M.I.C.A.
The M.I.C.A. Community has discovered several methods for checking your computer for infection while keeping everything running smoothly through regular maintenance. The Lockdown series is devoted exclusively to security & maintenance-related issues. Follow along and learn about the tools included with your XP Home operating system and some that should have been.
Security and maintenance for your new or used computer start here. This is the foundation for everything pertaining to computer security and the maintenance needed to keep your machine running smoothly. Please start at the top of the page and work your way through the lockdown series till you reach the end. If you can not finish everything today, stop back and continue the process as soon as possible.
LOCKDOWN™ STUDIES
Prescribed maintenance routine, malware scanning and computer
settings locked down.
We define "Lockdown Mode" as a way of thinking when it comes to
computer security. This is a reference we will make through out our
network from time to time. The basic principles behind Lockdown™
cover privacy & security related issues. In order to be in 'safe
lockdown mode' you have to lockdown your machine and do the routine
maintenance listed below, along with scrubbing your machine for
infection.
Performance Tweaks
» O.K. now we can adjust a few things with your settings. The first
3 things I would change is the 'Recycle Bin' size, 'System Restore'
size and the 'Temporary Internet Files.' Your recycle bin should be
set to around 3%, the system restore to 3-6%, at the most and the
temp internet files set to around 33mb. These settings will give you
enough space to hold back-up and history for 2-4 days. This is
plenty for most anyone and will help protect you in case of someone
using your machine. I do not recommend completely shutting off these
services because you may need them to restore something in case of a
accident.
» O.K. now you can set your java cache. If you have java installed,
it will be listed in the control panel as 'java plug-in.' I like to
lower the default settings of unlimited or 70mb, down to 4mb. This
is plenty of space for most surfers.
» I recommend that you turn off the "indexing service" included with
your XP operating system. It was designed to offer faster search
times when using the search tool, but it requires a lot of system
resources and slows things way down. You will not suffer really any
difference in speed while searching. To turn it off, open the
"control panel" and then "add or remove programs" and then click on
the "add/remove windows components" tab on the left hand toolbar.
Now, uncheck the box next to "indexing service" and then click
"next" and then "finish."
» Another item that needs your attention is the “C:\windows\temp”
folder. You should delete everything that is in this folder, BUT not
the folder itself. If you have never done this, it will have a ton
of stuff in it. All of this stuff is safe to clean as often as you
wish. This stuff was used at one time or another but is no longer
needed. That is why they call it a temporary file.
» Now we can make sure that file extensions are displayed. This is
important for locating malware. Open 'control panel' and then click
on "folder options" and the "view." Make sure to uncheck the box
"hide extensions for known file types" and check "show hidden files
and folders." This will allow your complete system; including
critical system files so do not delete things that are unknown to
you. While we are here, lets check the box "display the full path in
the address bar." This will display the complete web address of the
sites you are visiting.
» Now Let's move on to the virtual memory setting. Open the 'control
panel' and click on "system." On this page, in the bottom right
corner, you will see the amount of ram memory you have installed.
Your virtual memory should be around 2.5 times the amount of ram.
Because some of your ram will be in use, you will need to round up
to the closest number shown in the chart below. Write this number
down and move on to the next paragraph.
If you use Belarc Advisor, you can check the memory installed and
times it by 2.5 times to get your specific virtual memory specs.
Virtual Memory Set-up Chart:
Any number up to, but not over 256mb ram = 640mb virtual.
Any number above 256, but not over 512 ram = 1280mb virtual.
Any number above 512, but not over 768 ram = 1536mb virtual.
Any number above 768, but not over 1024 ram = 2048mb virtual.
Any number above 1024, but not over 1280 ram = 2560mb virtual.
Any number above 1280, but not over 1536 ram = 3072mb virtual.
Any number above 1536, but not over 1792 ram = 4480mb virtual.
Any number above 1792, but not over 2048 ram = 5120mb virtual.
note: If you are using an older computer and you have a number
higher than 768 listed for your ram, then you should still set your
virtual memory to 1536mb. This equals 1.5 GB and your machine will
work very well with this. However, many computer makers do not want
virtual memory set higher than 1.5 GB on older models (more than 15
months), so please and be sure to set the correct specs. While this
information has worked on hundreds of machines, it is a general rule
for most computers, and some can be set higher...much higher. You
may send us your machine brand & model and we will provide specific
settings for your machine at no charge.
Now that we have your proper number wrote down, let’s change the
setting. With "system" open, click on "advanced" and then
"performance settings" Now "advanced" and then "virtual memory /
change." Select "custom size" and then type the number you wrote
down (it should be either 640, 1280, 1536, 2048, 2560, 3072, 4480 or
5120mb) into both boxes and then click "set." And then click "OK"
and then "OK" and then "apply."
Finally you will need to "restart" your machine and then visit us
again to continue below.
Disk check and repair
» Windows has included a special tool for automatically repairing disk errors that can dramatically reduce the performance and stability of your Windows XP machine. I recommend that you run this tool every thirty days. To do this, go to "start" and then "my computer" and then right click on the drive "C" and then click "properties" and then click on the "tools" tab. Next, click on the "check now" button. Now put a check next to the two options listed and then click "start." A dialog box will pop up saying that you must re-start your machine to run this, so click "OK" and then re-start your machine. Do not touch anything or it will stop the tool from starting. Once it is underway, you can watch it run through all five sections. When it is complete it will re-start and you will be ready to go. If you want to see the results of the scan, you will need to use the "event viewer" located in the "administrative tools."
Updates
» Now lets take care of your Windows updates. We can not lockdown
your machine unless you are running ALL of the current updates for
your system. If you are asked to validate your Operating System,
please do so and continue with the updates. After you are done
there, you will need to go to Microsoft Office and obtain any
updates related to your Windows productivity software. These
programs are not listed on the regular Windows update site. You can
switch over to the better Microsoft update site. This newer service
will update EVERY Microsoft product installed on your machine! After
you have completed these critical steps, restart your machine and
then visit us to continue below.
» Lets take a look at ALL of the other software you have install.
You will need to either update it, or uninstall it to prevent
security breaches. This step will make your machine perform better,
as well as much more secure. Windows XP works best with a hard drive
that has at least 50% of free space. So, if you have a small hard
drive, every program that you can remove will help with performance.
» Great, now you will need to update the other technologies
installed. You should visit the website of the builder (i.e. Dell)
of your machine to acquire any recommended updates from them. Next,
visit Macromedia, Java and Intel and get the latest versions of
their products.
» Finally, you have one more item to update, Adobe. This product is
probably installed on your machine and if you have not been using
Adobe, it has not been updated. Once all of these items are current,
you should uninstall the old versions from your machine.
» We do not know what all is installed all your machine, so you will
need to investigate each program at the product's website. If you
come across programs that you do not use anymore, just remove them
and save yourself trouble down the road. Remember, all software
needs to be updated to the current version to be protected from
possible security holes. It does not matter how old they are, as
long as they are current with the maker. You do not have to use the
newest edition; just verify that your version is safe by the maker's
website. Once this step is complete...
You are now ready to move on to the Lockdown Microsoft Internet Explorer section.
Lockdown Microsoft Internet Explorer
This series covers the Internet Options, listed in your control
panel. These control most things related to internet connections and
their functions. We will cover every setting and give you the right
information to set up your machine correctly. After this series,
your computer will be much safer and perform more efficiently.
Lets get started...Click 'start' & then click 'control panel'. Now
click on 'internet options' and start the study below.
GENERAL TAB
» O.K. with the 'internet options' open, you will see the general
page. Your home page is the address of your home page while on-line.
You should recognize this address as the first page viewed upon
connecting to the internet.
» Next is the temporary internet files. You can click 'delete
cookies' and clear all of your stored cookies. Click 'delete files'
and then check the 'delete all offline content' box & then click
'o.k.'
» Now click 'settings' and under the "check for newer versions of
stored pages," check 'automatically. Next change the "amount of disk
space to use" down to 55MB. This will be plenty for you since you
will need to empty this regularly. You will see the current location
of your temporary internet files folder. This is fine to leave alone
but if you wanted to change the location, you would click 'move
folder' and then you would search you hard drive for a new location.
I would keep it in the "local folder" but I know some people who
move it to the "my documents" folder for the ease of finding it.
» Now click 'view files' and a screen will open with all of your
files stored from surfing the internet. They are named this because
they are not part of anything important and should be cleared
regularly. They are needed while on-line for that very instant and
then need to be cleared. This is cleared when you use the features
listed above. You can also clear them in the new window that opened
by moving your mouse over a un-written area and click & drag all the
way to the left, going over all the names of the files and then
clicking delete. If you do not know what 'click & drag' means, it
refers to clicking the left mouse button and holding it down while
moving it around the screen.
» Next click 'view objects' and a new window will open listing the
"downloaded program files" and you should recognize the names in
here such as "java runtime, office update engine, shockwave flash
object." These work to support your browser functions and pose a
risk if a malicious program is listed here. Investigate each item
and verify it maker.
» Now we can look at history area and change the "days to keep in
history" down to 0-4 days. This determines the amount of days, it
will track your internet habits, which is stored in the temporary
internet folder. I set mine at 0 but some people like to have recent
history for sites they go to often and 4 days worth of surf records
should be the most you keep.
» Next, click 'colors' and check 'use windows colors' and click
'o.k.' This sets the color s used while on-line but some sites will
not display a custom color so I recommend using the windows colors.
Click 'fonts' and set the "language script" to 'Latin based' & "web
page font" to MS Reference and the "plain text font" to 'Lucida
console' and click 'o.k.' You could pick some other font bit again
some sites will not view the same and all of these effect the speed
of opening pages on-line. click 'languages' and it will list
"English (united states) [en-us] for English but you can add
different languages if you visit web sites from other countries and
want to view this as well. click 'add' & pick from the list, then
click 'o.k.'
» Now click the final button listed on the general page,
"accessibility" and un-check all 4 boxes and click 'o.k.' Now click
'apply' at the bottom. All of the settings for this page is
complete. You have learned the "general page" of the internet
properties. To safeguard your system you need to finish this series
to learn about the "security, privacy, content, connections,
programs and advanced" pages. We will then start a new series
covering a different tool or program.
SECURITY TAB
» As you open the 'security' page, you will see the different
internet worlds that your sites are assigned to. You should start
out by clicking the 'internet world' and then click default. Next
click 'local intranet world' and click 'default'. Now click on the
'trusted sites world' and again on 'default'. And finally click on
the 'restricted sites world' and then click 'default'.
» With these settings on default, you will have pretty good security
and still have high user function. If you click on one of the worlds
and then click 'custom level' you can turn off/on the many
activities that are required to surf websites. I would keep the
default settings for a little while and watch the behavior of your
surfing sessions for trouble. After you get use to your machine, you
can adjust the separate items.
» This should only be done one setting at a time and then surfing
the sites you trust to troubleshoot. The more common things that
users will tweak are; ActiveX controls, turning off/on pop-up
blockers, controlling download, Java scripting, user log-on and
nearly every setting listed which will affect your surfing
abilities. These separate worlds, as they are referred to, work
great at controlling security while providing functionality over a
broad range of websites.
» For some serious control, set 'ActiveX and 'Java Scripting' to
"prompt" which will ask you if it may run at every site you visit.
This is an optional setting. I have found that, after several
pop-ups, many users will just approve anything that will pop-up and
therefore this option can make users numb to security. You should
read EVERY dialog box that asks you to approve a request.
» Another great feature of this is to add websites to the 'safe
sites world' so you can let your shields down for that specific
site. You should only add addresses that are super safe because your
machine will trust them with all of the features listed for that
world. If you study the differences of every setting listed for the
four worlds, you will find many differences and start to understand
which settings can be turned on or off for your needs. However I
still think the default settings are best for most surfers.
Privacy Tab
» On this page, set the slide bar to "Medium High" and make sure there is a check mark at the bottom, next to the "block pop-ups."
Content Tab
» If you have been doing our M.I.C.A. Maintenance, you will be
familiar with this page. Clear the 'SSL State' regularly and turn
off the 'AutoComplete' altogether.
» If you want a little extra protection from adult content, use the
'Content Advisor' by clicking 'Enable.' Then click 'Settings' and
check everything you want to allow or block. This will help block
some bad content, however not every site will be blocked by this
feature. For serious content control, you will need a third party
program that uses powerful filtering technologies.
» I would not use the 'My Profile' for your personal information.
Connections Tab
» OK, out of the three options, I would put a check mark by the "Never dial a connection" and leave everything else the way it is. This will prevent your sign-in box from popping up automatically, when you click on something that requires an internet connection. This can become annoying at times.
Programs Tab
» Here you can specify which program you want to use automatically.
Click on the arrow tab next to each item for the choices available
to you. Next, you can fix some problems with Internet Explorer by
'resetting' the default settings. However, this will change several
other settings that have been customized, so you should only use
this as a last resort. Then you should go back through our Lockdown
Microsoft Internet Explorer section and reset the things we have
been changing. You will have to change your 'home page' back to your
preferred website.
» The 'Manage Add-ons' button will give you a look at all of the
"helpers" that are installed on your machine. You can disable bad
ones or allow the ones you want. Do not disable anything that you
are unsure about. You should research an item before you change
anything. You may contact us for free help on these items.
Advanced Tab
» When you open the 'advanced' page, you will see the same items we
have listed below. There are many different options for these items
and we feel that the set up below will allow the best mix between
function and security. If you secure things too much, you will spend
all of your time clicking and approving every step you make. While
this is the best security, we have found that most users will become
tired of the hassles and lower the security. You should
check/uncheck the same ones that we have.
Did you know that Microsoft has included explanations of these
items? With the tab opened, click the "question mark" at the top
right corner and then click on any of the items.
Accessibility
√ Always expand ALT text for images
X Move system caret with focus/selection changes
Browsing
X Always send URLs as UTF-8 (requires restart)
X Automatically check for Internet Explorer updates
√ Close unused folders in History and Favorites (requires restart)
X Disable Script Debugging (Internet Explorer)
√ Disable Script Debugging (Other)
X Display a notification about every script error
√ Enable folder view for FTP sites
X Enable Install on Demand (Internet Explorer)
√ Enable Install on Demand (Other)
√ Enable offline items to be synchronized on a schedule
√ Enable page transitions
√ Enable Personalized Favorites Menu
√ Enable third-party browser extensions (requires restart)
√ Enable visual styles on buttons and controls in web pages
X Force off screen composition even under Terminal Server (requires
restart)
√ Notify when downloads complete
√ Reuse windows for launching shortcuts
X Show friendly HTTP error messages
√ Show friendly URLs
√ Show Go button in Address bar
Underline links
√ Always
X Hover
X Never
X Use inline AutoComplete
√ Use Passive FTP (for firewall and DSL modem compatibility)
√ Use smooth scrolling
HTTP 1.1 settings
√ Use HTTP 1.1
X Use HTTP 1.1 through proxy settings
Multimedia
√ Enable Automatic Image Resizing
√ Enable Image Toolbar (requires restart)
√ Play animations in web pages
√ Play sounds in web pages
√ Play videos in web pages
X Show images download placeholders
√ Show pictures
√ Smart image dithering
Printing
X Print background colors and images
Search from the address bar
When searching
√ Display results, and go to the most likely site
X Do not search from the address bar
X Just display the results in the main window
X Just go to the most likely site
Security
X Allow active content from CD’s to run on My Computer
X Allow active content to run in files on My Computer
X Allow active software to run or install even if the signature is
invalid
√ Check for publisher’s certificate revocation
√ Check for server certificate revocation (requires restart)
√ Check for signatures on downloaded programs
√ Do not save encrypted pages to disk
√ Empty Temporary Internet Files folder when browser is closed
√ Enable Integrated Windows Authentication (requires restart)
√ Enable Profile Assistant
√ Use SSL 2.0
√ Use SSL 3.0
X Use TLS 1.0
√ Warn about invalid site certificates
√ Warn if changing between secure and not secure mode
√ Warn if forms submittal is being redirected
And that completes this section.
Let's move forward to layering another solid security countermeasure, IE-SPYAD2.
IE-SPYAD2
» This tool will prevent abuse through the Internet
Explorer browser. unlike a typical active program running, this tool will
simply run once and install a larger
database of blocked websites to the restricted zone of the internet
properties. Microsoft adds some on its own, and ie-spyad2 will add
several dozen more to the list. There is nothing more to do after
downloading and installing the data file. This is not another
program grabbing your resources.
That completes this section. You are now much more secured and
your machine will work more
efficiently.
Now you need to Scrub up!
Scrub up!
» In order for you to scrub-up, You will need to download the 3
programs listed below, if you do not already have them. These will
work perfectly next to any virus scanner you may have. You can have
several malware tools running at once, but you can only have one
virus scanner installed. They simply do not get along and will
affect your performance in a big way.
You need one virus scanner, one firewall, 3-6 malware cleaners and
2-3 investigating tools for your armory to be complete.
Now this is where you think were going to ask you to buy stuff to
fix your problems, but hey, were just not like that. This will cost
$0.00 and not to much of your time either. You can install more
malware scanners, which can be found at our Downloads page, but the
ones below will cover most users needs.
The three products you need to download are:
1.) Malwarebytes Anti-Malware freeware/premium
2.)
Microsoft's Windows Defender freeware
3.)
CCleaner freeware
4.) And if you want the very best in automated premium software, I would
recommend throwing twenty bucks at Sunbelt Software CounterSpy:
» Next install & update the product definitions, then run them and see what you've been hiding. Remove all bad products listed and then restart you machine. Then run your virus scanner. All of these products should be run on a regular cycle. Most computer repair people say things like "scan for viruses twice monthly" but this is better looked at by the HOURS you surf. If you surf ten hours a day, you should run the malware tools above every 1-2 days, but if you surf a couple of hours per day then you could run these once a week. Now that we have malware scanners starting the clean-up process, you have taken a big step in the right direction!
You must continue to scan, clean and restart your machine until you have NO infections. If you can not obtain a clean scan, you will need to use HiJackThis! and allow us to help you with the process. This is provided free of charge, so you have nothing to worry about there. If you can not clean the malware, you can gain a little on malware by unplugging the machine from the internet, and by restarting the machine into "safe mode".
Trend Micro HiJackThis v2
This is the first investigating tool you will need to download. When
“HijackThis!” is installed, the default location for installation
will be a temporary folder. This means that any backups you create,
as a result of fixes made, will not be saved if we need to use them
at a later date. It will not function properly when run from the zip
folder or a temporary folder.
» Create a folder on the C: drive called HiJackThis. Make this
folder first, as you will not be able to move the program after
install.
» You can create this new folder by going to “My Computer” and then
‘double click’ on “C:” and then ‘right click’ and select “New
Folder” and then name it ‘JackThis’
» Now download the new Trend Micro HiJackThis v2 (freeware) from
Download button and install into the new folder you made for it.Get
it from CNET Download.com! This is a new version created after Trend
Micro purchased the HiJackThis! v1.99 edition. Trend Micro is not
offering support or a download of this new program yet, so you will
have to click the button and get it from Download.com (a trusted
resource of ours).
» Launch “HijackThis!” and then click “scan” and then click “save
Log.” This will generate a text file that will list all running
processes and applications that are loaded automatically when you
start Windows, plus a lot of other important information that we
will use to diagnose your machine.
» Remember, HiJackThis! is for auditing your system files for
infection. You should never 'check & remove' any items with this
tool by yourself. It is very powerful. If your machine is infected
after following our Lockdown series, you will need to use HijackThis!
to run a scan and then save the log file to email it to us for
further directions. If you do not want to use email, you may post
the log at our trusted computer forum for help.
Free Virus scanners
» If you do not have a updated virus scanner, visit McAfee and use the free tools. A few other quality, free online trusted scanners can be found at 1) Kaspersky and 2) Panda.» You can install a free scanner to use off line as well. If you do not have a virus scanner, you should install AVG Virus Scanner. However, for the best all around protection, I recommend you install McAfee SecuritySuite.
Firewalls
If you have followed along, you have updated your system through Microsoft and all of the other products installed on your specific model have been updated or removed as well. Plus, you have at least three or four malware tools and one virus scanner. What you need now is a serious firewall to complete your security line-up. The Windows XP's "SP2" (service pack 2) update installed an improved firewall (over earlier versions of windows). To add a lot more protection, you should install a third party product to your machine.
The best two offered today, are McAfee and the award winning Sunbelt Personal Firewall.
McAfee will cost you the most, while Sunbelt Kerio costs the least and offers a free trial period. They both provide exceptional protection. You can only run one firewall (and one virus scanner), so if you want to run a all-in-one security suite, go with McAfee.
We are aware that everyone can not go out and purchase a new program and in this circumstance we like freeware. You can still be protected from the malware trying to get into your machines. By downloading Sunbelt Personal Firewall at 50% off today, which is offered for your home machines for free. After a trial period, the free program will not offer all of the protection of their paid versions, they will still provide the protection needed to surf today's web. If you are able or if you need protection for your office machines, you should buy the full program from Sunbelt as well.
» Now finish the remainder of the items on the 'MICA Maintenance' list below. You may have overlooked the maintenance on your computer in the past, but today's internet is very different. Maintenance is the most important thing you can do, next to updating your software. Our "M.I.C.A. Maintenance" will simplify the process. If you prefer, copy and paste the list below to a word editor program, print it out and tape it to your machine. Keep it handy for regular use. After a few weeks, you will have the routine remembered!
M.I.C.A. MAINTENANCE
1) ‘Scan’ for Adware, Spyware and all Malware DAILY.
2) Clean your ‘Temporary Internet files’ and ‘History list’ every 5
Days.
3) Clear your ‘SSL state’ every 5 Days.
4) Clear your ‘Java files’ in your Java console every 5 Days
5) Empty the ‘Recycle bin’ every 5 Days.
6) ‘Defrag’ your hard Drive every 10 Days.
7) ‘Scan’ for Viruses and Trojans every 5 Days.
8) ‘Degauss’ your monitor by turning it off completely and back on,
every 10 Days.
9) ‘Completely turn off’ your machine every 10 Days. This is
different than re-starting. When you re-start, it does not shut down
100%
10) Clear your 'C:\windows\temp' folder every 30 Days. Remember to
delete the contents, but not the folder itself.
11) Run 'disc check' every 30 Days.
12) Run ALL scanners in 'safe mode' every 30 Days.
In order to start your machine in "safe mode" you will need to re-start your machine and then once you see the first screen, start pressing the "F8" key every few seconds until you see the black screen prompting you to select safe mode start-up. Use the arrow keys to move up to it and then hit the "enter" key. Log on to your user name and you are running in safe mode! Things will look a little different, as this set-up is for maintenance only.
Rootkit testing
» Now we need to check for 'Rootkits'. You can read our take on
these well-hidden programs by visiting our Safe lockdown story on
Rootkits. In order to check your system for rootkits, you will need
a special scan of your machine. You can use the F-Secure’s
Blacklight beta tool for this task.
Another quality program that works very well for this task is the
Rootkit Revealer scanner.
Firewall & Computer Ports testing
» Lets check your system for security breaches and verify that your
machine is in lockdown mode.
» Let's go to Gibson Research Corp and use the 'Shields up' and the
'Leaktest' program to check you computer ports and firewall. We want
the 'Shields Up' to show all ports as being in stealth mode. Run all
of the tools listed on the Shields up page to verify several key
areas of your machine. Then we want the 'Leaktest' to pass your
firewall as blocking all access.
Lockdown has been achieved!
» If you have made it to here with clean scans ~ Congratulations!
You are now in Lockdown mode, with a more secure system. Check back
every so often to find new information that we will be adding. We
will dig a little deeper in the coming weeks. Please follow the
final step below. This will clean your restore points for any
infection.
» Turn off system restore to clear all restore points, restart your
machine. Run a final scan with your virus scanner, Ad-Aware and
Spybot. If you have clean scans, turn system restore back on. Set
the size to 3-6%. If you are not clean, repeat the steps to scan and
clean until you are not infected. It may take a few rounds of
scanning, cleaning and restarting to clean-up a infected machine.
Once you are complete, you are ready to go back online with your
new, safe & secure machine!
Follow the M.I.C.A. Maintenance routine to keep the infection from
coming back.
Now that you have a clean machine, let's learn about some tools for investigating your machine.
Let's keep an eye on things
Maybe a program is not responding and you need to close it without causing harm. We can show you how to take back control. You have a great tool included with Windows XP, and it is vital for you understand how to utilize it.
Task Manager
» Let’s get started investigating your system. You will learn where
to look and how to find out why your system is acting the way it is!
You will perform all checks discretely and without us interacting
with your machine. Once you learn about this tool, you will have
better control over your machine.
1) Hold down the ‘control,' ‘alternate,’ and ‘delete’ keyboard keys
at the same time and release. You will now have the ‘TASK MANAGER’
open. Great, now you can see what is running (using your system
resources). WORD OF CAUTION: Do Not Shut Down or stop any of the
items listed, because that will affect your system. Use the task
manager as a investigating tool to check things out.
2) Write down the CPU Usage %, # of Processes, and all applications
listed under the applications TAB. You can use the print screen
keyboard shortcut as well.
3) Click Options and select Show Full Account Name. Next click View
and choose “Select Columns;” select all of them available. Great;
now you are set up to see what is happening on your system. You have
gained much knowledge, so let's get started on your next steps!
4) O.K. ready to get to it? Write down all the names listed under
the “Image Name” tab. Write the full name which will look something
like (svchost.exe).
5) Click View and select “Select Columns;” then select “Image Name,
PID, CPU Usage, CPU Time, Memory Usage, Session ID, User Name,
Virtual Memory Size, Base Priority, I/O Other,” and click “O.K.” For
now they are all you need to see from time to time. Now ‘maximize
screen’ to view information full screen.
6) This is a great start for now. Keep checking these settings for
the next two weeks. Become familiar with their habits while running
certain programs.
Event Viewer
» This is a really useful tool for discovering what your machine is
doing. If something
is acting up, it will show up here. The event viewer is located in
the "control panel" listed in the "administrative tools" folder.
Click on "event viewer" and then pick one of the three topics
listed. You can double click on any item to read the properties box
on the specific item.
To help your tech support team, write down the "event I.D." and the
"description." This will save time and clarify the problem to them.
If you are online, you can click on the link and read detailed
information about the reported item from Microsoft.
Belarc Advisor
» Another great tool for investigating your machine is Belarc Advisor. You can learn a lot about your machine by using this program. The personal edition is free, while the different programs used for commercial purposes and networks will cost you a little. The personal edition will handle your personal needs with ease. Not only will it expose the programs installed, but it will tell you everything about the hardware components that your machine was built with. You can print the inventory list before going to the store for new goodies, and always buy the right products for your machine. Another handy feature of the Belarc Advisor is the Windows update list, showing all of the installed updates, along with the status of those installed. You will find more approved auditing tools on our Mighty Mica Awards webpage.
SAFE programs RUNNING on your system:
» These programs are known to be part of Microsoft services running
on your machine and should be considered safe. We are working on a
complete databank of these, as this is only a sample of
approved/verified safe programs running on your machine.
taskmgr.exe, alg.exe, ctf.exe, svchost.exe, explorer.exe,
iexplorer.exe, lsass.exe, winlogon.exe, services.exe, system, system
idle process, csrss.exe, smss.exe, gcasDTServ.exe, gcasServ.exe,
Spoolsv.exe, MDM.exe, wdfmgr.exe, msmsgs.exe, shwiconEM.exe
File extensions
» File extensions tell your machine what program to use to open it and what type of action is needed with that file or folder. We have compiled a database with some of the thousands of programs that we have come across. We will be adding to this on a regular basis until it is complete. If you need to look up a extension, check out our File Facts section.
The End. Congratulations on learning how to care for your machine.
We will continue with this study. Lots of new studies are being finished, so check back and find out how to fix things yourself. When this site is finished, every part of Windows will be explained to you, along with extensive databanks full of important information needed to keep you running smoothly.
If you want to read security related articles, check out our MicaMagazine page.
Or if you are looking for links to serious security software then you want our Downloads page and the Product Testing page for information on the best hardware and software offered anywhere!
There's a lot of information but we will give you plenty of time to understand it.