Many tasks brag about being doable in three steps and this one is no different:
- Remove
- Clean
- Update
Remove
Begin by removing anything that is unnecessary. There three areas on which to focus:
- Applications
- Files
- Start-on-boot entries
Delete unused and unnecessary files. This especially includes temporary internet files. Where temporary internet files are stored varies with the version of Windows. However, (I believe) there is a universal way to delete them in "Internet Options" of the "Control Panel". Also, delete any unneeded/unused icons on your desktop. Having these on your desktop is akin to having a messy room. Similar to applications, unnecessary files use disk space, increase your security risk (because they could contain malware), and will slow down the cleaning and updating phases.
Many application want to start on boot, but the only non-operating system, non-hardware related application that I allow at boot are related to security or file synchronization (by which I mean Dropbox). There are two places in the registry that contain start-on-boot entries. To edit the registry, enter "regedit" at the run dialog, which can be accessed via the keyboard shortcut "Windows-R".
- HKEY_CURRENT_USER -> Software -> Microsoft -> Windows -> CurrentVersion -> Run*
- HKEY_LOCAL_MACHINE -> Software -> Microsoft -> Windows -> CurrentVersion -> Run*
("Run*" means any folder beginning with "Run".) You should delete any registry key (which is what the contents of these registry folders are called) of a program that does not need to start on boot. Be especially on the look out for malware that is set to start on boot. How do you know what is malware, what does not need to start at boot, and what does need to start at boot? Google. That is basically how I figured out which keys are necessary, which are malicious, and which are benign. Some programs (most notably in my mind...QuickTime) really want to start on boot but have no reason to do so. If you delete its registry key, it will reappear there (eventually). I know of two solutions for this, but one of them will be discussed in the "clean" phase. The solution from this section is to leave the registry key, but disable it in the "Startup" tab of "msconfig" (which can be accessed via the run dialog). You also need to check the "'Windows/Start button' -> (All) Programs -> Startup" folder because, as its name suggests, also contains start-on-boot entries.
Clean
In this phase, we are cleaning and securing your computer of malware. I recommend the following security software:
- Anti-virus: AVG
- Anti-spyware: Spybot Search & Destroy
- Anti-"rest": Malwarebytes
Spybot Search & Destroy also has two other important features. It has an "immunize" feature by which it secures your browsers in many ways. You have to immunize after each update. The other feature monitors registry changes. This is the other way to prevent programs from recreating their start-on-boot entry in the registry. Spybot notifies you if a registry change is requested. If it is a program wanting to recreate its start-on-boot registry entry, then you check "Remember" and click "Deny".
Update
Now that your computer is quick and clean, we need to keep it that way. Update all the programs that can be updated. We updated the security software in the previous section, so they should already be at their newest versions.The two most important programs to update are Windows and your browser. Internet Explorer updates are found with Windows updates. Firefox and Chrome have menu entries where you can trigger a update process.
Other common programs that can be updated are
- Adobe PDF Reader,
- Apple Software (such as iTunes and QuickTime), and
- Java.
No comments:
Post a Comment