Last updated: 28 June 2009
3.1 Essential: Install appropriate Microsoft updates
3.2 Desirable: Run Microsoft releases of its Malicious Software Removal Tool
3.3 Essential: Install and use an anti-virus, anti-trojans, anti-worm application
3.4 Essential: Install and use anti-spyware software
3.5 Essential: Configure your internet browser to implement strong security processes
3.6 Desirable: Prevent your Internet Explorer home page and search page settings from being hijacked
3.7 Essential: Prevent unauthorised changes to the Startup process (Applications, Services, Task scheduler)
3.8 Optional or Essential: Clean out redundant or unwanted startup Applications and Services
3.9 Optional or Essential: Determine what processes are using resources
3.10 Optional: Undertake an on-line security scan to check protection against intrusion through the internet
3.11 Essential: Install a 'firewall'
3.12 Desirable or essential: Run the Microsoft CHKDSK application to check for and fix file and folder structures
3.13 Desirable or Essential: Run the Microsoft application SFC to check for and fix corrupt system files
3.14 Essential: Undertake registry cleaning after installs, uninstalls or after install problems
3.15 Essential: Check hard drive defragmentation; defragment if need is indicated
3.16 Essential: Don't open emails of unknown parentage4.1 Essential: Unplug everything when lightning is a risk
4.2 Essential: Check for loose fitting external power connectors
4.3 Essential: Check that external devices are securely attached and powered
4.4 Desirable: Check for loose internal power cables and data data cables going to hard drives, internal CD and DVD devices and cradles for removeable caddies
4.5 Optional: Replace or refurbish faulty or suspect power cables and data cables
4.6 Essential: Check USB, Firewire and e-SATA connectors and cables
4.7 Essential: Check that accessible cooling fans are turning and in the right direction
4.8 Desirable: Check that cooling fans inside the PCs case are turning and in the right direction
4.9 Desirable: Check that fins on any internal heat sink are not clogged with dust
4.10 Desirable: Check that any air filters inside the PC's case are not clogged with dust; clean if necessary
4.11 Optional: Check and monitor CPU temperature
4.12 Optional: Check and monitor hard drive temperatures and health
5. Maintenance to enable recovery
5.1 Essential: Create System Restore Points or at least backups of the registry prior to installing any new application or new versions of old applications
5.2 Essential: Create regular backups of your master drive onto another drive
7. Conclusions and recommendations for the beginner
Appendix 1 - Undertaking a Boot-time Scan With Avast 4
Appendix 2 - Changes to initial release
Appendix 3 - Adding Spybot's Tea Timer application to the Startup process
From time to time I provide assistance to people who are having problems with computers that have a Windows operating system. Some problems were such that no owner could have avoided them - for instance a power supply that dies of old age. However, some problems might not have arisen in the first place if the PC owner had undertaken preventative maintenance. Included in that type of problem are: equipment ruined by lightning strikes, viruses, trojans, worms, spyware, unexplained slow down in performance, spontaneous rebooting, lost and unrecoverable files, slow startup, slow closing, unexplained additions to the applications and services that load during startup, and unrecoverable registries following corruption. This is not an exhaustive list of problems.
While I am tempting fate in saying it, I have not had any of those types of problems for more than two years. My PC continues to run at the speed that I would expect from it. It starts and closes at a speed that is consistent with the number of applications that I load automatically at startup. I spend hours each day on the internet, exploring many sites including ones that potentially could be infectious, I install many trial applications to see what they are like (and uninstall most of them). I have never had to consider as a serious option the dreaded 'Format C:' thing.
So I was wondering what I am doing that people with problems are not doing, and that led to the development of this article and the specific recommendations regarding maintenance.
I have categorised the recommendations made as being either 'Essential', 'Desirable' or 'Optional'. The 'Essential' ones are those that even beginners should be able to implement. More skills are required to implement the other two types, but for people who use many or complex applications and/or who use their PCs for many tasks, they deserve careful consideration.
For a PC maintenance system to be effective it needs to have these attributes:
My recommendations have been formulated keeping in mind those desirable objectives. Unfortunately, as PC technology and applications develop, the need for maintenance increases rather than decreases and it becomes more and more difficult to implement a maintenance system that has all those attributes. So while some of the recommendations are easy to implement; others are not so easy.
In Section 6 of the article I have provided a Troubleshooting guide - for when maintenance has failed. This is not comprehensive and I may build it up later.
In Section 7 I have provided some specific recommendations that beginners might implement.
My suggestions are limited in applicability because I have a very simple PC system:
On the other hand, I do have:
The operating system and other software that I use comprises:
Note that I am not using Vista (and plan to not do so until well after all the problems that apply for a 'new' operating system have been sorted out by other folk). At the time of writing, I do not know how much of the contents of this article will be inapplicable (if any) to people with Vista systems.
I have this hardware:
Whether or not my suggestions are appropriate and/or implementable by you depends on considerations such as: what your hardware is designed to facilitate, what your operating system is, what hardware and software you have already, what your skills are, what you can afford to pay for additional software and hardware, what applications you use and how many people use your PC. While you may have a hardware configuration that is significantly different to mine or use your PC for activities that are radically different to those of interest to me, I'm sure that at least some of the general principles will be applicable.
I have referred to a selection of applications that I think are particularly useful in maintenance. If you are interested in any of them, check on the makers' sites to make sure that they are appropriate for your operating system email client and internet browser.
3.1 Essential: Install appropriate Microsoft updates
Software skills required: Basic
Hardware skills required: Nil
Frequency: Shortly after release by MicrosoftIt is essential that the XP version that you have installed is SP2. Message ends.
Microsoft issues periodic notifications about 'updates' for XP and its other supported operating systems and for other Microsoft applications. The updates include patches to improve security and to fix faults. It is essential that releases relating to security and faults be implemented for your operating system and - if you use them at all - for Internet Explorer and your Microsoft email client (Outlook or Outlook Express). Do the same for other Microsoft applications that you use (especially Office applications).
Some people prefer not to implement updates immediately because in the past a few have led to consequential problems requiring later releases to fix the problems caused. For that reason, before installing any update I make sure that it has been released for at least a week. Whether or not you wait before downloading any update is your choice.
I have my Microsoft updates setting configured so that I receive update notifications automatically, but I do NOT let Windows download and implement updates automatically. I'd advise anyone who has a dial-up connection or slow ADSL to do the same. (Select your updates setting through: Start | Control Panel | Security Center | Automatic Updates panel). After I know what updates are available, I wait for about a week (in most cases) then I go to the Microsoft Update site: Start | Microsoft Update. That will eventually get to this Microsoft site . When there, I select the 'Custom' download option, then select only the updates that I want.
Some Microsoft releases are unrelated to security or faults. For example, Microsoft releases new versions of some of its applications from time to time (e.g. new versions of Internet Explorer or Media Player). Microsoft also releases updates for system functionality that you might not want to use. Therefore you may elect to be selective about some updates.
If you are unable to download some Microsoft updates because you have an illegal version of the operating system, then you run the risk of maintenance problems that is just not worth the relatively small cost of a legitimate version. In my view, using an illegal version of a Microsoft operating system has potential consequences that are just not worth the money 'saved'. Apart from the moral and legal aspects, it's a dopey strategy!
If you use non-Microsoft browsers and email clients, it would also be essential that you implement any of their updates relating to security or faults.
3.2 Desirable: Run Microsoft releases of its Malicious Software Removal Tool
Software skills required: Basic
Hardware skills required: Nil
Frequency: Run immediately after release by MicrosoftAs part of its regular 'updates' process, Microsoft provides updates of its 'Malicious Software Removal Tool' periodically. This application detects infection by certain types of malware and is applicable to Windows XP, 2000 or Server 2004. While I have no evidence that it detects any problems additional to those already interdicted by a top-rate anti-virus/trojan/worm application and a top-rate anti-spyware application, it is prudent to run this tool immediately after being informed by Microsoft of its availability. The latest version of this tool can be downloaded from here.
3.3 Essential: Install and use an anti-virus, anti-trojan, anti-worm application
Software skills required: Basic
Hardware skills required: Nil
Frequency: Install at time of purchase; undertake comprehensive scan if any problems, and also every 4 weeksThere are many applications that provide protection against viruses, trojans and worms (commonly referred to simply as 'anti-virus' applications). This article provides excellent information about such applications plus links to reviews and meta reviews (reviews of reviews). Note that some applications may not be appropriate for all Windows operating systems. It is essential that you have either a good freeware application running on your PC, or even better, a payware application that provides stronger protection, and/or more comprehensive functionality and/or which is updated more frequently.
The application used for that protection must be one that loads automatically when you boot your PC and resides in memory so that all applications are scanned just prior to their loading. The application should also be one that automatically scans incoming Emails and their attachments and scans internet downloads. While not essential, it is desirable that it also scan outgoing Emails and attachments so that in the event that you do have malware on your PC, you do not pass it on to others.
The application must also regularly update its database of 'signatures' or 'definitions' that enable it to detect malware. Ideally this should occur every day. It is essential that you immediately install such updates and also updates of the application itself when they become available. Ideally, the application should be one that can be configured to detect the existence of, and to install updates automatically. The better applications will inform you of the existence of updates when they become available and 'push' the update to your PC.
Some such applications are freeware and others costware. Of the freeware applications Avast 4 Home is a widely used application. It updates itself just about every day and sometimes more than once a day. Terry Bibo's article here provides excellent information about it (and other security applications). Another , widely used freeware product is AVG Anti-virus Free . Other freeware applications are available and are listed in this excellent source: http://www.firewallguide.com/anti-virus.htm
There are many payware applications and in most cases they provide stronger protection and/or more functionality than the freeware applications. They are also listed in this source: http://www.firewallguide.com/anti-virus.htm
Note that there is also a type of payware application that comprise a 'suite' of anti-malware functionality, covering more than just one of these types of functionality: 'anti-virus', 'anti-spyware', 'firewall', 'anti-spamware', and others. An excellent review of security suites plus links to other reviews and meta reviews is here: http://www.firewallguide.com/suites.htm While I used to buy individual payware applications for each type of security protection, currently I simply use one such suite Kaspersky Internet Security. I much prefer the suite approach because updating is automatic and very frequent, the various security elements are integrated and presented in a well-organised user interface, and there is no conflict in the operation of the elements. For me, the modest price for this application is worth it in terms of protection strength and ease of use. It also has a function that enables you to download an ISO file that can be used to create an up to date bootable 'Rescue CD'. That CD can be used to boot any PC and check for malware and fix if malware is found. It also has a alternative function that can be used to create such a CD directly from within the Kaspersky application but that function requires you to have Bart PE Builder installed on your PC.
As you will see from the firewallguide site, there are other highly rated suites, including Norton Internet Security, Norton 360 and Zone Alarm Internet Security Suite.
While good anti-viruses/trojans/worms applications will promulgate updates to the definitions and signatures frequently, it could be that a PC acquires malware prior to a relevant update being promulgated. The updated application/s will be unable to detect such malware without a comprehensive scan being undertaken. In addition, viruses and other nasties may have been saved into an archive (e.g. a system restore point file that XP has created for you). Therefore even though you may not be experiencing problems that may be caused by viruses/trojans/worms, there is value in undertaking regularly a comprehensive scan for viruses/trojans/worms - say every 4 weeks. If you are using Avast, the most thorough scan for viruses/trojans/worms is a 'Scheduled boot-time scan' as explained in Appendix 1. Other applications can be used to undertake a comprehensive scan without doing it at boot time.
If you are experiencing unexplained problems such as slowed down operations or spontaneous re-booting when loading an application or when undertaking some other activity, it is recommended that you undertake a comprehensive scan.
3.4 Essential: Install and use anti-spyware software
Software skills required: Basic to Intermediate
Hardware skills required: Nil
Frequency: Install at time of purchase; undertake a comprehensive scan for spyware every four weeks.It is essential that a good (so-called) 'anti-spyware' application be installed. These applications actually provide protection against a broad range of malware activity. For instance, Webroot (maker of Spy Sweeper) explains the type of malware that Spy Sweeper protects against thus:
'Typically, potentially unwanted programs (spyware, adware, and suspect programs) get installed on your computer without your knowledge or consent. They may be part of a program that you installed or they may install themselves as you visit various Web sites. Potentially unwanted programs are any applications that make changes to your computer, while collecting information about your computer activities. This information may then be sent to a third party for malicious purposes, without your knowledge or consent. Potentially unwanted programs arrive bundled with freeware or shareware, through e-mail, by someone with access to your computer, or by another means without your consent. Unlike traditional personalization or session cookies, potentially unwanted programs are difficult to detect, and difficult (if not impossible) for the average user to remove.'
A good a review of anti-spyware applications plus links to other reviews and meta reviews is here: http://www.firewallguide.com/spyware.htm Note that some applications may not be appropriate for all Windows operating systems.
Anti-spyware applications will often also provide protection against undesirable changes to settings within your registry, system settings, browser settings and startup processes. However the types of protection given will vary considerably from application to application.
As with anti-virus applications, it is essential that your 'anti-spyware' application makes available updates comprising signatures and definitions as new threats emerge and that you install them immediately that they become available. Another highly desirable (if not essential) feature is automatic updating. Without automatic updating users can easily forget to do manual updating.
There are a number of freeware anti-spyware applications which can provide more of less protection. Windows Defender has limited functionality but is easy to comprehend and may be a good choice for people with very limited computing skills. Spybot Search and Destroy has more functionality than Defender or AVG Free and is widely used but its user interface is complex. Terry Bibo's article here provides excellent information about Spybot (and other security applications) and his 'tutorial' here is a very useful guide to configuring it. It can be configured to undertake scheduled scans.
However, as with anti-virus applications, payware anti-spyware applications have more functionality than most freeware applications and often provide stronger protection.
As is indicated above, note that there are some payware applications that comprise 'suites' of anti-malware functionality and including anti-spyware. My protection against anti-spyware is through Kaspersky Internet Security
The more functionality that a spyware application has, the more confusing it will be initially to configure and use. Spybot and Spy Sweeper have comprehensive functionality. A major merit of these applications are their ability to monitor any attempts to modify at least some of Internet Explorer's settings, such as the browser's home page (protecting against what is referred to as 'hijacking the home page' - see below).
I also recommend undertaking regular comprehensive scans for spyware which may have been acquired prior some time in the past because of the inability of the application being able to interdict it at the time of infection.
3.5 Essential: Configure your internet browser to implement strong security
Software skills required: Basic
Hardware skills required: Nil
Frequency: Configure at time of initial installation of the browserInternet Explorer and other Internet browsers can be configured to implement more or less security and privacy. It is prudent to use security and privacy settings that provide more rather than less protection. The default settings for your browser should meet that objective, so if in doubt, do not change the as-installed settings.
If malware changes your settings, they can probably be reset within your browser. For example, for Internet Explorer: Tools | Internet options | Security tab and Privacy tab: select the Default settings.
3.6 Essential: Prevent your Internet Explorer home page and search page settings from being hijacked
Software skills required: Basic to intermediate
Hardware skills required: Nil
Frequency: Configure at time of initial installation of the browser; fix if the home page has already been hijackedThe better 'anti-spyware' applications can be configured to stop all attempts to change the Internet Explorer (IE) home page and IE search page settings. So if your anti-spyware application has that functionality, you should turn it on. Without some such protection, the IE home page and IE search page can get 'hijacked'. This is evidenced by IE opening up a web page that is not the one that you set at the time of installation, or that is different to the usual one.
If the IE search page has been hijacked or is otherwise not what you want, then it can be changed in IE through:
Tools | Internet Options | General tab | Search | Settings
If the IE home page has been hijacked or is otherwise not what you want, then it can be changed in IE through:
Tools | Internet Options | General tab | Home Page
However, if the 'address' (i.e. the URL) of the home page shown is greyed out, it will be impossible to change the URL directly there. If it is greyed out, this problem can be overcome by using Spybot Search and Destroy. The procedure is a tad complicated, though:
The last step will grey out the URL that you entered in IE, so that it has some (although no breakable) protection from unauthorised changes.
- Close IE if it is open
- (If necessary, install and then run Spybot. After it opens:
Mode | Advanced Mode | Tools | IE Tweaks |
Untick the box 'Lock IE start page settings against user changes...'
- Run IE then:
Tools | Internet Options | General tab
In the Home Page text entry panel enter the URL that you want to use as your home page (e.g.:
http://www.google.com
- Close IE
- Go back to Spybot and:
Mode | Advanced Mode | Tools | IE Tweaks |
Tick the box 'Lock IE start page settings against user changes...'3.7 Essential: Prevent unauthorised changes to the Startup process (Applications, Services, Task scheduler)
Software skills required: Basic to Intermediate (depending on the application used)
Hardware skills required: Nil
Frequency: Install an anti-change application at time of purchase, have in operation all the timeWhen your PC starts up, a number of applications and 'Windows Services' are started automatically by the operating system. Which ones start, when they start, and what they do when they start is controlled by specifications in various Start Menu folders and the Registry.
Applications and services that are benign but not essential can be added to the boot time startup processes without your knowledge as a consequence of installing (or 'trialing') some applications. Quite often the installation of otherwise benign applications can also mean the associated applications are loaded at startup whereas they could easily be run at the time they are actually needed (which may be never!).
Loading applications and Services at boot time, when they are not really required for the normal functioning of the PC can lead to unnecessarily long startup and shutdown times.
Malware may also insert some applications into the startup processes, some of which may be malign.
Therefore, it is essential that you have a memory-resident application that will monitor all attempts to change the boot time startup processes and to ask you if you want the change to be made or not. The same applies to attempts to modify the PC's Task Scheduler. Some 'anti-spyware' applications will give you that control over such changes. Spybot is one such freeware application and it can be configured to monitor any attempts to modify the list of applications and processes that are started during the boot process. For that functionality in Spybot, you need to run the Resident 'Tea timer' application (see Appendix 3).
There are other specialised applications that can be used with great effectiveness for that purpose: for example WinPatrol (the freeware version) and WinPatrol Plus (the payware version). WinPatrol has additional functionality that is extremely useful for other purposes. Both versions will show what applications (and Services) are in the startup process, allow you to modify startup Applications and Services and most importantly, will alert you to any attempts to change the startup processes.
3.8 Optional: Clean out redundant or unwanted startup Applications and Services
Software skills required: Basic to Advanced
Hardware skills required: Nil
Frequency: When the startup process or shutdown process takes an unexpectedly long timeWARNING: the procedures explained in this section, particularly those relating to Services, should NOT be undertaken by people who have only basic software skills. If you are a more advanced user, I suggest that you do not make changes unless you are absolutely sure of the consequences and are able to roll back the changes if they are inappropriate. If there is any doubt about the consequences, create a Restore point, or backup your registry (e.g. using ERUNT), or make a backup of the whole master drive first.
In some cases the startup and shutdown time taken is unnecessarily long because superfluous applications and services have been loaded. Some applications and services that are loaded during the startup process might never be used by you. While loading of them during the startup process may not materially affect the time it takes to startup, some people feel that loading executables that will not ever be used wastes resources and provides potential ingress points for malware.
A service is an executable that performs specific functions, runs in the background and does not require user interaction until particular circumstances or events occur. Services can be configured to start when the operating system is booted and run in the background as long as Windows is running, or they can be started (or stopped) by some other application or service as and when required. Where a service is loaded at boot time its 'startup type' is set to 'automatic'. When configured to load as an when required by some other service or application the 'startup type' is set to 'manual'.
In some cases some applications and services that are loaded at startup can interfere with the smooth running of the PC or lead to activity that is unnecessary or undesirable. There are many utilities that you can use to determine what gets loaded at startup and to control what does or does not get loaded. The Windows application msconfig is the simplest of the applications but has limited functionality. This is run this way:
- Start
- Run
- Type 'msconfig' (without quotes) in the Open: panel and hit OK
The items shown in the Startup and Services tabs show what applications and services get loaded at startup. Unticking the box beside any item will stop it being loaded at startup. However, the information available through msconfig is extremely limited and not enough to enable most people to make an informed decision about whether or not to stop the application or service from being loaded at startup.
Somewhat more information about services can be obtained through the Microsoft utility services.msc That utility can be run this way:
- Start
- Run
- Type 'services.msc' (without quotes) in the Open: panel and hit OK
However, there are a number of applications that provide more and better organised information about applications and services that load at startup and which obviate the need to use msconfig and services.msc as sources of information or as a means for controlling what happens at startup. One of them is the freeware application WinPatrol. It and the payware version WinPatrol Plus will show startup applications and services, allow you to control what does or does not startup, and for services allows you to modify the time at which a service may start (i.e. as an 'automatic' or a 'manual' startup). Unlike msconfig, Winpatrol shows applications and services that were once in the startup process but which were later 'disabled' to prevent them from starting. That's handy because if you ever want to re-enable such an application, it can be done through right-clicking the item and selecting 'enable'. A clip of the applications shown in the WinPatrol 'Startup Programs' tab and 'Services' tab some time ago in my PC is here.
Autoruns is another excellent freeware application that '"... shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. These programs include ones in your startup folder, Run, RunOnce, and other Registry keys.'
A number of other freeware and payware applications will provide more or less information about startup applications, services and processes.
Once you can see what applications (programs) and services load during the startup process, you then need to get information about them to determine which (if any) can be disabled and which should be allowed to load. Using Google's search functionality is one way to get such information. For example, if I were interested in finding out about the executable named msmsgs.exe, this is easily done by simply doing a Google search for 'what is msmsgs.exe' (without the quotes). If you have the application Process Explorer installed, then run it, right-click on the line for the executable of interest then hit 'Search online'. That will exececute a Google search directly.
The problem then is one of wading through all the information that a Google search generates and ultimately making a judgement about whether or not the executable of interest is benign or potentially harmful, and if it is benign whether or not it is essential, and whether or not stopping it from loading would be harmful or beneficial (in terms of improving the speed of startup/shutdown and/or speed of processing). That can be an intimidating process and for some users of PCs, too difficult.
An alternative (or supplement) to a Google search and evaluation is to use evaluative information presented in databases about programs (applications) and services. The easiest of these databases is accessible very easily through the payware application WinPatrol Plus. This simply involves running Winpatrol, going to (typically) the 'Startup programs' or 'Services' tab, right-clicking on the executable of intesest, then selecting 'Plus information'. Here for instance are clips from WinPatrol Plus relating to my search for information relating to the application is a clip of the Plus information about the startup program CamWizard.exe. On the basis of this information I decided to stop the CamWizard application from starting up at boot time, using WinPatrol to 'disable' it. If I ever want to re-enable it, I could then do that easily within WinPatrol. Here is the WinPatrol Plus information about the Microsoft service WUAAUSERV.DLL
However, while the Winpatrol Plus database is an excellent first point of call, it does not include an evaluation of all possible executables and you may still need to undertake a Google search or/or see what other evaluative databases say about the executable. There are a number of such evaluative databases such as these but note that none of the databases will provide a complete coverage of every possible executable:
- Sysinfo.org's site. The data presented as the result of a search of the Sysinfo.org database can be very comprehensive but the reader must be careful and not panic if there are a number of entries that indicate that a particular executable could possibly be malware. Malware executables and totally legitimate, benign executables can have an identical name. Check findings against information in other databases.
- BlackViper's listing of Windows XP services at http://www.blackviper.com/WinXP/servicecfg.htm
- Simon Shepperd's listing of Windows XP services at http://www.ss64.com/ntsyntax/services.html This article also provides links to other informative sites at the bottom.
- The Elder Geeks' listing of Windows XP services at http://www.theeldergeek.com/services_guide.htm#Services On that page, scroll down to the bottom of the screen to access information listed by services' names
- http://www.processlibrary.com Once in that site, type the name of the executable for the application or service into the search panel and hit 'Find'. Then follow the 'Learn more...' link, not the 'Run a free scan...' link. Running the 'Free scan' is not required and I'd not recommend doing that.
If - after careful evaluation and you are sure about the consequences of what you intend to do - you decide that the loading of an application or service can be 'disabled' or should be re-enabled, or for a service that an 'automatic' start type can be changed to 'manual' or vice versa, such changes can be made very easily within WinPatrol or WinPatrol Plus. Alternatively you can do it through services.msc
3.9 Optional or Essential: Determine what processes are using resources
Software skills required: Intermediate to Advanced
Hardware skills required: Nil
Frequency: When the PC is operating at a slow speed and/or for unknown reasonsIn some circumstances, activity that the user has not apparently initiated can be in operation on a PC. This can be indicated by hard disk activity, or modem activity or internet activity (e.g. as displayed by applications such as the payware DU Meter or the freeware version Net Meter ) or a slow down in the responsiveness of the PC, or slowed down movement of the mouse cursor. If the origin of any of the processes that are running has not been obvious (e.g. through a pop-up window, or an activated icon or more obviously because you have started some process by starting an application) there are ways of determining what is happening:
- Windows task manager.
Limited information is available through the Windows Task Manager (which pops up in a window when you hit Ctrl+Alt+Del). This will display information (in the Processes tab) about the percentage of CPU resources being used by any of the processes that are loaded. Some processes will have a nil indicated CPU usage because while loaded, they may not be doing anything (or the activity accounts for less than 0.5% of CPU resources).
A better presented source of information is the the freeware application Process Explorer. As with Task manager, this can be executed easily while processes are running. A convenient way to execute it is to put a shortcut to Process Explorer into the quick launch bar and then simply click that icon. An even easier way is to configure Process Explorer so that it rather than the Windows Task Manager will pop up when Ctrl+Alt+Del is hit (do this in Process Explorer: Options | Replace task manager).
Process Explorer will indicate the percentage of CPU resources being used by each of the various processes that are loaded. Here is a clip that shows part of a Process Explorer screen indicating that Yahoo Desktop Search is using about 49% of the CPU's resources.
Some Process Explorer entries may not appear to be very informative - for instance, the multiple entries for svchost.exe. However, moving the mouse pointer onto the process of interest and/or double-clicking it should pop up more detailed information (which is not provided in Task manager). Here are two clips showing such information available from a mouse-over of two processes shown in Process Explorer and a double-click on one process.
Turning on Process Explorer's Lower Panel (View | Lower Panel) will also show more information, but that is extremely detailed and only of use to people with advanced software skills.
Process Monitor
If you want REALLY detailed information about processes that are running, try the freeware application Process Monitor. When you run this application it shows ALL events that are occurring with the passage of time on your PC. There are so many events that occur and they occur in fractions of seconds, that it is impossible to make sense out of the initial screen that is shown when you run Process monitor, and it is expanding in depth all the time you are looking at it and new events occur. However if you let this application run for some time you can then generate an understandable summary of the events that occurred over time. Do this by clicking on Tools | Process Summary. The Process Summary screen will display a summary of the events that occurred between the time you started Process Monitor and the time you generated the summary. Clicking on the 'File Events' column or the 'File Events' column of the summary will show the events ordered by frequency. See an example here where the events are ordered first by 'File events' then by 'Registry events'. This application is only of use to people with intermediate or more advanced software skills.
TCPView
If the information from such sources do not identify what processes are using the internet, try the freeware application TCPView.
NetLimiter2 Monitor
The freeware application Netlimiter2 Monitor is very useful if you want to determine what applications or services are undertaking network and internet traffic, the volume of traffic and roughly when the traffic took place. There is a payware application Netlimiter2 Pro that has lots of other functionality but for the average punter the freeware version has functionality that is well worth looking at. More details are in my article here: http://pcug.org.au/boesen/traffic/traffic.htm
Once you have identified a process of interest, you can get information about it using WinPatrol Plus or the sources listed in the section above.
If you decide determine that you want to stop a process, this can be done in Task manager or either version of WinPatrol or in Process Explorer. In Process Explorer you need to right-click the process and select either Kill Process, Kill Process Tree, or Suspend.
Selectively stopping and restarting a process can be very informative in helping to determine what effect a process is having on the performance or functioning of your PC. If you then decide to inhibit the loading of an application or Service that is controlling the process, this can be done using the methods explained above. Those methods can be used to control what applications start up, and what Services start up (and how they start up - 'automatic' or 'manual'). Again, my choice for implementing such changes to the startup operations would be either version of WinPatrol.
3.10 Install a 'firewall'
3.10.1 Essential: Install a software 'firewall'
Software skills required: Basic to Intermediate (depending on application)
Hardware skills required: Nil
Frequency: Install at time of purchase, have in operation all the timeSoftware 'firewalls' are memory-resident applications that operate all the time that you are connected to the internet so as to isolate your your PC or network from unauthorised intrusions from internet hackers. Good information about personal firewalls and lists many reviews and meta reviews (reviews of reviews) is provided here: http://www.firewallguide.com/software.htm
There are a number of free software firewalls, including Microsoft's Windows Firewall, Zone Lab's Zone Alarm free version, Sunbelt Software's Personal Firewall (previously named Kerio), and Comodo Group's Comodo Free Firewall.
For people who have very limited software skills, the Windows Firewall may a suitable choice. However, while that application will stop incoming unauthorised intrusions, it will not prevent any application which is installed on your PC from making unauthorised OUTGOING communications and will not inform you about that. There are other free firewall applications that will prevent such outgoing communications and that have other functionality that the Windows product does not have. See for example Terry Bibo's excellent article here about Zone Alarm Free and other freeware security applications.
Also see information from Zone Labs here. However Zone Alarm does need considerable training and for a beginner, this can be a little disconcerting initially. There is a 'tutorial' on Zone Alarm here but it's quite a big file to download and therefore not suitable for a dial-up connection. Also the tutorial is a bit technical. To stop it running too fast you can pause and resume it using the VCR controls.
Other good free firewall applications that monitor both incoming and outgoing communications are Comodo Free Firewall and Sunbelt Software's Personal Firewall (previously named Kerio). While they also require training, in my view they are easier to configure than Zone Alarm and have a more intuitive interfaces.
There are a number of payware software firewall products and they provide some features that are not included in freeware versions. Zone Lab's Zone Alarm Pro is one such application ($40 US). The latest version 7 has a lot of functionality that goes well beyond a basic inwards/outwards firewall, including these features:
- Anti-spyware
- Identify and filter over 100,000 applications for constant protection against threats
- Monitor program installation, registry changes and file access
- Monitor additional program actions for more thorough protection
- Prevent malicious software from damaging files in your core Windows operating system
There are a number of other other payware firewall applications that may be as effective as Zone Alarm Pro.
The payware firewalls can have quite advanced and comprehensive functionality and for a person who has only basic software skills may be a little intimidating initially.
As indicated above, note that there are some payware applications that comprise 'suites' of anti-malware functionality, covering more than just one of these types of functionality: 'anti-virus', 'anti-spyware', 'firewall', 'anti-spamware'. Currently I am using one of those suites: Kaspersky Internet Security and I am very happy with its performance, easy to understand user interface and its nonobtrusiveness.
3.10.2 Optional: Install a hardware 'firewall'
Software skills required: Advanced
Hardware skills required: Intermediate
Frequency: Install at time of purchase, have in operation all the timeAnother type of firewall is one implemented in hardware. This is an integral feature of most (if not all) ADSL routers or router/modem devices that are used to connect to the internet. The Whirlpool article on ADSL modems and routers gives comprehensive information about hardware firewalls in such devices. A hardware firewall will provide a very effective barrier preventing unauthorised intrusion from web sources. Some experts regard a hardware firewall as being an essential first line of defense against such intrusions.
However, a good software firewall will provide good protection against unauthorised intrusions, providing that it is activated and functional and has not been disabled. Software firewalls also have more flexibility in terms of configuration. Most importantly, good software firewalls can be configured to prevent unauthorised 'outgoing' communication initiated by applications that are on your PC.
My preference is to have both types of firewalls - the hardware firewall that is in my router, plus a software firewall that monitors both incoming and outgoing attempts at communication over the web. However, providing that it is configured properly, is always enabled and has functionality for monitoring both incoming and outgoing communications, a good software firewall can provide adequate protection for most users.
The installation and configuring of a router/modem can require intermediate hardware skills and very advanced software skills, so configuring them is not for a user with basic or intermediate level software skills.
3.11 Optional: Undertake an on-line security scan to check protection against intrusion through the internet
Software skills required: Basic
Hardware skills required: Nil
Frequency: Before and after installing or configuring a firewall or modem/routerIf you are interested in evaluating the extent to which your PC is exposed to intrusion through the internet, you could run the on-line 'Security Scan' that Symantec offers as a free service.
3.12 Desirable or essential: Run the Microsoft CHKDSK application to check for and fix file and folder structures
Software skills required: Basic
Hardware skills required: Nil
Frequency: Once a month or at the time that certain problems are experiencedSome problems with hard drives are caused by faults in partition tables, file and folder structures, indexes and security descriptors. The built-in Windows application CHKDSK can be used to check for and fix such problems.
If you are having problems indicated by any messages about corrupt files and folders or inability to open files and folders, or if there is unexplained erratic or slow hard drive activity, you should run CHKDSK with the /R option. This operation can be performed on the boot drive (normally C:) or on any other drive (including a drive connected by firewire or USB). Instructions for running CHKDSK are given in this article of mine: http://www.pcug.org.au/boesen/chkdsk/chkdsk.htm
In addition to running CHKDSK at the time of experiencing problems, there is value in running CHKDSK on your boot drive periodically - say every month or more frequently, depending on use of your PC. This will ensure that drive problems that are not obvious will be detected before they in fact DO become problems.
3.13 Desirable or Essential: Run the Microsoft application SFC to check for and fix missing or corrupt system files
Software skills required: Basic to Advanced
Hardware skills required: Nil
Frequency: Once a month or at the time that certain problems are experiencedSome problems indicated by slow startups or shutdowns, spontaneous reboots, messages stating something like 'missing or corrupt system file', or inability to run an application may be due to a corrupt or missing Windows system file.
If the operating system is XP or 2000 and the PC screen specifically mentions a problem with NTLDR or NTDETECT, then you may be able to repair those files. This involves copying a healthy version of the files NTLDR and NTDETECT.COM from the folder i386 on your operating system's installation CD or from a specially prepared boot floppy disk, onto your master drive's root directory. See http://www.computerhope.com/issues/ch000465.htm for information about how to do that. However, that requires exercise of intermediate to advanced software skills.
Other types of problem might possibly be fixed by running the Microsoft application SFC (System File Checker). Instructions for running SFC are given in this article: http://pcug.org.au/boesen/SFC/SFC.htm If you have an XP with SP2 installation CD then even a person with Basic software skills can run SFC successfully. However, if you updated your originally installed XP using an SP2 update CD, then SFC might be difficult to run. However, try it and see if it runs OK. If SFC does not run properly, then no harm will be done. If it will not run, some suggestions are made in the article about possibly creating an up to date XP SP2 CD. Also suggestions are made about making some tweaks to the registry and copying the i386 folder to your C: drive. If you are a beginner, it would be inadvisable for you to attempt those activities. Just ignore those parts of the article.
On occasions, after running SFC on an XP Home installation when the PC is rebooted it may require you to reactivate XP.
In addition to running SFC at the time of experiencing problems, there is value in running SFC periodically - say every month or more frequently, depending on use. This will ensure problems that are not obvious will be detected before they in fact DO become significant problems.
3.14 Desirable: Undertake registry cleaning after installs, uninstalls or after install problems
Software skills required: Intermediate
Hardware skills required: Nil
Frequency: After uninstalls and installsThere are many applications that are called registry cleaners. When run these cleaners can identify entries in the registry that are often referred to as 'problems' but the vast majority of which are benign anomalies. The types of anomalies found are references to invalid shortcuts, incorrect application paths, incorrect history lists, non-existent help files, 'orphaned' executables, file types referring to non-existent applications, and so on. A lot of these anomalies refer to applications and related executables that have been uninstalled or superseded by updated applications. So in most cases, cleaning out the many anomalies that can be found after a thorough scan will lead to no perceptible change in the operation or performance of the PC.
If a PC is only used for a few applications, or there are infrequent install/uninstall activities, I would not recommend registry cleaning as a rule.
However, as use of a PC increases and applications are added or updated or uninstalled, over time the registry can accumulate a lot of dross that serves no purpose and in a minority of cases can actually interfere with some operations. For instance, an application that has supposedly been uninstalled can leave entries in the registry that prevent the later installation of an update of the application or a new version. I have had experience with some remnants in the registry that prevent the installation of an apparently unrelated application.
For people who undertake a lot of install and uninstall activity or who fiddle with the contents of their registry, I therefore recommend undertaking a registry clean after any new application or a major update has been installed, and after uninstalling any application.
In addition, in a situation where there are operating problems that are otherwise unexplainable, a registry clean may in some cases have a beneficial effect.
There are a number of freeware registry cleaners. Probably the best of the freeware applications is Iobit's Advanced Windows Care. There are a myriad of payware registry cleaner applications. Two such applications areTuneup Utilities (about $50 US) and JV16 Power Tools (about $30 US). Both applications are very easy to use, have lots of functionality and in my experience can be relied on to clean the registry without creating consequential problems. However, prior to undertaking a registry clean, it is highly advisable to create a backup of the registry so that if there ARE consequential problems, you can roll back the saved registry. If the cleaner application used does not create such a backup, then you could create a Windows Restore Point, or use an application such as ERUNT to make a full backup of the registry prior to cleaning the registry (see below).
Note that JV16 Power Tools and Tuneup Utilities have utilities other than the registry cleaner and for that reason are well worth the cost. However, the beginner should be careful when using some of the utilities. In particular, deletion of 'duplicate files' found by some utilities can be disastrous if the user is unaware of the consequences of deletion.
It should be noted that even though a good registry cleaner may have been used after an application has been installed, that there may still be remnants of the application in the registry. Some such remnants can be found through doing a search of the registry, using the application's name or maker's name as a search term. The experienced registry hacker could then delete any redundant entries. However, that should only be done by very experienced users and only after backing up the registry.
3.15 Essential: Check hard drive defragmentation; defragment if need is indicated
Software skills required: Basic (checking) or intermediate (if defragging is undertaken in Safe Mode)
Hardware skills required: Nil
Frequency: Check for defragmentation at least once every 6 months or when slow-down in PC functioning is noticeable; take action if need is indicatedDepending on frequency of use and the types of applications that are used, over time some files on a PC can become defragmented to the point that performance is slowed down. This may have a considerable impact on applications that involve accessing large amounts of data (e.g. flight simulator applications). On some PCs it may not have any appreciable consequence for a very long time. However, the commonly recommended practice is to check periodically to see if there is a need undertake defragmentation, and if there is significant defragmentation, to defragment the affected drive/s.
This can be done in XP through the inbuilt Microsoft defragmenter application: Control Panel | Administrative Tools | Computer Management | Storage | Disk Defragmenter | Analyze
After the 'Analyze' operation finishes, the application advises about the need or not for defragmentation. If you are advised to defragment, it can be undertaken with the Disk Defragmenter application there and then, However, defragmentation is best undertaken in Safe Mode. Use of the Microsoft Disk Defragmenter from time to time should enable you to determine how often (if at all) you need to defragment.
There are are better alternative free disk defragmenters. One such application is Auslogics Disk Defrag. Another is Iobit's Smart Defrag This latter application can be installed as a memory-resident application that undertakes defragmentation automatically in the background in normal Windows mode, so that a full defrag operation may never be required.
In view of the consequences of a memory-resident defrag application if it were to malfunction, there is merit in paying for a (hopefully) more professionally-developed and (hopefully) bullet-proof memory-resident defrag application. One such application is O&O Defrag (about $50 AUS), which I use. Another is PerfectDisk (about $40 US).
Note that it appears that XP undertakes some amount of defragging automatically and that may account for some disk activity that takes place for no apparent reason after the PC has been idle for some time. The defragging is undertaken by the executable dfrgntfs.exe and it only operates on the files that are referred to in the file C:\Windows\Prefetch\Layout.ini The defragging is actually meant to speed performance, particularly during the boot process. There is a registry entry that can be set to disable that activity, but unless you know what you are doing, it is best to not do that. The value to change is Enable (Y or N) in this key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction3.16 Essential: Don't open emails of unknown or suspicious origin
Software skills required: Nil to Basic
Hardware skills required: Nil
Frequency: Always.This may not be really 'maintenance' but it is worth saying: NEVER open emails unless they come from sources that are known to you and trusted. And if for some reason you DO open an email from an unknown or untrustworthy source, NEVER NEVER open an attachment to the email. Emails from unknown sources can contain malware. It is better to loose a few bona fide emails than to run the risk of infection, or worse still, transmission of personal data back to the unknown source. Even if the source may appear to be legitimate, be skeptical. For instance, unless you have requested that your bank send you a communication to you by email and you have provided them with your email address, it is extremely unlikely that your bank will initiate an unsolicited email communication to you. I delete all unsolicited email communications from all financial institutions without opening them.
To achieve full protection against the possibility of downloading malware in emails, it is possible to use an application that lets you see what emails are on the email server before you actually download them to your PC. That way, you can delete any emails that look suspicious before they are downloaded to your PC by your email client. Such applications can be set up to apply rules that give some guidance about the likelihood that an email is problematic or not. For people with Windows operating systems and using Internet Explorer 5 or later, Frontgate MX is a well regarded freeware application of that type.
I have chosen to not use such an application, but rely on the protection afforded by my anti-virus and anti-spyware applications, and my practice of deleting all emails from unknown or suspicious sources without opening them.
4.1 Essential: Unplug everything when lightning is a risk
Software skills required: Nil
Hardware skills required: Nil
Frequency: When storms are imminent.Whenever there are storms around and you can hear thunder or see lightning:
- turn your PC and monitor off
- turn off wall points or power boards to which are connected your PC and any related devices (monitor, modem, router, printer, hard drive enclosures, etc)
- unplug all 240V power cables and power transformers from the power board or wall socket
- unplug any telephone cable that is connected to your PC or modem
- unplug any TV cable that is connected to your PC or related device
If you are going to be away from your house for a day or more and there is any chance of a storm happening, do the same.
4.2 Essential: Check for loose fitting external power connectors
Software skills required: Nil
Hardware skills required: Nil
Frequency: On acquisition. After moving stuff around. After spontaneous rebootsMake sure that power cords with plugs that go to your PC and any related devices are not slack in their sockets and too easy to remove. If wiggling any of them cause flashing lights or rebooting, replace them.
4.3 Essential: Check that external devices are securely attached and powered
Software skills required: Nil
Hardware skills required: Nile
Frequency: On acquisition. After otherwise unexplainable problems.On acquisition, check that all external devices such as modems, modem-routers, mouse, keyboard, external drives, wireless receiver, printer, scanner, and so on are securely attached. Where they require a power pack, check that it is plugged in and operating. Where they require a battery (e.g. wireless mouse) check to make sure that it is charged. Check that if there are wireless devices that they are located in a position that does not interfere with transmission. Check any necessary connections to phone lines (e.g. modem).
After experiencing an otherwise unexplainable problem recheck everything and re-synchronise wireless connections by pressing the appropriate reset buttons.
(My last unexplainable problem was a slow-moving and jumpy mouse cursor movement for a wireless mouse. I shifted the location of the wireless receiver and reset it and the mouse - problem solved. Took me 2 hours to track down that problem!)
4.4 Desirable: Check for loose internal power cables and data cables going to hard drives, internal CD and DVD devices and cradles for removeable caddies and inside caddies and enclosures
Software skills required: Nil
Hardware skills required: Intermediate
Frequency: On acquisition. After spontaneous reboots.The checks here require that the PC's case be opened and is not something that a beginner should do.
Data cable on hard drives will have either 'PATA' (Parallel ATA) data connectors with a 40 or 80 wire (mostly 80 wire) cable or very narrow 'SATA' (Serial ATA) data connectors.
The power connectors for PATA drives, optical drives (CD and DVD devices) and caddies for removeable drives will have "Molex" type power connectors which connect the power supply wires that come from the internal PSU (Power Supply Unit). Loose-fitting Molex and SATA power connectors can cause intermittent supply of power to the devices connected, especially when the temperature inside the PC rises. That can result in spontaneous reboots, slow and/or corrupt reading/writing to and from secondary hard drives, optical drives and external devices. Spontaneous reboots are ones that do not seem to be associated with any physical activity or activity of any application, and occurs at unpredictable times (e.g. just before you were going to save that long document!!)
Molex power connectors are about 20 mm wide and 6 mm thick. They transmit 12V and 5V power generated by the PSU. They have a red wire, two black wires and a yellow wire as shown here. For all Molex connectors:
- See if any plug is easy to remove.
- If a plug is easy to disconnect, it may need to be replaced or refurbished. See this article for details about how to fix loose Molex plugs: http://pcug.org.au/boesen/power_connectors/power_connectors.htm
- Note that frequent disconnecting of Molex plugs can promote the development of slackness if the plug is not extracted directly in line with the axis of the pins. That can be hard to do sometimes, unless of course you have installed EZ-Grip connectors (see below).
If you have a hard drive mounted in a caddy, open the caddy and check to see if the Molex connector plugged into the hard drive is tight in its socket. In my experience many Molex connectors inside caddies and enclosures are poor quality. I have replaced all mine with crimped gold-plated connectors.
For PATA drives and optical drives, check that the 40 or 80 core data cables are inserted fully into their sockets. Do that for the device end of the cable and at the motherboard end also.
If you have SATA drive/s in your PC they will have very small power cable plugs and data cable plugs. Check that they are seated firmly into the drive's socket. In my view, generally these types of plugs are poorly designed, very wobbly and easy to disconnect inadvertently. Try to ensure that the plug is not at an angle when inserted.
4.5 Optional: Replace or refurbish faulty or suspect power cables or data cables
Software skills required: Nil
Hardware skills required: Intermediate or Advanced
Frequency: On acquisition. After spontaneous reboots. After slow or erratic reading/writing to a hard drive, CD or DVDTo guarantee good power connections, you may consider replacing slack sleeves or pins inside Molex power connectors with gold plated ones like the ones in this picture. That requires purchase of sleeves and pins and an extraction tool from an overseas source such as here - see the DIY - Molex pins and DIY - Tools sections and in particular, products ACR-CB8102, ACR-CB8119 and ACR-TX3894. It also requires soldering skills or purchase of a crimper.
While you are at it, consider replacing the Molex shrouds with EZ-Grip versions like the one in this picture. They make it very easy to extract the Molex plug directly in line with the axis of the pins so as to not deform the internal sleeves.
If you have any doubts about the soundness of data cables connected to hard drives or other devices, you could replace them with new ones. For SATA drives, you may be able to find a more secure replacement data cable that has plugs that incorporate a retaining clip or spring. Whether or not that is feasible depends on the structure of the sockets on your drive and on the motherboard.
4.6 Essential: Check USB, Firewire and e-SATA connectors and cables
Software skills required: Nil
Hardware skills required: Nil
Frequency: At time of insertion. After moving stuff around. After slow or erratic functioning of a USB deviceMake sure that any USB, Firewire or e-SATA cables that go to your PC and any related devices are not slack in their sockets and too easy to remove. If wiggling any of them causes erratic behaviour replace them.
Make sure that USB devices that are connected to high speed data devices (e.g. hard drives in external enclosures) are connected to those USB sockets that provide reliable and fast data transfer. For such devices, it is prudent to NOT use a USB socket that is on the front of the PC's case.
If you are running multiple USB devices off a hub that is connected to the PC or monitor, make sure that they are devices that do not draw power simultaneously, or their power requirements are very small (e.g. mouse, camera card reader). Ensure that heavy power consuming devices (e.g. hard drives) are connected to powered hubs or their own individual USB socket at the rear of the PC case. Some hard drives require connection to two sockets or to be provided power through a 240V plug pack.
Other sockets at the rear of the case can vary in their ability to provide reliable and fast data transfer. You may need to experiment to see which sockets provide the fastest and most reliable data transfer.
Make sure that all USB cables you use for USB 2.0 High Speed devices are branded as 'USB 2.0 High Speed'.
I suggest that you read my article on USB cabling and devices here, because 'cables ain't cables, Sol': http://pcug.org.au/boesen/USB/USB2.htm
4.7 Essential: Check that accessible cooling fans are turning and in the right direction
Software skills required: Nil
Hardware skills required: Nil
Frequency: On acquisition. After spontaneous shut-down. Every 12 months.Some basic checks on the operation of cooling fans can be undertaken with the PC case or external device case closed. A thin flexible slip of paper can be dangled or your hand placed so that the expected airflow can be confirmed:
- Power supply fan and rear case fan (if there is one) and hard drive enclosure fan (if there is one) exhausting outwards
- Vented fan-forced airflow to the CPU cooler (if there is one - this is not common) and front case fan (if there is one) and caddy cradle fan (if there is one) all sucking air into the PC's case. Caddy cradle fan operation can be detected by peering into the cradle's hatch.
4.8 Desirable: Check that cooling fans inside the PCs case are turning and in the right direction
Software skills required: Nil
Hardware skills required: Intermediate
Frequency: On acquisition. After any spontaneous shut-down. Every 12 months.These checks require the case to be opened and is not something that a beginner should do, Check to see that:
- Fan on top of the heat sink that is on top of the CPU is pushing air down through the heat sink fins onto the CPU
- If installed: Fan on GPU (Graphics Processor Unit) on the video card is pushing air down through the fins of the heat sink mounted on the GPU
- If installed (only exists on very high performance cards): Fan at the end of the video card is exhausting air out of the PC case
- If installed: vented fan supplying air to the CPU cooler is sucking air into the case.
- If installed: case-mounted fan at the rear of the case is pushing air from inside the case to the outside
- If installed: case-mounted fan at the front of the case is sucking in air from outside the case to the inside
Power down the PC and the check to see that all the internal fans are easy to turn with your finger. Small fans such as those mounted on older and lower-performance video cards are the ones most likely to quit.
4.9 Desirable: Check that fins on any internal heat sink are not clogged with dust; clean if necessary
Software skills required: Nil
Hardware skills required: Advanced
Frequency: After any spontaneous shut-down. Every 12 months if the PC is used daily, or every 24 months if used less often.This check require that the case be opened and is not something that a beginner should do. If you know what you are doing:
- Loosen the dust with a small, stiff, long-bristle brush ($1.50 in a paint shop) while sucking the loosened dust out with a vacuum cleaner. Make sure to ground the vacuum cleaner's nozzle while you do that, because the sucking of the air and particles can build up a static charge.
- repeat this process on the blades and shrouding of any fans that are accessible
4.10 Desirable: Check that any air filters inside the PC's case are not clogged with dust; clean if necessary
Software skills required: Nil
Hardware skills required: Intermediate
Frequency: Every 12 months if the PC is used daily, or every 24 months if used less often.This check usually requires that the case be opened and is not something that a beginner should do. Where there is a front case fan mounted and sucking air into the case, higher quality PC cases will have a fabric filter mounted in front of the fan to prevent ingress of dust. Such filters are not common but exist in higher quality PC cases (e.g. before front case air intake fans).
Dust buildup in the filter can reduce the air flow. The filter can usually be removed and washed or cleaned with a vacuum cleaner.
4.11 Optional: Check and monitor CPU temperature
Software skills required: Basic to Advanced
Hardware skills required: Basic
Frequency: Install at time of purchase; load at boot time as a memory-resident application.Consideration should also be given to occasionally monitoring the temperature of the Central Processing Unit (CPU). If the CPU has an appropriate cooler (heat sink plus fan) properly installed and adequate ventilation through the PC's case, it should not overheat. On the other hand, if the CPU is doing intensive work and the heat sink fins are clogged with dust and it is a hot summer's day in a room without airconditioning, there is a possibility that the temperature of the CPU will be close to the manufacturer's specified maximum. The CPU's temperature can be checked on an ad hoc basis using Everest Home Edition. The information is located in the 'Computer Sensor' section of the Everest report, as shown in this screen clip here. Only basic software skills are required for this.
For people with advanced software skills, the freeware application Motherboard Monitor 5 (MBM5) could be loaded at boot time so that it is memory-resident and constantly monitoring the CPU temperature, motherboard temperature and hard drive/s temperatures. Advanced software skills are required for this. There is a screen clip of the temperatures being reported in my system tray by MBM5 here.
The use of those two applications is described in my article here. However, note that I have not tried to use them with dual core or more recent CPUs. Given the age of the motherboard monitor application, it may well not work with such CPUs and with some motherboards.
If the temperature of the CPU is excessive (say 60C or more - but check the maker's specs) then at a certain point the CPU will slow itself down automatically. When the temperature gets critically high - 95 C or more (but varies by CPU) - the CPU will shut down automatically, so that the PC will simply stops spontaneously (but will not reboot automatically).
If the temperature of the CPU appears to be excessive then a number of steps can be taken to alleviate this problem:
- Improving ventilation by installing a rear case fan and if there is a vent for the CPU, installing a vent fan
- Installing a more effective cooler (fan plus heat sink) on the CPU
- installing a front case fan (which will also be useful in keeping hard drives cool) cleaning the fins on the heat sink
4.12 Optional: Check and monitor hard drive temperatures and health
Software skills required: Basic to Intermediate
Hardware skills required: Basic
Frequency: Install at time of purchase; load at boot time as a memory-resident application.Most modern hard drives are quiet, robust and trouble-free. However if the ventilation within a PC's case is inadequate, there is a possibility of the reliability and life of a hard drive being compromised through excessive heat, particularly in summer in a non-airconditioned room.
The temperature of most hard drives can be detected on an ad hoc basis through the freeware applications SIW (System Information for Windows) and Everest Home Edition. The information is located in the 'Computer Sensor' section of the Everest report, as shown in this screen clip here. Only basic software skills are required for this. However note that I have not tried to use these applications with dual core or more recent CPUs and with very modern motherboards. They they may work with such CPUs and with some motherboards.
If you have any concerns about the temperature or health of any of your hard drives there is also some value in loading the freeware application HDD Health at boot time so that it is memory-resident and constantly monitoring the temperature and other key attributes of your hard drives. Included in the information that it reports is an estimate of the health of the hard disk drive/s. Here is a clip showing such an estimate. One irritating feature of the default settings in HDD Health is that an alert will sound whenever some insignificant attributes of a drive change momentarily. However, this feature can be turned off (right-click the HDD Health icon, then select Options | Alert options | and untick Enable attributes change alert). While in that screen, change the Critical notification temperature to a sensible level - I have my critical temperature set to 55C which is appropriate for my drives. Intermediate software skills are required to install this application.
The use of those three applications is described in my article here.
If the temperature of a hard disk drive appears to be excessive (say 50C or more - but check the maker's specs) then a number of steps can be taken to alleviate this problem:
- Improving airflow over the drive by one or more of these actions: relocating the drive within the case so that it is not sandwiched between other devices; installing either a front-case fan or a rear case fan; relocating ribbon cable so that the airflow over the drive is not impeded.
- cleaning any existing front case air filter
- relocating the drive in a cooler location within the case (usually towards the bottom of the case)
Note that it is not possible to monitor the temperature of a hard drive in a USB enclosure. For that reason I recommend the use of enclosures that have a fan rather than to rely on convection and radiation to dissipate heat. The only way to implement effective cooling of a hard drive is through airflow over the drive. That applies both to drives in enclosures and to those mounted inside the PC case.
You must implement a backup strategy that will enable you to recover of deleted or lost files or to reinstate your system in the event of a disaster. I have written a very detailed article about backup strategies: http://pcug.org.au/boesen/Backups/backups.htm However, for the beginner, here are is a simple strategy that is straightforward and easy to implement, although some elements of the strategy involve acquisition of a little hardware and software.
5.1 Essential: Create System Restore Points or at least backups of the registry prior to installing any new application or new versions of old applications
Software skills required: Basic to Intermediate
Hardware skills required: Nil
Frequency: Prior to prior to installing any new application or versionSometimes, after installing a new application or a new version of an existing application you may decide that you would like to uninstall it and revert to what you had before. For instance, installing 'trial' versions of software that you decide not to proceed further with can lead to changes to your system that you do not wish to be made.
Uninstalling applications may not revert your PC to the exact state that it was in prior to the install. Uninstalling new versions may not be feasible. In most cases, uninstalling applications through the 'Add or remove programs' route will leave a lot of dross in your PC (including files, folders, registry entries) and will not revert your PC precisely to its pre-install state.
Therefore, prior to installing a new application or a new version of an existing application you should create a System Restore Point. A system restore point contains a snapshot of the registry plus a whole lot of other stuff including the Windows File Protection files in \dllcache, various dynamic system files and local user profiles. That means that you should be able to make a complete reversion of the PC's system files and registry to what they were at the time of pre-install or pre-update. Prior to using the created system restore point to revert your system files, you should of course attempt to uninstall the new application or update. Even after a successful uninstall and system restore, there may still be a lot of dross left on your PC.
If the System Restore functionality does not work on your PC, then consider these alternatives prior to installing a new application or a new version of an existing application:
- Create a backup archive or clone of the drive (see below) so that you can reinstate the whole drive to what it was at the time of pre-install or pre-update. That is a major exercise, though.
- Create a full backup of your registry. That means that you can reinstate an exact copy of the registry to what it was at the time of pre-install or pre-update. This is a trivial operation if you have already installed the freeware application ERUNT, but a non-trivial (as we used to say in the old days) operation if you have to install ERUNT first (see section 3.1.5 of my article here ).
5.2 Essential: Create regular backups of your master drive onto another drive
Software skills required: Basic
Hardware skills required: Basic
Frequency: Backup everything once a week and if considered desirable, backup data files more frequentlyDepending on what protection you have implemented, the frequency with which you use your PC, for what purposes it is used, and by whom, there is always a chance that some of the content of of your your hard drive will become corrupted and unrecoverable and/or the PC operates unacceptably slowly and/or the PC refuses to operate in the way that it should. At worst, it may not be possible to boot the drive or to access any data on the drive.
The troubleshooting steps suggested below could be implemented. However if those steps do not fix the problem/s it is highly desirable that you have a backup of your master boot drive so that you can then reinstate all or selected parts of its contents. Such a backup should be one that was made when everything was functioning perfectly, because it would not be desirable to reinstate a backup that was made when there were problems.
There is no single approach to backing up that will be ideal for all owners of a PC. I wrote a detailed article about the various elements that might be included in any backup strategy and how those elements might be implemented - see http://pcug.org.au/boesen/Backups/backups.htm
In Section 6.1 of that article, I have described two uncomplicated, straightforward whole-drive backup strategies that could be implemented even by a person who has only basic hardware and software skills.
5.3 Optional: Create 'permanent' copies of irreplaceable files
Software skills required: Intermediate
Hardware skills required: Nil or basic
Frequency: As felt necessarySome people feel that having a full backup of the master drive on a backup drive, or even a number of multiple rolling backups is not sufficient. The problem that might arise is that the backups may not contain copies of files that were created quite some time ago and inadvertently deleted from the master drive.
Therefore, some people like to take out additional insurance and to make 'permanent' copies of some files (e.g. irreplaceable digital images). There are a number of ways that could be done. Here are two approaches:
5.3.1 Copy the files to space on the backup drive.
As is explained above, space on a backup drive (e.g. a drive in an external USB enclosure or in a removeable caddy) can be used just like space on any internal drive. Therefore from time to time files or folders can simply be copied from the master drive onto the backup drive. Such files or folders would not be deleted when backup archives are deleted. Such copying can be undertaken simply using your Windows explorer (or a better alternative such as xPlorer2). Alternatively, you could set up copying tasks using an application such as SyncBack Freeware (see section 4.4. of my detailed article on backups). These tasks are termed 'profiles' for some strange reason. They make it very easy to copy whole folders or sets of files. You could even automate that through a SyncBack schedule.
If you are concerned about loosing information in your Outlook Express mail system, you could make a full backup of it using OE Freebie Backup. The backup created using OE Freebie Backup can be written directly to the backup drive, or to a folder on your master drive. In the latter case, that folder could then be copied to the backup drive or to a CD or DVD - see below.
5.3.2 Copy the files or folders to space onto a CD or DVD.
Another approach is to write the files or folders onto a CD or DVD. Information on CDs and DVDs may deteriorate over time, but to all intents and purposes may be considered 'permanent'.
Writing to CDs or DVDs can be undertaken using inbuilt Windows XP functionality. Alternatively, all CD and DVD writers come with applications that can be used. Such applications will have much more functionality than the XP stuff.
If you do save copies of irreplaceable files onto CDs or DVDs there is value in checking to make sure that the files written can in fact be read on your PC and on someone else's PC as well.
Here are some suggestions about problems that you might encounter with your PC and possible causes. This is not a comprehensive catalogue for troubleshooting but the content ties in with the types of problems that are referred to in this article.
Table 1. Troubleshooting common problems on a Windows PC
PROBLEM POSSIBLE CAUSE POSSIBLE SOLUTION Boot failure with message about NTLDR or NTDETECT Missing or corrupt NTLDR or NTDETECT Fix as indicated here. Computer "freezes" or "locks up" or produces a "blue screen of death" (BSOD) when starting up Device conflicts (e.g. on-board sound device is in conflict with sound card) Disable one of the conflicting on-board devices (e.g. via BIOS settings) Faulty memory (RAM) module Test memory (see this article). If test fails, test individual modules. Incorrectly inserted or dirty memory (RAM) modules or sockets Remove modules and clean lands with metho or isopropyl alcohol and lint-free cloth. Brush and vacuum out RAM socket (earth nozzle of vacuum to avoid static electricity). Make sure to not leave brush hairs in the sockets. Unconnected or faulty keyboard Check connections. Swap keyboard for one that is known to be OK. Video card in conflict with on-board video Disable on-board video through BIOS settings Faulty video card. Dirty lands or dirt in socket. Badly seating card. Remove card and clean lands with metho or isopropyl alcohol and lint-free cloth. Brush and vacuum out card socket (earth nozzle of vacuum to avoid static electricity). Make sure to not leave brush hairs in the socket. Computer "freezes" or "locks up" or produces a "blue screen of death" (BSOD) when running a specific application Fault in the application. Uninstall then reinstall up-to-date version of the application Malware (virus, trojan, worm, etc) Run comprehensive scan for malware Computer "freezes" or "locks up" or produces a "blue screen of death" (BSOD) but happens unpredictably and is not triggered by any particular application or action Faulty memory (RAM) module Test memory (see this article). If test fails, test individual modules. Incorrectly inserted or dirty memory (RAM) modules or sockets Remove modules and clean lands with metho or isopropyl alcohol and lint-free cloth. Brush and vacuum out memory socket (earth nozzle of vacuum to avoid static electricity). Make sure to not leave brush hairs in the sockets. Errors in sectors on hard drive, file table faults, etc Run Windows utility CHKDSK (see this article) Missing or corrupt Windows' system files Run SFC /SCANNOW (see this article) Flat batteries in wireless device. Check and replace Spontaneous shut down when PC is moved or external cables moved Slack, loose or otherwise defective parts in the 240 V supply chain: 240V wall socket, 240V power board, loose or defective power leads and plugs. Check for looseness. Wiggle to see if problem is triggered. Try different wall socket, power board and power cables. Spontaneous shut down without any triggering event Slack, loose or defective power cables inside case Check power connectors to motherboard for looseness. Check power connections to hard drives (see this article about Molex power cables). Replace or refurbish. If any are slack or otherwise defective. Slack, loose or defective data cables from motherboard to hard drives Check and replace or refurbish Faulty Power Supply Unit (PSU) or overheating PSU Monitor voltage levels through software such as Everest Home or Everest Ultimate. Check voltage levels using test equipment. Check to see that fan inside the PSU is exhausting hot air out the back of the PC's case. Swap PSU with one that is known to be good. CPU temperature has reached maximum operating temperature (about 95 C ) (very rare problem) Monitor CPU temperature (see this article). Fix if temperature is excessive. Power supply unit has insufficient capacity to supply power for all devices Check to see that power output of the Power Supply Unit is sufficient for the PC (see here or here). If not sufficient, replace with more powerful unit Shut down or rebooting or slowed operation or other aberrant behaviour when a particular application is being run Virus, trojan or worm Run comprehensive scans for malware Faulty memory (RAM) modules Check memory (see my article). If test fails test individual modules
Incorrectly inserted or dirty memory (RAM) modules or sockets Remove and clean with metho or isopropyl alcohol and lint-free cloth. Brush and vacuum out memory slot (earth nozzle of vacuum to avoid static electricity problem.) Missing or corrupt Windows' system files Run Windows utility SFC /SCANNOW (see this article) Missing or corrupt application files Uninstall then reinstall latest version of the application Bad application design Uninstall and revert registry to pre-installation condition. Do via reversion to earlier Restore Point or revert registry to earlier saved version (e.g. created using ERUNT) Shut down or rebooting or slowed operation or other aberrant behaviour when just about any application is being being run Virus, trojan or worm Run comprehensive scan/s for malware Faulty memory (RAM) modules Check memory (see this article). If test fails, test individual modules.
Incorrectly inserted or dirty memory (RAM) modules or sockets Remove and clean with metho or isopropyl alcohol and lint-free cloth. Brush and vacuum out memory slot (earth nozzle of vacuum to avoid static electricity problem.) Missing or corrupt Windows' system files Run Windows utility SFC /SCANNOW (see this article) Very high CPU temperature (about 60 C or more) will trigger automatic slowdown of CPU speed ('throttling'). Extremely high CPU temperature (about 95 C or more) will trigger automatic shutdown. Monitor CPU temperature (see this article). If excessive: check operation of fan on heat sink; clean dust off fan and heat sink fins; check that heat sink is held securely onto the CPU; improve ventilation through the PC's case Check that the clips holding fan + heat sink unit on top of the CPU is being held down onto the CPU firmly Check that fan on top of the CPU heat sink is turning - if not, check that fan power supply socket is connected to pins on motherboard. Slack, loose or otherwise defective power cables or data cables for hard drive/s an CD/DVD drives Check power cables and data cables (see below) Insufficient memory (RAM) can lead to excessive time taken for 'paging' of data to the hard drive Increase memory (RAM) 'Virtual memory' paging file size set too low Check and fix (control panel / system / advanced / performance - setting / advanced / virtual memory ) Very fragmented hard drive/s Defragment the drive/s - see section 3.15
Problems after installing new device Incorrectly inserted device Uninstall and reinstall Driver for device causes conflicts Uninstall device and driver to see if that's the problem. Install latest driver. Problems after installing new application or update Any number of causes Uninstall and reinstall Uninstall and revert registry to pre-installation condition. Do via reversion to earlier Restore Point or revert registry to earlier saved version (e.g. created using ERUNT) Application works slowly (possibly accompanied by lots of hard disk activity) Insufficient RAM Install additional RAM Video card not functioning correctly Check to see that video card is fully inserted and not loose in its socket.
Check to see if Graphics Processor Unit (GPU) on video card is overheating
Check functioning of fan on video card
Remove video card and clean lands and video card socket
Replace video card with one that is known to be good.
'Virtual memory paging file' size set too low Check and fix (control panel / system / advanced / performance - setting / advanced / virtual memory) Any number of causes Uninstall and reinstall Uninstall and revert registry to pre-installation condition. Do via reversion to earlier Restore Point or revert registry to earlier saved version (e.g. created using ERUNT) Slow loading of web pages and/or failing to load web pages into your web browser Malfunctioning or corrupt web browser application Uninstall and reinstall latest version of your web browser Install all security updates Delete all browser 'addons' or 'helpers' and reinstall one by one Run Windows utility SFC /SCANNOW (see this article) Run Windows User Hive Profile Cleanup Service Delete Browsing History files and contents of this folder: c:\windows\prefetch\ Check internet settings. Optimize using appropriate applications such as Winsock XP Fix, SG TCP Optimizer. Out-of-date web pages are loaded in the web browser History files out of date Delete Browsing History files and contents of this folder: c:\windows\prefetch\ Change browser settings so that every time the browser is started, newer versions of stored pages are accessed (e.g. in Internet Explorer: tools / internet options / general / browsing history - settings / check for ... Missing' CD or DVD drive - not visible in My Computer. Various See if deleting upperfilters and lowerfilters key helps (see this article) Slow or corrupt read/write operations for hard drive/s or CD/DVD Slack, loose or otherwise defective power cable connections Check power cables for looseness. Tighten cylinders inside Molex plugs (see this article about Molex plugs). Try other cables. Slack, loose or otherwise defective data data cable connections Check data cables for looseness, try other cables. Overheating hard drive/s (rare problem) Monitor drive temperature (see my article). Fix if temperature is excessive. Inappropriate or variable voltage levels from Power Supply Unit (PSU) Check voltages through software such as Everest Home or Everest Ultimate or test equipment and/or swap PSU with one that is known to be good. Data transfer mode for the drive might be set at PIO rather than the faster DMA mode. Frequent problems in reading or writing to the drive may result in XP changing to PIO mode. After fixing root cause of problem, check data transfer mode and change if appropriate. May require uninstalling and reinstalling IDE ATA/ATAPI controller/s. See this and this article. Slow or corrupt read/write operations to hard drive in external USB or firewire or eSATA enclosure Slack, loose or otherwise defective power cable connections Check power cables outside and inside the enclosure for looseness. Tighten cylinders inside Molex plugs (see this article about Molex plugs). Try other cables. Slack, loose or otherwise defective data data cable connections Check data cables outside and inside the enclosure for looseness. Try other cables. Inappropriate or too variable voltage levels from the power source supplying power to the enclosure Check voltages through test equipment and/or swap power supply source with one that is known to be good. Power output from power source to the enclosure is inadequate Check that power adaptor for 3.5" drive enclosure can supply the required current for 5V and 12 V required by the drive (note specs on drive and on adaptor). Check that power adaptor for 2.5" drive enclosure can supply more than 500 mA current at 5 V. If supplied by USB cable then that normally requires connection by two USB cables. If only one USB socket is available on PC, connect a powered USB 2 High Speed hub to that socket then connect two USB cables from hub to enclosure. USB socket/s used on PC may not be adequate for the device (e.g. sockets at front of PC's case). Try different socket (see my article here). USB cable used for a USB 2 High Speed device is not a genuine USB 2.0 High Speed cable. Try genuine USB 2 High Speed cable (see this article. Also try one that has RF choke/s on the cable. High Speed USB device may not be connected to a port on a High Speed USB controller. Check BIOS to make sure that High Speed USB 2 functioning is available and enabled Check USB port allocations via software such as Everest Ultimate or System Information Viewer. If necessary, unplug all USB devices and replug with High Speed devices connected first. Errors in sectors on hard drive, file table faults, etc Run Windows utility CHKDSK (see my article) Defective CD or DVD drive Swap out for a drive that is known to be good. Very fragmented hard drive/s Defragment the drive/s - see Section 3.15 . Problem with other external device (keyboard, mouse, speakers, etc.) Device not connected securely, faulty power supply, flat batteries, wireless receiver badly positioned, wireless connection not synchronised Try alternative device or power supply or cables or positioning. Replace batteries. Re-synchronise wireless devices. Hijacked browser home page and/or search home page (when browser opens, page shown is not the one that you have set as the default) Changed by spyware, trojan or some other malware Run anti-malware application/s to detect and eliminate malware Install application to prevent the problem from reoccurring (see above) Cannot change (greyed-out) Internet Explorer home page Has been set that way by malware or yourself Make changeable through use of a suitable application then change to what you want, then install or configure an application that will prevent the problem from reoccurring (see Section 3.6) Undesirable changes made to settings within your registry, system settings, browser settings and startup processes. Changes made by malware Revert settings using appropriate application/s and install application that will prevent the problem from reoccurring Undesirable changes made by an application that you have installed Uninstall the target application. Revert settings using appropriate application/s. Install an application that will inform you of changes that software being installed is attempting to make. Reinstall the target application. Slow startup Non-essential Services and/or Applications loading during the startup process Check all Services and Applications and where appropriate, disable non-essential ones (see Section 3.8) Malware Undertake comprehensive scan for malware. If any malware found, consider replacing your anti-malware application/s with a stronger or more comprehensive application/s. A good security suite is the best way to scan for malware of all types. Slowed down loading of an application, slowed down functioning of an application, slow-moving mouse cursor, unexplained high volume activity of the hard disk drive Malware Undertake comprehensive scan for malware. A good security suite is the best way to scan for malware of all types. If any malware found, consider replacing your anti-malware application/s with a stronger and/or more comprehensive application/s or make sure that it is kept up to date. An undesirable application or service that you are unaware of is consuming system resources Determine what applications and/or services are running, by using an appropriate application such as Process Explorer (see above). If appropriate, prevent the application or service from running. An authorised and benign application or service is consuming system resources (e.g. desktop search application is updating indexes; anti-malware application is updating; backup application is undertaking a scheduled backup; anti-malware application is undertaking a scheduled scan; etc) Determine what applications and/or services are running, by using an appropriate application such as Process Explorer (see above). If necessary, change settings for the application so that does not disrupt your use of the PC. Very fragmented hard drive/s Defragment the drive/s -(See Section 3.15) Unexplainable internet communications occurring Undesirable inwards or outwards communications by malware Determine what is initiating the communications, using an application such as Netlimiter2 Monitor (see this article) or TCPview. Eliminate the application or configure it prevent it communicating or configure your outwards traffic firewall to prevent it from communicating outwards. If necessary, install a firewall to enable control of communications going outwards (See Section 3.10.1) Inwards or outwards communication by legitimate applications or services (e.g. updating) Determine what is initiating the communications, using an application such as Netlimiter2 Monitor (see this article) or TCPview. If appropriate, configure it prevent it communicating or configure your outwards traffic firewall to prevent it from communicating outwards. If necessary, install a firewall to enable control of communications going outwards (See Section 3.10.1)
7. Conclusion and recommendations for the beginner
I have attempted to outline maintenance procedures that if implemented would help ensure that your hardware, operating system and applications work fast and in the way they were designed to. The catalog of procedures is long. Some of the procedures are simple to implement; others not simple; some are downright intimidating. Which procedures you might implement depends on many things: your skills, your hardware and software, what you can afford to spend money on, what you use your PC for, who uses it, and how often.
For the beginning user, here is a stripped down set of recommendations about the bare essentials for maintenance. I have recommended some applications although there are others that will probably do as good a job for you. While implementing the recommendations may not be an easy thing to do for some beginners the set proposed is about as simple as I can make it within the constraints of a very complex technology and an unfriendly, complex and intimidating operating system.
Table 2. Specific recommendations for beginners
Action When Comments 3.1 Install appropriate Microsoft updates. One week after release. Turn 'automatic notification' on. Use Custom download and be selective. 3.3 Install 'anti-virus' application
On acquisition.
Full scan every 4 weeks
Recommended: Kaspersky Internet Security suite (modest cost, but provides excellent protection, is easy to use and good value for money) 3.4 Install anti-spyware application On acquisition
Full scan every 4 weeks
Recommended: Kaspersky Internet Security (modest cost, but provides excellent protection, is easy to use and good value for money) 3.5 Configure browser for strong security On acquisition Use Internet Explorer's Defaults 3.6 Prevent Internet Explorer home page from being hijacked On acquisition Recommended: Spybot, plus WinPatrol Free or Plus (also includes other very useful functionality). 3.7 Prevent unauthorised changes to Startup processes On acquisition
Recommended: WinPatrol Free or Plus (includes other very useful functionality)
3.10.1 Install software firewall On acquisition Recommended: Kaspersky Internet Security (modest cost, but provides excellent protection, is easy to use and good value for money) 3.15 Defragment master hard drive periodically Every 6 months or more depending on use Recommended: Install free Iobit's Smart Defrag as a memory-resident defragger, or use payware memory-resident OandO Defrag. 3.16 Never open emails of unknown or suspicious origin Always avoid opening 4.1 Unplug everything to avoid lightning When any risk of lightning; before longish absences
4.2 Check for loose external power connectors On acquisition 4.3 Check connections to external devices and their power On acquisition 4.6 Check USB, Firewire and e-SATA connectors and cables On insertion 4.8 Check accessible cooling fans to see if they are turning and in the right direction On acquisition. Every 12 months. 5.1 Create System Restore points (alternative: create backup of master drive onto a backup drive; or backup of registry) Before installing any new application
Before installing new versions of old applications
Use Microsoft System Restore functionality to create/restore Restore Points.
For registry backup alternative, use ERUNT.
5.2 Create backup archive or clone of master drive on a backup drive Weekly Recommended: backup to external enclosure, using Acronis True Image, Seagate DiscWizard or Maxblast 5 - see this article.
For two simple approaches to making such backups see this article.
Find the 'Schedule a boot-time scan' option within Avast.
In the Advanced User Interface:
Right-click the round Avast icon in your system tray
Select Start Avast Anti-virus
Click Scheduler icon at the left of the screen
Click Scheduler menu item at top of screen
Select Schedule boot-time scan
Tick Scan archive files
Select Advanced options
Select Ask for action or other action of your choice
Select Advanced options again
Select Schedule
Select Yes if you want to restart now.
Or in the Simple User Interface:
Right-click the round Avast icon in your system tray
Select Start Avast Anti-virus
Left click the up triangle at the top left of the Avast user interface
Select Schedule boot-time scan
Tick Scan archive files
Select Advanced options
Select Ask for action or other action of your choice
Select Advanced options again
Select Schedule
Select Yes if you want to restart now
When the PC re-boots, it will do the thorough scan prior to loading Windows. This takes a considerable time. However you will have the option of canceling or exiting if you want to. When malware is detected you will be presented options for dealing with the malware. If no malware is detected it will load Windows automatically after providing a notification to that effect for a short period of time. A report of the results of the scan is saved automatically in a file named 'aswboot.txt'. So if you had installed the Avast application in the folder C:\Program Files\Awil Software\Avast4\ then that file would be:
C:\Program Files\Awil Software\Avast4\data\report\aswboot.txt
10 October 2008
3 October 2008
1 October 2008
27 April 2008
9 April 2008
12 March 2008
3 March 2008
9 January 2008
24 September 2007
Spybot's 'Tea Timer' can be started automatically at boot time if you have access to some utility that can be used to include a new startup application. For example, WinPatrol (free or Plus) can be used to do that. However, if you have WinPatrol configured to run automatically at startup, then WinPatrol already provides the functionality that is in Tea Timer, so adding Tea Timer serves no purpose.
However, if you do want to have Tea Timer start automatically at boot time, add the executable 'TeaTimer.exe' to the startup applications. That executable is installed by the Spybot installation process into the same folder as 'SpybotSD.exe' On my PC that is:
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
Sorry folks - I have shifted this appendix to become Section 6.1 of backup strategy article: see
http://www.pcug.org.au/boesen/Backups/backups.htm#6_1