Windows Client Update, April 27, 2006: Diagnosing a Performance Hit to Your System

Windows Client UPDATE, April 27, 2006: Diagnosing a Performance Hit to Your System

Please take a moment to visit these advertisers' Web sites and show your support for Windows Client UPDATE:

Hot Release: Bindview ====================

1. Commentary
- Diagnosing a Performance Hit to Your System

2. Reader Challenge
- April Reader Challenge Answers

3. News & Views
- Microsoft-EU Hearing Turns to Competitive Issues

4. Resources
- Tip: Fixing Permissions on Shared Folders
- Featured Thread: Use the Command Line, Luke

5. New and Improved
- N and I: Sowsoft Network Password Manager 2.0
- Tell Us About a Hot Product and Get a T-Shirt!

==== Sponsor: Macrovision ====

Learn how application packaging can cut your OS migration time while maintaining error-free deployment.


==== 1. Commentary: Diagnosing a Performance Hit to Your System ====

by David Chernicoff, [email protected]

It’s not uncommon for a friend or a client to call me and complain that a computer has slowed down and taken a noticeable performance hit. Fortunately, I can usually walk the caller through the diagnostic process over the phone.

A few years ago, my first question would have been, “Have you defragged the hard disk lately?” I still advise checking that, but now my first question is, "Have you checked the computer for spyware or virus infection and made sure the system is clean?" I might also ask the user to reboot the computer and bring up Task Manager to look for things that don’t belong. Sometimes, the user has added software to the Startup folder or registry entries that causes additional and unnecessary system overhead.

At this point, I’ll ask if the system shows a noticeable decrease in performance or whether the slowdown happens over time (both conditions require the steps outlined below). Then I’ll walk the user through the application startup. Often, I'll find that application requirements simply exceed hardware capabilities—for example, users loading graphic-editing software onto systems with less than 512MB of RAM (an extreme example) while other applications continue to load as background processes.

I’ve learned to ask about basic system configuration; many users buy discounted systems without enough memory to run business applications, or users will preload so much stuff that runs at boot time that the computer handicaps itself. My experience has shown that the inexpensive hard disks in entry-level computers and storage devices have a notable failure rate, so I’ll ask the user to check the health of the hard disk. The more technically astute have already brought up Microsoft Management Console (MMC) with the Disk Management snap-in loaded and ready to go. The problem is that you can’t trust the Disk Management snap-in when it simply states that a disk is “Healthy." To properly use the snap-in to check the health of a disk, you need to right-click the drive and select Properties, then click the Tools tab and select Error-checking. Then, select both "Check disk" options ("Automatically fix file system errors" and "Scan for and attempt recovery of bad sectors") and click the Start button.

This process can take a long time to run when the disk is experiencing problems. You can also run this process by typing

chkdsk /F

in the command line. Lately, I’ve found disk-corruption errors causing system slowdown in almost 30 percent of the hardware problems I’ve dealt with.

Although Chkdsk repairs often solve the existing problem, disk-corruption errors are frequently an early warning of impending disk failure, so I always suggest a complete backup and careful monitoring of the disk in question. Irregularly occurring hardware problems can often create significant performance hits and should be considered early in the troubleshooting process as a likely cause.


==== Sponsor: Thawte ====

The Starter PKI Program
Do you need to secure multiple domains or host names? In this free white paper you'll learn how the Starter PKI Program will benefit your company with timesaving convenience. Plus you'll get the chance to actually test the program!


==== 2. Reader Challenge ====

by Kathy Ivens, [email protected]

The April 2006 Reader Challenge and Answers:

I recently participated in a panel discussion at a seminar for local IT administrators. As usual, the most interesting conversations were during the coffee breaks. This month's challenge is drawn from one of the conversations I overheard while scarfing down some delicious cheese Danish.

One participant said to another, "We're invoking POLP, but we need to figure out a way to force the use of Run As for some applications."

Question 1: What does POLP stand for?

Question 2: How do you force the use of Run As when launching an application?

Answer to #1:
POLP stands for Principle of Least Privilege. Using POLP means that each user should log on with a user account that has the absolute minimum permissions necessary to complete the user's regular tasks. This helps provide protection against malicious code and Internet intruder attacks. If a user logs on with a privileged account (e.g., one that has administrative privileges on the local machine or on the domain), and a virus executes, the virus will have administrative access to the local computer or to the entire domain. However, if the user logs on with a non-privileged account, the amount of damage that malware can do is limited.

Answer to #2:
To force a Run As dialog to appear when a user clicks a shortcut to open a program that requires elevated privileges, change the properties of the shortcut (which might be on the desktop, Quick Launch toolbar, or Programs menu). Right-click the shortcut, choose Properties, and make the following changes in the Properties dialog:

In Windows XP, click Advanced and select the option Run With Different Credentials.
In Windows 2000, select the option labeled Run As Different User.

Don't forget to tell users how to fill out the Run As dialog: They'll need to know the domain name and user name (of a privileged user) and the user password. They also need to know that the user name is entered in the format Domain\UserName (unless it's a Windows Workgroup, in which case only the Username is entered, and that name must exist as a local user).


==== 3. News & Views ====

by Paul Thurrott, [email protected]

Microsoft-EU Hearing Turns to Competitive Issues

On day four of the Microsoft antitrust hearings in the European Union (EU) Court of First Instance, the debate turned to esoteric and secretive information that Microsoft is trying to keep from its competitors. Microsoft is trying to limit the amount of technical information it provides to competitors--a major concern of the 2004 EU antitrust ruling. Microsoft rivals are arguing that the software giant is simply trying to harm competition and force its rivals to take the time and effort to reverse-engineer their software interfaces.

"The information isn't kept secret because it's valuable," said James Flynn, a lawyer for the European Committee for Interoperable Systems (ECIS), an industry group representing IBM, Oracle, and Sun Microsystems. "It's valuable because it's kept secret." A lawyer representing the open-source Samba project, which seeks to make Microsoft's networking functionality interoperable with open-source solutions, said that Microsoft could have "provided us with a very large part of the information required by the commission ... on a single floppy disk." Instead, Microsoft has fought the information-disclosure requirement for two years. Meanwhile, Samba lags behind Microsoft's networking implementation by "more than 10 years," according to Samba project founder Andrew Tridgell.

Microsoft says it hasn't exaggerated the importance of keeping some information secret. "We don't believe \[we can meet this EU requirement\] without disclosing certain algorithms," Microsoft attorney Ian Forrestor told the panel of 13 judges. However, Microsoft was quick to offer up the entire source code to Windows, which the EU never asked for.

Curiously, it was a witness from the prosecution, an engineer from Fujitsu, who cut to the heart of the matter. Microsoft's rivals, he said, "just want to be able to connect" to Microsoft's products. Good documentation would describe how to make these connections without revealing how Microsoft accomplished it through software. "It's axiomatic in our industry that specifications, properly written, don't reveal the design and shouldn't reveal the design," he said. In other words, Microsoft can protect its patented and copyrighted software code all it wants; competitors simply want the information necessary to interoperate with Microsoft's software.

==== Events and Resources ====

(A complete Web and live events directory brought to you by Windows IT Pro: )

How do you ensure that your email system isn't vulnerable to a messaging meltdown? In this Web seminar, Exchange guru Paul Robichaux tells you what you should do before you have an outage to increase your chances of coming out of it smelling like roses.

Learn the best ways to manage your email security (and fight spam) using a variety of solutions and tips.

Expert Ben Smith describes the benefits of using server virtualization to make computers more efficient. Download this exclusive podcast today!

Make sure that your DR systems are up to the challenge of a real natural disaster when you learn from messaging survivors of Hurricanes Katrina and Rita. Live Event: Tuesday, May 2, 2006!

Ensure that you’re being effective with your internal network security. Are your DIY options protecting you against worms, BotNets, Trojans and hackers? Make sure! Live Event: Tuesday, May 23, 2006!

===== Featured Whitepaper ====

Examine the threats of allowing unwanted or offensive content into your network and learn about the technologies and methodologies to defend against inappropriate content, spyware, IM, and P2P.

==== 4. Resources ====

Tip - Fixing Permissions on Shared Folders

I’ve heard from readers and I've seen firsthand that various security and networking applications will make previously available shared folders on a Windows XP computer unavailable to users from other computers, even though it appears that permissions have been set correctly to allow the network shares to be hosted. When you attempt to access a previously shared folder, the system generates a message such as " is not accessible. You may not have permission to use this network resource."

The problem is that the application the user is running has reset the registry value for restrictanonymous to 1 from 0. To change the value back, perform the following steps:

1. Launch the registry editor.
2. Open HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA.
3. In the right pane, double-click the restrictanonymous value.
4. Change the data value to 0.
5. Exit the registry editor.
6. Reboot the computer.
--David Chernicoff

Featured Thread:
"Use the Command Line, Luke"
Check out what's happening in the Security Matters blog at

==== Hot Release ====


Find solutions to manage multiple regulations effectively, saving time and expense when demonstrating compliance.

==== Announcements ====

(from Windows IT Pro and its partners)

Exclusive Spring Savings

Subscribe to Windows IT Pro and SAVE 58%! Along with your 12 issues, you'll get FREE access to the entire Windows IT Pro online article archive, which houses more than 9,000 helpful articles. This is a limited-time offer, so order now:

Save 44% off the Windows Scripting Solutions newsletter
For a limited-time, order the Windows Scripting Solutions newsletter and SAVE up to $80. You'll get 12 helpful issues loaded with expert-reviewed downloadable code and scripting techniques, as well as hundreds of tips on automating repetitive tasks. You'll also get FREE, unlimited access to the full online scripting article library (more than 500 articles). Subscribe now:

==== 5. New and Improved ====

by Caroline Marwitz, [email protected]

Sowsoft announced Network Password Manager 2.0, a client-server solution that provides safe storage of password information for groups of users and organizations. Network Password Manager stores the confidential information in a multiuser database, in a tree format, with different fields for each entry. A Windows Explorer-style UI makes the product ideal for beginners as well as experts. You can restrict each entry or folder to certain groups of users. With version 2.0, you can set data-access rights on the level of Windows security groups instead of having to enter rights for each user individually. Version 2.0 also offers search functions. Pricing starts at $199 for as many as five users, and you can download a free demo from the company's Web site.

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows IT Pro T-shirt if we write about the product in a future Windows IT Pro What's Hot column. Send your product suggestions with information about how the product has helped you:

[email protected]

===== Poll =====

We'd like to know what our readers are doing this summer!
You can go to the Windows IT Pro home page and submit your vote for the question, "What are your vacation plans for this summer?" a) Taking 1 week, b) Taking 2 weeks, c) Taking 3 weeks, d) Not taking any time off, or e) Taking my work to the beach.

==== Contact Us ====

About the newsletter -- [email protected]
About technical questions --
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring an UPDATE -- [email protected]


This email newsletter is brought to you by Windows IT Pro, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today!

View the Windows IT Pro privacy policy at

Windows IT Pro is a division of Penton Media Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2006, Penton Media Inc. All Rights Reserved.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.