there.

Could you send me another shot of ProcExp please? This time please click the 'CPU Time' column header to sort first, OK? I know I saw something RAID-ish there yesterday.

[Oniketsoku]

Here is an SS of ProcExp:
http://senduit.com/d883f7

Here is one of SIW:
http://senduit.com/a45ea8

[1101doc]

Well. No RAID there, eh? Has it been turned off already in WinPatrol? If so, you evidently don't need it. If not, then something else that was stopped was its parent. Either way, things seem to be working without it.

SIW doesn't mention it either. Your drives are IDE not RAID.

Overall, ProcExp seems good. I didn't see anything Kaspersky there. Is it not running?

[Oniketsoku]

Ohh yeah
I turned it off in WinPatrol, I forgot to mention that lol sorry

Edited by Oniketsoku, 27 November 2007 - 07:29 PM.

[Oniketsoku]

And yeah, I turned kaspersky off to play WoW earlier

[1101doc]

Did it play better with the changes you've made?