• Let your PC start the new year right! (Part Two)

    Home » Forums » Newsletter and Homepage topics » Let your PC start the new year right! (Part Two)

    Author
    Topic
    #2418750

    ISSUE 19.03 • 2022-01-17 LANGALIST By Fred Langa Taking a little time now to thoroughly check and proactively service your Windows PC can pay off big
    [See the full post at: Let your PC start the new year right! (Part Two)]

    4 users thanked author for this post.
    Viewing 9 reply threads
    Author
    Replies
    • #2418758

      I’ve never tried the Defender offline scan, so having read this, I decided to try it.

      It doesn’t work! I get the “save your work” pop-up, then the UAC pop-up, then … nothing at all.

      Tried rebooting and doing it again. Nope. There’s no evidence anything is infecting the PC, but clearly something’s not right.

      And here’s the answer:

      The offline scan requires WinRE. WinRE was disabled – I have no idea why.

      Running reagentc.exe /info from an elevated command prompt will show if WinRE is enabled or not. I tried /enable: that failed. So I then tried /disable followed by /enable and both worked: WinRE was now enabled, and the Defender offline scan worked (clean scan.)

      It seems quite absurd that Defender does not detect that WinRE is disabled. It seems that disabling it might well be something malware does, so Defender darned well ought to check it and report the problem. But no.

      2 users thanked author for this post.
      • #2419054

        WARNING:  the MS roving censor BOT has detected an unacceptable “attitude” in your choice of words, and will alter your OS settings to make off-line scans totally unavailable hereinafter.  MS prefers that you describe such system-level behavior as a “feature”.  BOT OUT.

    • #2418781

      I enjoyed reading your article/s. However, Microsoft took care of it for me. I tried to back out the last two updates and my PC crashed (and of course after coming home from major surgery). I had to do a Windows Refresh. So all nice and clean now.

      My backup strategy is a bit different, but I am usually back up and running in a couple of hours.

      I regularly back up all my personal files and any config files three different ways as well as having most everything on OneDrive. (I have a NAS, and two external drives, one of which is off site and I have a daily and weekly rotation.)
      Every time I buy/load an app. I save it on a back up drive. Whenever an app is updated I save the update files. Thus all my apps are in one place ready to install.
      So… I Refresh, reload apps, add any backed up config files and double check personal files.

      Frankly I have found full backups to be a waste of time since you back up a whole system one day and the next it all changes. This way absorbs less of my time and works nicely every couple of years when I either need to do a refresh or build a new PC.

      1 user thanked author for this post.
      • #2419057

        For many years, we’ve always shrunk C: down to something manageable, and the remainder of that storage drive is dedicated to data, typically with drive letter E: .

        Assume D: is assigned to an ODD.

        Then, a second storage drive is formatted with a primary partition that is the same size as C: to make room for a C: clone on that second drive .

        Lastly, the remainder of that second drive is also dedicated to data.  Assume drive letters on the second drive are F: and G: .

        Here’s the sequence we follow when creating drive images of C: after the OS on C: has stabilized.

        run Partition Wizard to “Migrate OS” to F:  (this feature now requires a paid license)

        write drive image of C: to G: (this also minimizes R/W head thrashing on HDDs)

        copy drive image from G: to E: for added redundancy

        p.s.  we simply serialize drive image folders, like this:

        images.001

        images.002

        images.003

        etc.

        We also store a .txt file in each folder, which contains a log

        summarizing OS changes.  That way, if we need to “roll back”,

        that log file tells us which OS changes need to be re-enabled

        after any given drive image is restored to C: .

    • #2418948

      Last week we acquired for $59.99 and installed Corel’s “Photo Video Bundle Ultimate”.

      The package includes PaintShop Pro 2022 Ultimate, AfterShot 3, Painter Essentials 8, PhotoMirage Express, Corel CreativeCollection, MultiCam Capture Lite, VideoStudio Ultimate 2021Video & Movie Editing Software, Artistic Effects Script Bundle, and the Premium Slideshow Template Bundle.

      After installing all of the components of the package we ran CCleaner Registry and discovered 240+ “issues” related to the Corel software.

      In the past we have resisted removing registry items unless the app related to the item had been uninstalled from the computer.

      Now the question is, should we become more aggressive and remove all of the Corel related registry items using CCleaner.  If no, why not?

      • #2419041

        Hello Kathy Stevens.
        Re your question about deleting all the “Corel” ‘stuff’ – in a word ,”No.” If I were you I’d do some serious searching on the subject before attemting anything. Why? I’ve been using Paintshop Pro for more than 20 odd years – from Version 4 or 5 when it was Jasc and the website was run by the airline pilot who created Paintshop. After it was acquired by Corel things were not as simple, and IMO more invasive. After the demise of my Windows 7 computer I bought a new machine pre loaded with Windows 10. I had to purchase a new updated version of Paintshop – no problem, in fact easy. At the time I was surprised to see my order went to Corel in Canada, the payment to Germany and the software came from Portugal-if my memory is correct. Then all kinds of promotional pop ups from the W10 taskbar bottom left. I had to troll through many forums to find answers to stop this. Furthermore, right mouse clicking on certain files e.g. a MS Word document shows “Browse with Corel Paintshop’. On a more positive note the software is OK and is suitable for my needs. The problem in my opinion is all the “other hidden stuff” plonked on at installation.  So take care, do some serious homework and find advice from seasoned users before charging ahead. Last point I think Corels help is/maybe based in the Philippines – correct me if I’m wrong on this.  Good luck.

        1 user thanked author for this post.
    • #2419031

      I hate to disagree with Fred, as I have a ton of respect for him and always read his articles. That said, the firewall topic is wrong.

      Most everyone gets online behind a router (or gateway) that includes a firewall. Any website like ShieldsUP! never sees or communicates with your computers/devices. They only see the firewall in your router. And, not even that, if you are connected to a VPN (in that case they see the VPN server).

      Not that the firewall in Windows is not important. If you use public Wi-Fi, the Windows firewall might be your only defense against attack from others on the same network. Its just that testing it requires another device on the same LAN (not a website) and running software such as nmap.

      Another thing I hate to say is that ShieldsUP!, although the best firewall tester that I have seen, has been abandoned. Steve Gibson has not updated it in a decade or so and it no longer tests the TCP ports that current attacks go after.

      To end on an up note, some VPN software can hide your computer on the LAN making the firewall irrelevant. If you use public WiFi networks often, this is a great defense. Sadly, different VPN companies use different terminology for this feature. For more, see the section on VPN features here

      https://defensivecomputingchecklist.com/vpn.php

       

      Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com

      2 users thanked author for this post.
    • #2419053

      Fred, Thanks for the brief advice to DEFRAG HDDs. Many moons ago, long before SSDs became reliable and cost-effective, I played around with the Windows paging file “pagefile.sys” usually found by default in the C: system folder. I had also come across the CONTIG freeware, and used it to do an experiment. On a new second HDD, I formatted a primary NTFS partition with the same size as C: . Then, before adding any other files, I ran CONTIG to create a second “pagefile.sys” on that primary partition. Finally, I moved Windows paging to the latter “pagefile.sys”. The theory of this experiment was that the process of swapping a running program out to a disk drive probably did so in sequential memory sectors. And, the outermost cylinders on any HDD are necessarily the fastest whenever linear recording density remains constant across all cylinders. I’m happy to say that this experiment was successful, so successful in fact that I never needed to do any more maintenance or debugging, and the speed of paging operations was very transparent to me. Also, as long as the size of “pagefile.sys” was sufficiently large, I never saw any warnings or error messages about “insufficient paging space” or similar language. Of course, as you pointed out, SSDs do I/O very differently; and, that experiment using CONTIG will probably make very little if any differences when “pagefile.sys” is stored on an SSD.

    • #2419134

      I recommend using only the simplest, most generic cleanups available, such as CCleaner‘s (free/paid) default Registry and junk-file cleanups

      I have to disagree.

      Always create a fresh drive image before making system changes/Windows updates; you may need to start over!
      We all have our own reasons for doing the things that we do with our systems; we don't need anyone's approval, and we don't all have to do the same things.
      We were all once "Average Users".

      1 user thanked author for this post.
      • #2419164

        The only time I clean a registry is on a misbehaving system as a last resort. Often, this is helping people who despite my best efforts do not back up their systems regularly.

        --Joe

    • #2419344

      Mr. Langa offers specific cleaning and maintenance software tools. Use your own preferred  software tools, but don’t ignore the message. Your computer system requires regular maintenance to run properly and well.

      On permanent hiatus {with backup and coffee}
      offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
      offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
      online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender
      • #2419345

        My comment and @bbearren’s are not about system maintenance in general. We both promote regular maintenance activities. We object to regular registry cleaning. I do not think there is a proven case for it. Why waste time and possibly damage your setup?

        --Joe

        4 users thanked author for this post.
      • #2419356

        Mr. Langa offers specific cleaning and maintenance software tools. Use your own preferred software tools, but don’t ignore the message. Your computer system requires regular maintenance to run properly and well.

        I’ve already addressed that.  I disagree with Fred in that it has been my experience that “cleaning the registry” is neither necessary nor part of regular maintenance.

        Always create a fresh drive image before making system changes/Windows updates; you may need to start over!
        We all have our own reasons for doing the things that we do with our systems; we don't need anyone's approval, and we don't all have to do the same things.
        We were all once "Average Users".

        1 user thanked author for this post.
    • #2419369

      Has anyone used and/or have any thoughts regarding HP’s Support Assistant’s “Fix and Diagnostics” tools including,

      • Optimize your performance (“Tune-up and optimize your system to run at peak performance”);
      • Check your operating system (“Checks the operating system and automatically fixes common issues”); and
      • Run hardware diagnostics (“Check system health with HP’s PC Hardware diagnostics for Windows”)?

      The software ships with HP systems and is updated periodically.

      • #2419768

        Has anyone used and/or have any thoughts regarding HP’s Support Assistant’s “Fix and Diagnostics” tools…

        Hi Kathy Stevens:

        Do you know if HP Support Assistant is based on PC-Doctor software? I found an old 2005 PC-Doctor blog PC-Doctor Diagnostics Software To Be Bundled On HP Desktop PCs, but HP wasn’t mentioned ‌the 2019 Forbes article Toolbox Vulnerability Impacts Millions Of Microsoft Windows 10 Users so I’m not sure if HP is still partnering with PC-Doctor. Regardless, the 2020 Forbes article Millions Of Windows 7, 8 And 10 Users Exposed To HP Security Vulnerabilities indicates that HP Support Assist can be vulnerable to the same types of security flaws that are often reported for diagnostic utilities from Dell, Lenovo, etc. that are based on PC-Doctor Toolbox.

        I have a Dell Inspiron laptop and the Dell SupportAssist software that shipped with my laptop is a re-branded version of PC-Doctor Toolbox. I have disabled all automated SupportAssist update checks and system optimization scans [Options (gear icon) | Settings | Automate Scans and Optimizations | Scan Your System and Drivers at:] and never run any manual system optimization scans (Clean Files, Tune Performance or Optimize Network) from the Home tab of SupportAssist because of the potential harm these scans can do. For example, see my 12-Jul-2021 post in ex-jedi’s Prevent Automatic Recycle Bin Emptying about the over-aggressive registry cleaner included in SupportAssist’s Tune Performance scan – my post <here> in that thread explains how I used CCleaner to demonstrate that Dell SupportAssist was cleaning my registry without my knowledge.

        I also discovered a few days ago that my Dell SupportAssist uses the insecure HTTP Protocol Stack to transmit data (see my 20-Jan-2022 post # 2419593 in Susan Bradley’s AskWoody.com topic A Bumpy Road for January), and I suspect I’ll be uninstalling Dell SupportAssist in the coming days and will only use the less intrusive Dell Update app to check for software and driver updates.
        ———–
        Dell Inspiron 5584, 64-bit Win 10 Pro v21H2 build 19044.1466 * Firefox v96.0.1 * Microsoft Defender v.4.18.2111.5-1.1.18800.4 * Malwarebytes Premium v4.5.0.152-1.0.1538 * Dell SupportAssist v3.10.4.18 * Dell Update for Windows 10 Universal v4.4.0

        2 users thanked author for this post.
        • #2419784

          Lmacri

          Thank you for your thoughts on HP Support Assistant.

          While we have been using it monthly on our HP systems without problems, we will discontinue using it until we get a better understanding of the risks associated with the apps.

    • #2419819

      A week ago, I ran the HP’s Performance Tun-up Check that:

      • Deletes system temporary files,
      • Deletes system prefetch files,
      • Executes a system file checker,
      • Empties the recycle bin,
      • Clears history, cookies and cache for the installed web browsers, Disabled search indexing, and
      • Enables storage sense.

      Just ran CCleaner’s Registry Cleaner and it found 527 “issues”.  Therefore, it appears that HP’s SupportAssist is not cleaning our registries without our knowledge.

      • #2419830

        This touches on some of my reasons for not using “Helper” apps for Windows performance.

        Deletes system temporary files

        This can be setup in Task Scheduler and forgotten about.

        Deletes system prefetch files

        This gets rid of files that will quickly be replaced when you load your commonly used programs, because that is what prefetch files are for; they speed up loading your commonly used programs.  Deleting prefetch files doesn’t improve performance, and the prefetch is self-maintaining as the PC is used.  It doesn’t need any help.

        Executes a system file checker

        Another task for Task Scheduler; set it and forget it.

        Empties the recycle bin

        Each volume on the PC has its own Recycle bin, roughly 5% of the volume size.  Emptying the Recycle bin doesn’t increase available space, because the space is already allocated.  Once the Recycle bin gets full, it automatically deletes the oldest files to make room for the latest file deletions.  The size can be adjusted using the Properties of the Recycle bin.

        Clears history, cookies and cache for the installed web browsers, Disabled search indexing

        Again, sizes can be adjusted and they are self maintaining according to their settings.

        Always create a fresh drive image before making system changes/Windows updates; you may need to start over!
        We all have our own reasons for doing the things that we do with our systems; we don't need anyone's approval, and we don't all have to do the same things.
        We were all once "Average Users".

        1 user thanked author for this post.
    • #2419831

      Bottom line related to HP’s Support Assistant, we will be guided by Bill Demirkapi (Bill Demirkapi’s Blog) and Davey Winder (a Senior Contributor at Forbs) thoughts on the three unpatched local privilege escalation vulnerabilities contained in the HP software.

      As of April 7, 2020, Bill Demirkapi was of the opinion that the average user probably was not at significant risk of having this vulnerability exploited against them. Where they were still at risk, while these vulnerabilities remain unpatched, is in the case of an attacker who already had a presence on their computer but in a non-admin user role since an attacker could use any of the unpatched vulnerabilities to escalate their privileges to administrator.

      Bill Demirkapi – Several Critical Vulnerabilities on most HP machines running Windows 4-3-2020

      https://billdemirkapi.me/several-critical-vulnerabilities-on-most-hp-machines-running-windows/

      Davey Winder Senior Contributor Forbs – Millions of Windows 7, 8 and 10 Users Exposed to HP Security Vulnerabilities 

      https://www.forbes.com/sites/daveywinder/2020/04/07/millions-of-windows-7-8-and-10-hp-computers-vulnerable-to-hack-attack/?sh=550697db7672

       

      1 user thanked author for this post.
    Viewing 9 reply threads
    Reply To: Let your PC start the new year right! (Part Two)

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: