Saturday, September 30, 2006

Fall Home PC Cleaning....

I have some important things to do this beautiful Gulf-Coast Saturday morning.

But first, I need to perform my (at least) quarterly PC survey and cleanup. Let me use my home pc as an example:

Burning Cookies and Malware

First I run Safer Networking's Spybot Search & Destroy (free), making sure I have all my current updates applied.

Findings: Nothing to see--no malware, spyware or baddies (of course!); just eight persistently nuisance-causing "cookie" vendors listed. Hitbox is the worst with 19 different cookies alone! These guys are present after most scans. I'm tired of dealing with them.

Response: I go into Firefox, select "Tools", "Options", "Privacy" tab. Under the Cookies section I select the "Exceptions" button. One by one, using the detail information from Spybot, I enter their root web addresses in, clicking "block" after each one. This should prevent them from installing cookies in the future. Interested in burning a batch of cookies in your Internet Explorer 6.0 oven? This MVPS.org page is fantastic and clear: Blocking Unwanted Cookies with IE 6.

Optional "SuperNuke" responses: 1) Download, run and apply SpywareBlaster's (free) protection on your system (supports both Firefox and IE). 2) In Spybot, click the "Immunize" shield on the left. Click the "+" at the top to "immunize" your system and block bad products (currently at 12658 items). Also enable the "...permanent blocking of bad addresses in Internet Explorer". You can always unselect these options if you find "lockdown" too restrictive.

Next, I run Lavasoft's Ad-Aware SE (free), making sure I have all my current updates applied. This time I run the full system scan, longer but more thorough than my weekly smart-system scan.

Findings: Skipping over the benign MRU (most recently used) findings, I head directly to the two additional objects found. More tracking cookies, two to be exact. I add these to my Firefox cookie block list and delete them.

Done with baking cookies.

Finally, I run a full WindowsDefender (beta/free) scan on my system. All clear.

A full pass with each of these different malicious software scanning tools is sufficient for me.

Running with Auto-Runs

Now I move to my auto-run entries. These items are files and registry settings that are designed to launch applications, settings, and services when you bring up your operating system. Under normal circumstances, most of these are helpful and critical items to the healthy operation of your computer. Sometimes, baddies and "optional" helpers migrate into here bringing unwanted services and processes onto your system.

Being a sysadmin who specializes in removing baddies from computers, I first run a scan of my registry and settings with Merijn's Hijack This (free) tool. Not for the feint-of-heart or noobies without guidance--you can tank a system if you delete something incorrectly. The on-line HijackThis log file analysis tool can be a helpful place to understand the findings. My scan log looks good. I move on without making any changes here.

Round two on the auto-run's turns to Sysinternal's AutoRuns tool (free). Reviewing the "everything" tab provides me with the full list of what's set on my system. What is nice about AutoRuns is that you can uncheck an entry to disable it, but not delete it (yet). This let's you test your system and if you make a mistake you have a better chance of restoring it back. I disable some videocam "diagnostic" tools, a Quicktime task launcher (qttask.exe), Microsoft's Fast Find tool, a few "updater" apps that silently run in the background calling home to the mothership. I disable some shell (right-click) menu items for compression programs I rarely use, but don't want to uninstall completely. And leave my services alone.

Again, I have a pretty good handle on what should and should not be here. What about the average Joe? AutoRuns is nice in that if you right-click an item, you can select the "Google..." item and it will launch a browser window to Google using the executable as the search term automatically. Do your research and make your decision.

Remember kiddos...if you don't know what you are doing. Disable (uncheck) an item. Don't "delete", I must repeat!

I do a system reboot at this time before proceeding further, just to make sure I don't complicate things in additional cleaning steps.

Sysinternal's AutoRuns is the best app there is in this field, hands down (in my opinion). But if you want others, try a-squared HiJackFree 2.0 (free) or CodeStuff's Starter (free) application.

Virus Check

I now run a full manual scan of all my drives/partitions using AVG-Free. Yes, I have daily scans set, but I'm burning time and want to be sure. All clear.

Bonus Tip: Don't forget to scan any flash-drives or portable data-storage devices while you are at it! Collect them up from your family members and run scans on their contents as well. Good habit to be into.

Application Audit

Using either SAFARP (free) or Utool (free) I perform a review of the applications I currently have fully installed on my system. I remove any apps I haven't used in quite a while and likely will not be using. I make note of those that are questionable that Lavie or Alvis may still need, and discuss with them. If I get the green-light, I pull them off too.

Why?

Having installed programs that aren't used means they aren't often updated. That could offer a vector for infection. And I like reclaiming the drive space I free up.

Along those lines, I know which applications we use most. I launch each one, check the version number, then check the vendor's website to verify if I have the latest version, downloading and updating software as needed.

If you are using Microsoft Office, using Internet Explorer, browse to Microsoft Office Online Download page and check for any critical security patches and updates as well. Running Windows Updates doesn't catch the ones needed for Microsoft Office. You may need to have
your setup disk handy to validate some patches and updates.

Run Belarc Advisor (or) System Information for Windows (SIW) and print out the results for archival/logging purposes.

Java

I verify and download/update if needed the latest JAVA version. It's a good thing to keep this up to date.

Miscellaneous House Cleaning

I personally empty out all the TEMP folders under the various user profiles on our system. If you don't already know what I am talking about or where I mean, you shouldn't be playing in there manually. Here are some GUI based tools that can help:

CCleaner (free) - Take a minute to look over the options before using. Uncheck some things...(you probably want to keep your remaining cookies for example...) Figure it out and read the help-file.

ToniArt's EasyCleaner (free) - Similar program. Get to know it and use as desired.

RegSeeker 1.45 (free) - Similar program. Learn it. Use it.

Make a backup of my registry: ERUNT (freeware)

Advanced: Using these, I was also able to clean up some various abandoned registry items, etc.

Possibly OverKill: Run DupKiller (free) and CAREFULLY review and delete any duplicate files on your system. Advanced stuff as you might break something important. Run OrphansRemover (free) and CAREFULLY review and delete/fix any broken shortcut links on your system.

Backup/Archive

Several options: PowerUsers can pick up a copy of Symantec's GHOST product ($) to image their drive(s). Also available are Replicator (free) to back up files/directories/drives and DriveImage XML (free) solutions.

If nothing else, figure out what critical data files/folders you need to keep and burn it to a CD or keep it on a special flash drive just for that stuff.

Drive Maintenance

Run an "Error Checking" process on all of my drive/volumes.

Defragment my drives (if they need it or not).

Run DriveManager (free) and HDTune (free) to check the performance and S.M.A.R.T. health status of my drives.

Windows Updates (Custom)

When all is said and done, I pop up Internet Explorer and browse to the Windows Updates website. This time I select a "Custom" scan for updates, and select any optional hardware drivers that may be offered and need updating. If I were to find any High Priority updates needed, I'd install those also.

Final Dusting

I shut down the system. Carefully remove the cables/cords where plugged in (grab some masking tape and label the cords if you can't plug them back in your sleep). Go outside and remove the case cover.

Using canned air (or if you got the $$ -- get a Metro Datavac. This mini-model is an awesome home choice...at TigerDirect or Amazon.com some local electronics or office supply stores carry them as well -- just don't try using a leaf-blower!) give the pc innards a long and complete blow-out of all the dust. Pay special attention to blasting the dust from inside your power-supply unit, your fans, and your CPU heatsink. Also be sure to send a steam of air under your systemboard.

While you are at it, carefully but firmly push on the cable plugs, etc. to make sure they are seated firmly.

Put the case back on and hook the cables back up.

When you are done, your system will (hopefully) perform a bit better and be more secure.

That should cover the majors...if you have any additional suggestions...drop 'em into the comments!

See you in the skies,
--Claus

No comments: