Al’s Guide to Avoiding Potential Pitfalls with your PC
By Al Hill
Users are very often their own worst enemies when it comes to understanding and maintaining their PCs. That statement alone is a topic for discussion and, perhaps, debate, and can easily make the case for today’s new handheld devices where Microsoft has either removed or minimized (by design) the topics being addressed. The topics below are written for the Windows user, or more specifically, the average Windows user. The average Windows user includes only those users on Windows XP and later, on PCs, laptops, and such. The topics are general guidelines, intended to help the average user be more aware of the environment, to minimize problems, and avoid making common mistakes. The comments made are not intended for the experienced user or IT personnel. Some of the comments are opinion, developed from personal observations and years of supporting users. The topics being discussed are as follows:
· Multiple real-time anti-malware products and firewalls
· Multiple Browsers, Multiple Toolbars
· System and application updates, and bubble blindness
· Downloads from places other than the manufacturer
· The BIOS
· System Maintenance and User Data
The Registry
Users have heard the term The Registry. It sounds intriguing. It sounds complicated. It sounds mystical. Surely, anything that is not working is correctable with a few registry edits or tweaks, right? Therefore, users start searching and modifying the registry, without any knowledge of the potential harm they are causing. Moreover, there are thousands of results on the Internet regarding modifications to the registry when the user is searching for a solution to a problem. The result is users will blindly allow registry scans and fixes, only to find their system unusable or, worse, un-bootable. Yes, there are programs that can repair specific registry issues. However, the first rule here is not to modify the registry. What about all of those websites that claim to be able to fix your registry? Beware. Some will scan and find thousands of errors. If you want to correct the errors, it will cost you. Making matters worse, many of those thousands of errors are not errors at all. Other programs claiming such miraculous fixes are frauds or, worse, Trojans.
What about Registry Cleaners? A waste of time. Any space reclaimed by cleaning the registry of unused or obsolete entries is miniscule and insignificant. Registry cleaners often cause damage to your registry. Refer to the above paragraph. Additionally, there is no data to support any performance benefit gained by cleaning the registry. A debatable issue with far more consthan pros, along with no actual data to support the pros. Information about The Registry and cleaners can be found here:
Ed Bott: Why I don’t use registry cleaners
Mark Russinovich: Registry Junk: A Windows Fact of Life
http://en.wikipedia.org/wiki/Registry_cleaner
There will be those users, who hold allegiance to some registry product, and will swear to its effectiveness and benefit. However, these users will never reveal the problems encountered when they are ultimately forced to do a clean install to recover their system because of the damage caused by the registry cleaner. Often, the damage will likely never be recognized.
Virus removal? Registry cleaners are not an anti-malware solution. My personal position - cleaning the registry is akin to changing the air in your tires. Registry Boosters? There is no such thing.
Multiple real-time anti-malware products and firewalls
Many users, either deliberately, accidentally, or unknowingly, have multiple real-time anti-malware products running. For those that deliberately have multiple products running concurrently, they do so because they are under the common misconception that if one is good, two must be better. Having multiple real-time anti-malware products installed actually degrades performance and can (and will) make your system become unstable. Moreover, they can limit the effectiveness of malware detection. There are those who will claim, “I use product A and product B, and they play nice together”. There is no such thing as “playing nice together”. The manufacturers of these products did not have a design meeting to decide how their respective products would work together. There is no design that allows them to coexist. Rather, they compete. The user will have a problem, perhaps months from now, and not know what caused the problem. The truth is that you should never have more than one real-time product installed. Many of the manufacturers of these products state this on their product website.
Having multiple real-time anti-malware products installed is not layered protection. It is overlapping protection. Layered protection is good, overlapping protection is bad. As soon as protection begins to overlap, the risk for a conflict begins to increase. Layered protection is having complimentary items/protection, as in this example:
· Hardware router and firewall
· UEFI and Secure Boot 64-bit Windows 8.x
· Data Execution Prevention (DEP) set to ON for all programs and services
· Windows Firewall
· Real-time anti-malware protection (such as Windows Defender on Windows 8.x)
· Spam/junk email filter (usually provided by your ISP, email provider, or email client)
As important as having an anti-malware product properly installed is to make certain that any other product or trial product (even if never activated) is properly uninstalled. For those products that need to be uninstalled or removed, go to the manufacturer’s site and find their product removal tool. It is not enough to uninstall the product. Use the appropriate removal tool after uninstalling the product. Once this is accomplished, you can then install the product you want.
It is at this point you will want to verify that there is a firewallinstalled on your system, and that means only one firewall. Additionally, there is no reason to disable your anti-malware product or firewall, despite what some application provider may request for their install. Such requests were valid years ago, for anti-malware products, firewalls, and applications that did not adhere to APIs and programming standards.
Find yourself a good real-time anti-malware program, and a good on-demand anti-malware program for a second opinion. Free or paid, the choice is yours. Remember, however, no anti-malware product provides 100% protection, 100% of the time.
Infection avoidance
If no anti-malware product will protect the user 100% of the time, what can the user do to avoid infections? The vast majority of malware infections are preventable by following safe computing practices. Such practices include keeping Windows updated with its Service Packs and monthly updates. It also means keeping installed programs up-to-date. These programs include Adobe Reader and Adobe Flash Player. One of the paths for viruses entering a system is Flash Player, which is rarely updated by the user, if at all. This has been corrected by allowing Flash Player to perform automatic updates (which you should verify is turned on), and by its inclusion in Windows 8.x.
For those users who install Oracle Java, or have Oracle Java installed on a newly purchased system as part of the value added software(aka ShovelWare), the best advice for you is to uninstall Java as quickly as you possibly can. That means every version of Java that is installed! With only 3% of websites (or less: SANS NewsBites Vol. 15 Num. 098) using Java, there is simply no need for the user to have Java installed with its potential for infecting your system. For the user, you must understand that there is a difference between Java and JavaScript.
Another action the user can employ is to stop indiscriminately clicking on links, and not ignoring check boxes. Adware and spyware infections rely on the user not paying attention to installation dialogs. Spend a few seconds looking at the dialog boxes before clicking next or install. Those few seconds can save you a lot of frustration later. This also applies to User Account Control and allowing programs to run. If you do not recognize the program requesting permission to run, do not approve it.
If you have a broadband connection, such as cable or DSL, install a router if you do not already have one. Many routers include firewall protection. If you have a wireless router, be certain to use the highest security levels it provides, and change the default password.
Whether from familiar or unfamiliar sources, avoid free programs, such as screensavers, popup blockers, file sharing applications, music sharing applications, virus and adware checkers, download managers, and games. Many of these include or embed various forms of spyware, which opens the door to viruses.
Be cautious of opening email attachments, particularly from unfamiliar sources. Viruses, Trojans, and worms are often spread through opened attachments. Their effects are not always immediately seen, delivering an unexpected payload at an unpredicted time, and in varying ways. Even if someone you know sends you an email with an attachment that is not clearly identified, or you do not feel safe about, ask first before opening the attachment. An associate may have been affected and a virus may have utilized their address book to propagate. While it may be irresistible or overwhelming curiosity, why risk opening these links?
Be extremely cautious of emails from banks or services such as PayPal claiming your account needs updating. This may be a phishing scheme in an attempt to steal identity. These emails appear to be from legitimate sources, and appear legitimate in content. Fraudulent web sites appear identical to the real ones but ask for information that would normally not be necessary. They may contain real links back to the genuine site. Always logon to your bank or other secure web site using your browser, not a link in email. When you directly logon to your bank or other secure web site, they will typically provide notification of any necessary updates to your account.
Avoid web sites of particularly questionable or suspicious character. They could have malicious scripts that can be downloaded to your PC, if scripting is enabled in your browser.
System files
The user suspects something is wrong with their system. Some error, or perhaps even a friend, has put the thought in their mind that they should delete certain files from the Program Files folder, or Program Data, or Windows, or even WinSxS. There is no legitimate reason to begin deleting system files arbitrarily, or any files (other than your documents, photos, music, or data), without knowing exactly why. Users who delete these files will always end up worse than when the problem occurred. When a user does this, their next step is to go to a forum or call center, describe the original problem, and never mention what damage they may have caused by deleting system files, leaving it to the support person to try and determine what is now the problem.
If you need to remove or uninstall a product, use the uninstall program provided by the manufacturer. Uninstall programs are typically accessed using Programs and Features in the Control Panel. If the uninstall program fails to properly remove an application, go to the manufacturer of the product and ask them for support. With enough users complaining, perhaps the manufacturer will correct their uninstall program.
Multiple Browsers, Multiple Toolbars
The user has a problem with a specific web site, or is unable to connect to any web site. To correct the problem, the user will ask a forum or friend for a solution. The wrong answer is to install a different browser. That is not the solution. Installing a different browser, if the site in question now works, merely avoids the problem. It did not correct the underlying cause of the problem, which may have been a browser or compatibility setting, a problem with the site itself, a corrupted profile, a browser hijack, or perhaps something more serious. Now, the user has multiple browsers to maintain. The user probably did not maintain the first browser properly. Now, they will not maintain either browser. The user is not entirely responsible for multiple browsers. Many websites, with downloads, will offer a free browser download as part of the package. It is free, so it must be ok, right? Well, nothing is free, but that is another discussion topic for another time. When downloading a product, there is usually that checkbox, checked by default, to download an additional browser. The website knows that users are blind to checkboxes. If fact, they rely on it. They are compensated for each download an unsuspecting user does. The result is a system cluttered with multiple browsers and other unnecessary software, often causing performance problems and confusion.
The same can be said for multiple toolbars. There is no reason to have two, or three, or more, toolbars. This adds to performance problems, and can create security risks. Some toolbars border on being malware themselves. If you must have one, have only one. My personal opinion is there is no good reason to have even one toolbar.
Problem diagnosis
When users encounter a problem, they do not know how to diagnose the problem. Some users will browse the Internet for a solution. Yes, some solutions on the Internet are very good, and correct, and can correct the user’s problem. However, many solutions are not. When a user begins making changes as directed by the solution, and the result is negative, they will never reverse the changes they have done. So, on to a forum for help. While some forums provide good help and problem solving, most do not. The response is usually a “try this, or try that” solution or “get rid of that product and use this product”answer. Rarely does the person providing such assistance on a forum know or understand how to diagnose a problem properly. The “try this, or try that” approach rarely helps, except to provide the person offering such advice more pointsfor their personal status on the forum. When such advice is not successful, the modifications are rarely reversed. The art of problem diagnosis is fading away, perhaps because of the complexity of the systems and software today.
So, what can a user do to solve these problems? Well, except for paid support (and sometimes that fails to solve the problem as well), often there is no choice except to go to some support forum. However, before asking a question, browse or search the forum looking for posts that specifically address the problem you are encountering, and are marked as a correct answer. Do not stop with finding just one post. Look for several. If you do have to post, provide as much information as you can to describe the problem properly and accurately.
System and application updates, and bubble blindness
What is bubble blindness? When the operating system, or some application, requires updating, a flag or bubble will often appear in the system tray. Users usually ignore, or are blind to, the bubble. Some users see the bubble, but are afraid to respond, believing they cannot trust the bubble. It may be a fake. Unfortunately, the reality is that some are. Moreover, some updates are fake, and masquerade as a Windows or product update, to lure the unsuspecting user into installing some malware or un-needed program. Making matters even worse, and perhaps the root cause of bubble blindness, are those anti-malware products that are extremely verbose and cannot resist letting you know that they are working. The result is the user becomes immune to the bubble, and system and applications are not updated. The updates are important. Some fix security issues, some fix faulty code, some correct performance problems. Keeping the system and applications (all applications) updated lends to having a more secure, better performing system. When users ignore updates, or turn off automatic updates, the result is a system in decline.
Users can avoid this problem. For Windows, turn on Automatic Updates. Make certain that you receive updates for Windows and Microsoft products. Periodically check for updates manually. Some updates are optional, and should be installed. For any non-Microsoft products, determine if the product has a “check for updates” feature. If it does, use it. If not, go directly to the manufacturer’s website and check.
Downloads from places other than the manufacturer
The user installs the system, or some device, and determines a driver is needed. So, rather than go directly to the manufacturer’s website to download the driver, the user does a search for it on the Internet. As one might expect, there will be thousands of results from websites, all claimingto provide the driver, all offering a free driver scan. Many of these sites, and their download (assuming you can actually find the download link), will do nothing to correct your missing driver. Many downloads may contain a payload you do not need, or want. Some contain malware. While the scan may be free, the actual driver (if it exists) is likely not. On some of these websites, the user will never find the actual download link due to the myriad of download buttons that have nothing to do with the software you want. There is no reason to go to any site other than the manufacturer of the product to get the driver. If you cannot find it on the manufacturer’s site, ask the manufacturer where the driver can be found. If it is no longer available, there is a reason.
A similar situation exists for “free applications”. For example, why would a user need to go anywhere other than Adobe to get Reader or Flash? While there are a number of sites that offer these free products for distribution and download, with some being legitimate, there is always the potential that such a download is not current or, worse, infected. Always go directly to the manufacturer of a product for a driver, or product, or update. Even if you need an older version of a driver or application, go directly to the manufacturer. Many manufacturers maintain an archive of older versions.
RAID versus Backup
Many PCs are now configured with RAID solutions, implemented in hardware or software. RAID is a great solution for specific business and data center needs. It is not, however, a solution the average user needs. More importantly, it is not a backup solution. RAID is a solution to achieve fault-tolerance, reliability, and performance. In no case is it a backup solution.
If you are running RAID 1, for example, yes, you have a mirrored disk. If you delete files unintentionally, or get a virus, the problem now resides on both disks. Conversely, if you have RAID 1, and one of your disks physically fails, you are still able to operate on the surviving disk. Re-establishing the mirror requires the user to know which disk to remove, how to replace the disk (with one of the proper capacity), and how to rebuild the mirror, which is only possible if the user does not ignore the bubble! While using RAID 1 as an example, the situation would be worse with a RAID 0 solution.
Unless the user understands the various RAID configurations, and has the appropriate expertise to manage such a solution, RAID is not a solution for end users. RAID, for the average user, provides an unnecessary layer of complexity and maintenance to an already difficult to manage environment. Consider that disks manufactured today are of exceptionally better design, performance, and quality, and have far greater lifespans than the disks of yesteryear. Additionally, the user can obtain outstanding performance improvements with new hardware that supports SATA3, or by moving to SSD or SSHD (hybrid) drives.
Many users now attempt to use RAID, or are forced to use RAID (as part of a preconfigured system), only to find they have lost their entire system. The best solution for a user with two hard drives is to use the second drive as a backup, using the Windows backup, or some other backup solution. If you have only one physical drive, and do not want or know how to install a second internal drive, purchase an external hard drive.
Seems like I barely mentioned backup. This is the most important issue the user needs to address. Whether you use a second drive, or USB stick, or cloud storage, you must backup your data. The operating system and applications can be reinstalled from other sources. Your data cannot. Create a backup plan, and make certain you follow it. Having a backup plan, and following it, will protect your data from becoming a tragedy. Not having a backup plan will almost certainly result in a tragedy.
Note that having a large drive, partitioned into multiple partitions (e.g. C and D), and backing up to D, will provide little in terms of recovery if the physical drive fails. Do you know if you have multiple physical drives, or a single drive with multiple partitions? You need to find out.
The BIOS
To the user, the BIOS is just as mysterious as the Registry, and just as dangerous. Desperate users, looking for a solution to a problem, as a last resort end up modifying at the BIOS. Making a change here can make your system un-bootable. With the complexity of UEFI BIOS, and Secure Boot, any changes are more likely to make your system un-bootable. A simple example is changing your chipset SATA mode from IDE/ATA to AHCI after your system has been installed, and experiencing an unbootable system.
Updating the BIOS is oftenunnecessary, especially for older PCs, or those purchased from a manufacturer. Sometimes, they need a BIOS update, but more often not. However, in today’s world, especially for those that build their own PC by purchasing a motherboard from some manufacturer, a BIOS update is often necessary. Doing the update requires the user to follow a specific procedure. Not doing so can leave the user with a motherboard that is no longer functional. Unless you are experiencing a problem specific to the BIOS, leave it alone. If in doubt, contact the manufacturer of the motherboard for assistance, and only download the BIOS update from the manufacturer.
The BIOS can also be referred to as firmware. The motherboard is not the only device that has firmware that can be updated. CD and DVD drives, graphics adapters, hard drives, SSDs, and other devices may be capable of firmware updates as well. Do your research, and follow the manufacturer’s instructions if your device(s) need updating.
PC Tune Up programs
PCs slow down for a reason. For example:
· Malware
· Start-up programs (too many startups, unnecessary startups)
· Anti-Malware software
o Poor performance/Resource intensive
o Multiple real-time products
o Expired trial or product licenses
· Hard drive free space and fragmentation
o Temporary files
o Temporary Internet files
o Restore points
o Uninstalled program remnants
· Older hardware and/or low resources (memory, processor, disk)
· Hardware problems
· Updates not being applied
· Multiple toolbars and browser add-ons
Not knowing how to remedy the problem, the user looks for the easiest solution, or a solution that promises to correct all problems, for “free”. They see the advertisements on the Internet and on television to fix their PC. Careful - the scan is free. Fixing the PC is not. Additionally, what the scan finds is often the simplest of issues and not the cause of your problem. Many problems cannot be fixed by a program or a person on the phone. Beware of letting anyone log into your PC. Also, beware of random calls claiming to represent Microsoft. Microsoft will not call you unless you have initiated a support case. Moreover, there is no such thing as eliminating viruses forever, as claimed by the television commercials. The best solution is to examine each of the potential causes listed above, or contact a knowledgeable friend or reputable PC repair shop.
System Maintenance and User Data
Users rarely perform any system maintenance. The lack of maintenance, in addition to updates mentioned previously, typically results in wasted disk storage and disk fragmentation caused by un-needed temporary files. Keeping your system clean and defragmented will ensure better performance.
The Windows Disk Cleanup program can help the user remove temporary files, temporary Internet files, empty the recycle bin, and other such files that are not needed by the system. It can also remove restore points. However, keeping restore points can often be the easiest way to recover from a virus, by simply restoring to a point before the infection occurred. Another cleanup process can be accomplished by Internet Explorer’s “Delete Browser History”, or a similar process in the browser of your choice. Additionally, it is a good practice to perform these tasks before performing a backup. If you have not performed any cleanup, the process of doing so can take some time. The accumulated number of these files can be quite significant, and consume a large amount of disk space.
An area where users go wrong is to install cleanupprograms. Some of these programs are more aggressive than others are, and will delete files that are necessary for your system to function properly. Even the less aggressive cleaners can and will create problems. Additionally, free or not, these programs will usually contain that check box to install something else on your PC. It is ironic that these cleanupprograms add unwanted or unnecessary programs and software to a system the user is attempting to clean.
Another task, often scheduled to run 1:00am Wednesday morning, is Disk Defragmentation. While this issue no longer exists in Windows 8.x, it makes little sense for systems, especially laptops, which are typically shutdown or asleep at 1:00am. To correct this, either change the schedule, or manually invoke the defragmentation utility. Again, if the defragmentation utility is not run on a regular basis, it can take several hours to complete. Patience is important.
The system maintains a profile for each user. When you log on to your system, you are in your profile. Your profile contains many settings specific to you. More importantly, it is where your photos, documents, music, favorites, desktop, and such are stored. When you create and save these files, they are normally (or should be) saved within your profile. Where users go wrong is to save them in some location other than their profile. Saving these files in a location other than the user profile creates a problem for backup programs that specifically backup your profile and files. If you put the files in some other location, the backup program may not back them up. Additionally, if you plan to migrate to a new system and either manually move your data, or use a utility (Windows Easy Transfer, for example), or use cloud storage as a temporary repository, some of your data may be left behind. Always know where your data is. If you do not know where your data is, it makes it extremely difficult for someone helping you to find your data. Keep your data in your profile, or keep the old system around long enough until you are certain you have all of your data. Do not store your data in any system folders or locations. Those are for the system. Your profile is for your data.
Windows XP, and earlier
For the user on Windows XP, you are running out of time. If you not aware by now, support for XP (and Office 2003) ends on April 8, 2014. This is the last “Patch Tuesday” for XP. This does not mean you cannot continue to use XP. You can, but at your own risk and choice. Updates from Microsoft will cease. Security issues discovered will not be corrected. Known security issues are [more] likely to be exploited. If you intend to continue using a device running XP, you are creating a problem for yourself. Changing your browser, or anti-malware product, or even upgrading your memory or disk, will do nothing for you except to prolong the problem, and the pain. Buying a new PC, motherboard, or adapter, and asking where the drivers are for XP serves no purpose. Your best path is to upgrade to Windows 7 or Windows 8.x, which will likely require new hardware.
Separate yourself from the emotional attachment to XP and your hardware. XP provided an excellent eXPerience – more than a decade ago. Things have changed, especially in the security model, and XP cannot be patched or updated to correct the problems, nor should it be. For those of you on XP64, you really need to upgrade. Trying to maintain XP, both software and hardware, will cost far more than it is worth. Some will say, “I love my XP system, and it works fine. If it is not broken, do not fix it”. Well, the reality is that it is broken. Do yourself a favor - find and backup all of your data, and move to a new platform – now.
For those with applications dependent on XP, you have waited too long. The end of XP has been known for more than five years. Trying to mitigate the impact now, perhaps by limiting the XP systems to essential functions only, is only an aspirin. For those of you who went virtual with XP Mode, you have the same problem. Running your application in XP Mode is not a solution – then or now. XP Mode was a way to defer the problem. Unfortunately, workarounds tend to become permanent solutions, and bad permanent solutions at that.
If you are on any Windows version before XP, there is little hope for you. Trying to justify being on Windows 98, or Windows NT 4, or any other such relic, is not possible.
Passwords
I am hesitant to begin discussing this topic as it could evolve into pages of discussion. The short version is to create strong passwords, for your profile, and for your online accounts, and change them frequently. It will not necessarily prevent your system or online accounts from being compromised, but it certainly makes it more difficult.
You may want to consider having two accounts (profiles) – one with administrative privileges, and one without. Therefore, you can do all of your browsing, email, office and other such requirements in your standard account, and only use the administrative account for those functions requiring such privileges. With this method, in the event you do click on a link or execute some malware, while using the standard account, you will have prevented the malware from having administrative privileges.
Do not give your password to anyone. Be careful when on public hotspots. Make certain your router has a strong password. Consider whether you should save passwords in your credentials and other storage locations. Make certain that the Administrator and Guest accounts are disabled. If there are multiple accounts on the PC, consider that some of the accounts need not have administrative privileges. Enough said.
In closing…
All of the above topics, comments, and suggestions are meant to address common issues I have seen on PCs for more than thirty years, but specifically since 2001. All comments, advice, and suggestions are presented as is, and all standard disclaimers apply.
Al Hill’s experience with computers covers more than forty-two years. He has previously held positions as a Managing Consultant for a major software company, an Independent Consultant, a partner of an OEM, a Director of Minicomputer Development, a Systems Engineer and Programmer, and a high school teacher. His earliest computer experience includes IBM 360-20 and 1401, Univac 1108, SDS Sigma series computers, and AECO telephone systems, as well as custom systems for the US Military. His other areas of expertise include collecting era-specific items and research on classic automobiles and vintage audio components, and building prototypes of specialized electronic devices, as well as authoring articles for various publications.