Friday, June 9, 2017

Computer Household Cleaning

Computer Household Cleaning

Keyliner has written several articles on steps to cleanup viruses and other Windows infestations.  In particular, I use this this Keyliner article to recover other people's machines:  Virus Cleanup Steps.

But if your machine is running reasonably well, this series of articles, in particular, "Windows Repair and Maintenance" / "Cleaning and optimizing a Windows computer" was interesting.  I recommend reading the articles in this site: 

https://decentsecurity.com/

Use my article to recover a machine that is horribly infested, then follow-up with DescentSecurity's article. I don't agree with everything said, but most of the suggestions are good.  Here are some areas I found particularly interesting and I have been or am now doing:

1.  Run Windows 10.

Windows 7 is too old and Microsoft's resources are dedicated to Windows 10.  The newer OS is more secure and safer. 


2.  Set Windows UAC Nags to maximum.

By default, Windows sets this one notch lower and that is where I used to be set; I have now changed.  Since I am not installing a lot of new software, the change will not add to my burdens. 

To check the settings:
From the Start Menu, type "UAC"

Some people turn UAC off.  They are idiots.


3.  In Google Chrome and in Firefox, install "uBlock Origin" (Addon / Plugin)

uBlock instead of AdBlock plus (my long-time favorite plugin)
uBlock does more to stop drive-by virus installs
It has a larger library to search than Adblock
It is faster than all other adblocking software and does more stuff


4.  Uninstall Java. 

I have never considered this, but in retrospect, agree.  According to the author, "Java is not needed for any modern reason other than obscure software".  Note this is different than JavaScript (used by most websites).  Java can be uninstalled; it will not affect JavaScript.
 
See Programs and Features, un-install Sun Java.

Related: The article suggests upgrading Flash.  On my main Windows 10 machine, I have it disabled.  This has caused problems, but I remain in that state.  If curious, see this keyliner article: Time to Disable Flash.


5.  WinSxs Cleanup

I have long known the WinSXS directory is a pig sty of duplicate DLL's.  DescentSecurity recommends running this Microsoft command, from a DOS prompt, run as Administrator:

C:\WINDOWS\system32\dism.exe /online /cleanup-image /startcomponentcleanup /resetbase

An intriguing idea.  However, on my machine, it ran without errors, but had no affect on my disk.  The number of files and directories in WinSxS remained the same.  Your results may vary.


6.  Registry Cleaners and third-party Windows Optimizer programs are useless

These are snake oil and often dangerous.  I have long said this.  Yes, there are times to fiddle in the registry, but use care.  Registry Cleaners do not.


Microsoft Wish*

I wish Microsoft would allow us to customize the UAC nag screen.  Much like some banking sites, if the UAC showed a personal photograph or some other personalization, we would know we were on a non-spoofed screen.  Even better, imagine your virus scanner with such a personalization.



At the same time, the picture would be our family and employee's cue to never click "OK".  Tell them to call the IT Support Staff (you), before clicking OK.  This would help stop drive-by installs (such as, "You must install this driver to see this online video!"  -- almost guaranteed to be a virus.

No comments:

Post a Comment

Comments are moderated and published upon review.