John said:William said:[snip]FYI, John, here's the fat list of test.txt:
These Windows services are started:
Application Layer Gateway Service
Ati HotKey Poller
Automatic Updates
COM+ Event System
Cryptographic Services
DCOM Server Process Launcher
DHCP Client
Distributed Link Tracking Client
DNS Client
Event Log
Fast User Switching Compatibility
Help and Support
LexBce Server
lxct_device
Machine Debug Manager
Network Connections
Network Location Awareness (NLA)
Norton AntiVirus
Norton Save and Restore
Norton UnErase Protection
Pervasive PSQL Workgroup Engine
Plug and Play
Print Spooler
Protected Storage
Remote Access Connection Manager
Remote Procedure Call (RPC)
Secondary Logon
Security Accounts Manager
Server
Shell Hardware Detection
Speed Disk service
SSDP Discovery Service
System Event Notification
Task Scheduler
TCP/IP NetBIOS Helper
Telephony
Terminal Services
Themes
Universal Plug and Play Device Host
Viewpoint Manager Service
WebClient
Windows Audio
Windows Firewall/Internet Connection Sharing (ICS)
Windows Image Acquisition (WIA)
Windows Management Instrumentation
Windows Time
Wireless Zero Configuration
Workstation
The command completed successfully.
It's a desktop, you are the sole user and it is a stand alone? Do you
share files with others on the internet (with things like Limewire)? Do
you have/use a wireless router?
John
William said:******************************[snip]
I don't know why tasklist.exe doesn't play. That command line
has more to it, though.
Look at the list of processes in the Task Manager, Tasklist gives you
this information (and more) and allows you to capture the list to an
output file. You need to strip the streams from the file, I think
that when you execute the command and are prompted to confirm the
command is relaunched minus any switches or redirection operators.
*******************************
John, I think you're right about the command not relaunching with
switches, and I'd like to do it fully, but is there another
workaround? I'm in this so deep, I'd love to pursue it further
and maybe speed up the boot process, and get rid of unnecessary
churning of the CPU and hard drive.
*************************************
*************************************
Well, yes... sort of. You have the list of services, you set the
unnecessary services to Manual start. A few of them you set to
Disabled, there aren't many services that should be disabled, setting
unwanted services to Manual start is usually the way to handle
unnecessary services. If you want you can post the list of services and
we might suggest obvious candidates for the removal list.
John
William said:(snip)
John John
John, I went to Start>>Run>>cmd and at the > prompt
entered tasklist /svc >C:\startlist.txt
and it executed and made the file. Likewise net start ....
http://bellsouthpwp.net/b/i/billurie/startlist.txt
is the complete file.
I see there about 90% of the items I really wouldn't know
what to do with. If you'd like to suggest which I can
relegate to "Manual" or even "Off" I'd be willing to give
it a go.
John said:Ok, now you have something to work with. I have a pretty busy day so I
probably won't be able to to get back to you until later today.
Do you share a printer with others? If no you can start by disabling
File and Printer Sharing, you don't share files and no one accesses your
computer on a network so you may as well close this hole the size of
Texas on the machine... It's relatively safe when properly secured but
it's still a hole the size of Texas and if you don't need it close it.
http://safecomputing.umn.edu/guides/fileandprint.html
Disable Network Sharing
http://www.nnex.net/tech/winxp/file_print.htm
Disable File and Print Sharing in Windows XP
http://reviews.cnet.com/4520-6600_7-6344921-1.html
CNET Security Center How to disable File and Printer Sharing
John
A suggestion for you. Do a Google for 'windowsxp services tweak guide' and
print it out.
It has proven very helpful for me. It explains all services and what
settings should be.
William said:Thanks, John. I disabled file and printer sharing. When you have
time, I welcome your pointing me toward other stuff that is in the
tasklist that can be switched to manual. I assume that 'manual'
means it does not load on startup but still can be loaded when
needed.
Thanks for spending the time, John. I do appreciate it.John said:Yes, setting a service to "Manual" means that the service is not set to
start when the computer is booted and that it will be loaded if needed.
Note that even if set to manual the service might still load when the
computer is booted, that is normal, by and large you should not set a
service to "Disabled" unless you have good reasons to do so. Also note
that some services that are set to manual might not launch properly when
needed, in these cases the service must remain as an "Automatic" start
service. Let's start with the list of services, after you clean the
services up a bit you can then address the Tasklist processes.
Please keep the following in mind:
1- Do not change the startup type unless you understand the purpose of
the service.
2- Keep a record of the changes that you make, in case you need to
reverse them later.
3- Create Restore Points before making changes.
4- Keep in mind that disabling one item might cause other services or
processes to also disappear from the start list, a service or process
might spawn other processes so it isn't unusual to see more than one
thing disappear from the start list when you make changes. Also note
that a service might rely on the presence of another service so killing
one service might prevent another one from successfully starting. Rerun
your "Net Start" and "Tasklist /svc" commands after you make changes and
compare with the previous list.
5- Look in the Event Viewer log after you disable services and reboot
the machine, make sure that the changes do not trigger errors or warnings.
6- It's your computer, only you know exactly what is being run on it
and what is going on with it. We may offer suggestions but ultimately
the decisions are yours to make, we can't be held responsible if things
go sour. Remember that "One Man's Junk is Another Man's Treasure" and
that services or processes that are useless to us might be indispensable
to you, no two computers are the same!
For the time being lest look at the list of *Services* and some that I
would set to manual or disabled:
Ati HotKey Poller
I would set this service to Manual start or even disable it. Doing away
with this might cure the ATI errors showing up in your Event Log. Most
people don't make use of ATI HotKeys but before you change the service
read here (Look for the entry under Ati2evxx, Atievxx, Atipolab):
http://www.answersthatwork.com/Tasklist_pages/tasklist_a.htm
Distributed Link Tracking Client
Set it to manual, I doubt that you have any need for this.
DNS Client
Set this to manual.
Fast User Switching Compatibility
You're the sole user on the machine, no need to Fast User Switch, set
this service to manual.
Machine Debug Manager
A pesky thing that probably came to you courtesy of Microsoft Office,
set it to manual. This thing can be pretty persistent and a bit
difficult to disable.
Pervasive PSQL Workgroup Engine
I don't know what this is for, are you using database software?
Secondary Logon
Set this to manual, it allows you to run programs or processes under a
different user account (such as the RunAs feature). Most folks never
use this.
Server
If you uninstalled File and Printer Sharing the Server service should no
longer be in the list of services. If File and Printer Sharing was only
disabled the Server service will still show but it should not be
running. For additional security, if the service is still on the list
you can set it to disabled, this will prevent File and Printer Sharing
from running.
SSDP Discovery Service
I always set this to disabled and I have never had any problems with it
being disabled. There are security concerns around this service and
most folks don't want it running on their computers but read here before
you disable it:
http://www.blackviper.com/WinXP/Services/SSDP_Discovery_Service.htm
TCP/IP NetBIOS Helper
Set this to manual, only needed for NetBIOS name resolution on networks.
Viewpoint Manager Service
I haven't a clue what this is for.
WebClient
Set this to manual.
Windows Time
Entirely up to you, sets (synchronizes) the time on your computer with a
time server on the internet.
Wireless Zero Configuration
No wireless devices, no need for this. Set it to manual.
John
William said:Thanks for spending the time, John. I do appreciate it.
I find the following failure repeatedly in my Event Monitor.
Could someone lead me to its resolution? Thank you.
Event Type: Failure Audit
Event Source: Security
Event Category: Policy Change
Event ID: 615
Date: 3/2/2010
Time: 6:51:08 AM
User: NT AUTHORITY\NETWORK SERVICE
Computer: COMPAQ-2006
Description:
IPSec Services: IPSec Services failed to get the complete list of
network interfaces on the machine. This can be a potential security
hazard to the machine since some of the network interfaces may not get
the protection as desired by the applied IPSec filters. Please run IPSec
monitor snap-in to further diagnose the problem.
For more information, see Help and Support Center at
... (I'm not allowed to post even links that were in the quoted text)
I'm getting the same event-log error report, and Google search turned up
your question from years ago but no answer.
If anybody finds an answer, post here but also let me know:
mobile . twitter . com / CalRobert
(Forum won't let me post links, hence broke up the URL.)
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.