Basic Maintenance, Security, and Troubleshooting
Encrypting Your Data
The lecture notes described a scenario in which a user’s laptop is stolen and how easy it is to install another operating system on the machine in order to access all of the folders through the second operating system’s administrator account. So how does one protect from this type of intrusion?
The answer is to encrypt your data. There are two ways. The first method is EFS or Encrypting File System. The Encrypting File System (EFS) is a feature of Windows that you can use to encrypt files and folders on your hard drive to provide a secure format of storage. EFS is a core file encryption technology used only on NTFS volumes. An encrypted file cannot be used unless the user has access to the keys required to decrypt the file. The files do not have to be manually encrypted or decrypted each time you use them. They will open and close just like any other file. Once EFS is enabled, the encryption is transparent to the user.
Using EFS is similar to using permissions on NTFS files or folders. However, a user who gets physical access to encrypted files would still be unable to read them because they are stored in an encrypted form. EFS-enabled files cannot be accessed by the administrator of another operating system either, because the files are encrypted by a key that is singular to the operating system that encrypted them.
To encrypt a file or folder, follow these steps. 1. Select the file or folder you want to encrypt. 2. Right-click the file or folder. 3. Choose Properties. 4. Click the Advanced button.
For more information on EFS go to http://technet.microsoft.com/en-us/library/dd163562.aspx. BitLocker
EFS has a major shortcoming: It encrypts only at the folder/file level. It doesn’t prevent your computer from booting up, though, and allowing someone to install a second operating system. In addition, the files are only encrypted as long as they reside on an NTFS partition. If someone manages to copy/paste them to a USB drive or some other non-NTFS drive, the encryption goes away.
With the release of Windows 7, Microsoft introduced BitLocker. It was only included with Windows 7 Ultimate, and not with the Pro edition which is the most popular version for companies and organizations. Thankfully, Microsoft included this feature with the Pro version of Windows 8.
BitLocker protects all of the drives on a computer in their entirety. BitLocker helps ensure that users can read the data on the drive and write data to the drive only when they have either the required password, smart card credentials, or keys. You can select which drives you want BitLocker to protect and which ones you want to be open. If you encrypt the system volume using BitLocker, the computer will not boot without the proper credentials to access the encryption. There are some prerequisites to using BitLocker to protect the system volume. It is best if your computer’s BIOS supports TPM. If your computer is TPM- compatible, BitLocker will prompt the user for a password or PIN – Personal Identification Number – like the PIN you type in for your ATM machine. If your computer isn’t TPM-compatible, then the computer will prompt you to insert a USB drive into the computer which contains the required key which would have been installed during the BitLocker configuration wizard. You will know if your computer is TPM- compatible when you try to configure BitLocker. If it isn’t, you will receive an alert like this one.
So what happens if a user loses this USB stick or forgets his or her PIN? Well, the user can’t access his or her computer. For this reason, it is imperative to remember your PIN or keep track of your USB stick. A computer doesn’t need to be TPM-compliant to encrypt non-system volumes. These can be encrypted by a simple PIN or password.
For more information on BitLocker, visit any or all of these links. http://windows.microsoft.com/en-us/windows-8/bitlocker#1TC=t1 http://www.techrepublic.com/blog/networking/configure-bitlocker-encryption-on-non-tpm-windows- systems/2248 http://www.eightforums.com/tutorials/21522-bitlocker-password-change-reset-windows-8-a.html
Administrator and Guest Account
When you install a Windows operating system, you are asked to create a password for the Administrator account. The administrator account has complete reign over the local computer. For this reason, it is critical that a complex password be configured. It is also important to change the name of the administrator account as well; after all, everyone familiar with the Windows operating system knows that the administrator account is called Administrator by default, so they are already halfway there in guessing what the administrative logon is. Use a fictitious first and last name, in the same format as your other user names. By default, the Windows operating system shows the username of the last user who logged on. This is out of convenience so the previous user needs only to type in the password. This is a possible security weakness, however, since someone can merely attempt to type in passwords to log on as the previous user. A security-minded network policy should prevent this from occurring. This can be implemented within the Windows registry. Go to http://support.microsoft.com/kb/114463 to learn how to accomplish this.
The Windows operating system also comes with a default GUEST account. The Guest account allows users who do not have an account to log on as a guest. This account is disabled by default, and should remain disabled, but hiding the account by renaming it adds an additional layer of protection against unauthorized access just like the Administrator account.
The screenshot below shows a Windows 7 machine. The down arrows beside the Administrator and Guest accounts indicate that these users are disabled.
Windows Updates
The second Tuesday of every month is known as “Patch Tuesday.” It is when Microsoft releases Windows updates for all of its various operating systems for workstations and servers. Applying the latest Microsoft Windows updates and keeping your Windows PC up-to-date is always a good idea and is especially important if you use the Internet. There are different kinds of updates. Security updates, also known as critical updates, protect against vulnerabilities to malware or security exploits. Attackers wanting to break into systems can exploit such vulnerabilities. Recommended updates are analogous to Critical updates, but should be considered mandatory, and they must be deployed quickly. Other updates correct errors (http://en.wikipedia.org/wiki/Software_bug) that aren't related to security, or they enhance functionality. The updates released on Patch Tuesday are usually security updates. Users are recommended to install critical updates as soon as they are released.
Another type of update is a service pack. A service pack is a periodic update that corrects problems in one version of a product. In addition to correcting known problems, service packs provide tools, drivers, and updates that extend product functionality, including enhancements developed after the product was released. Specifically, service packs are designed to get software users to the current code base for the product in question. Service packs keep the product current, and they update and extend a computer's functionality. Service packs may also contain a limited number of customer-requested design changes or features. Users are recommended to install service packs as soon as they are released. Service packs are released only after being thoroughly tested by Microsoft. Should you ever call Microsoft support about an issue with your computer or server, one of their first questions is what service pack you are running for your operating system. Sometimes they will have you update to the latest service pack if you haven’t already done so before moving forward with your case. There are two other types of update categories: regular and optional. These updates address a specific issue and should only be installed if those issues are being experienced. They may also introduce new features that will make your operating system run more efficiently but are not mandatory by any means. This is because these types of updates are untested within live environments, meaning that Microsoft is unsure how these updates coexist with other applications and software environments. Large enterprise environments should have a test environment and test all Windows updates to ensure that new updates don’t create further problems. Many servers and workstations have crashed due to installation of a single Windows update.
Windows Update is an application that is accessed from the Start Menu. The screen below shows the opening interface of the Windows Update console screen.
In the example above, the green check mark indicates that this computer is up-to-date, as optional updates are not considered critical. The next screen allows the user to determine how Windows Updates will occur on the machine.
Note below the different ways to manage Important Windows Updates.
The option, Install Updates Automatically, puts the operating system in charge of installing updates. Many times these updates will require a reboot to complete the installation; in this case, the user will receive an alert like the one shown below.
If the user is away from the computer and can’t respond, the computer will reboot the computer automatically at some point. Should the user configure Windows updates to be installed manually, the interface will show a message like the one below.
As you can see, this computer (a server in this case) has 121 important updates that are waiting to be installed. By selecting “View Update History” you can see when updates were last installed, which in this case was a very long time.
The screenshots shown thus far are of the local Windows Update console. For a large enterprise organization, it would be far too cumbersome and time-consuming for the IT staff to touch every single workstation and review and install Windows updates. This is why enterprises usually use a Windows Software Update Server, also known as WSUS. A WSUS downloads all of the updates for the operating systems that are utilized by computers within the network. WSUS provides a brief description about what each update does (you can look up information about each update manually on the Internet as well). A network administrator can then approve or disapprove each and every update that is downloaded by the WSUS and can assign a time in which the updates will be installed. This way, a single person can manage all of the updates for an entire organization from a single management console.
You can read much more about Windows updates at http://windows.microsoft.com/en-us/windows- vista/updates-frequently-asked-questions.
Windows Firewall
A firewall can help prevent hackers or malicious software (such as worms) from gaining access to your computer through a network or the Internet. A firewall can also help stop your computer from sending malicious software to other computers.
We have discussed the idea of a firewall device on a network—whether it is a rudimentary firewall that is part of a wireless router found in a home network, or a dedicated enterprise-level firewall that guards the network and provides granular control of each and every port entering and exiting the network. A computer can have a local firewall as well. Windows 7 and Windows 8 come with a built-in local firewall.
The Windows Firewall has at least two network locations: Private (Home or Work) and Public. Both of these zones are shown above. If the computer is a member of a domain, it will have a Domain network zone as well. In the screenshot above, the firewall console shows that the firewall is turned on for both of these network locations and that the computer is currently connected to a public network.
The purpose of providing three network zones is that each of these network categories provides a different threat level to the computer. The Domain location is the most secure as it is assumed that the domain is already protected by an enterprise firewall in addition to the protection of the domain servers. Because of this, the Domain location can be left wide open in all probability.
The Public network is the least secure because it cannot be determined to what level the public network is protected. In those cases, assume the worst. The Public location should have all incoming connections blocked, which will allow for basic web and email functionality.
The Home or Work location should be configured based on the security level of the private network.
You can view and configure the rules for any of the network locations in the following screen.
You can then click on any of the rules to view and modify their individual settings. Below is a rule for the Dropbox application.
Note that outbound rules can be configured as well as inbound rules. It is important to configure inbound rules as well as outbound rules so that a computer won’t infect other computers should it become infected. This is for the good of the network and Internet community but also for the user as well. An ISP can decide to disable your Internet connection should your computer be sending out undesired malware into its network. It is also common for computers to become infected with spamming software. In this case, your email provider may terminate your email connection and your email address may become blacklisted by many organizations as well.
You can learn more about the Windows Firewall by going to http://windows.microsoft.com/en- us/windows7/firewall-frequently-asked-questions.
There are other third-party computer firewall products available on the market as well. This is especially useful for older operating systems. A popular firewall product for more than a decade has been ZoneAlarm (http://www.zonealarm.com/). It works much the same way as the Windows Firewall. Below is a screenshot of its interface.
Antivirus
No computer should be operational within a network without some sort of antivirus protection. The most prolific source of viruses and malware is the Internet, of course, but viruses and malware can be delivered through a local network, email, portable USB or thumb drives, homemade DVDs, etc. A computer is accessible from many fronts.
Antivirus is a very general term and covers different types of malicious applications. These malicious applications can be categorized as viruses, worms, and Trojans. Virus - A computer virus attaches itself to a program or file, enabling it to spread from one computer to another, leaving infections as it travels. Almost all viruses are attached to an executable file of some sort. Which means the virus may exist on your computer, but it actually cannot infect your computer unless you run or open the malicious program. It is important to note that a virus cannot be spread without human action (such as running an infected program) to keep it going. Because a virus is spread by human action, people will unknowingly continue the spread of a computer virus by sharing infected files or sending emails with viruses as attachments to the emails. For this reason, one should never open an email attachment unless it is a known file extension such as a word file, pdf file, image file, etc. Even common files like these can be infected, so the best course of action is to never open an attachment unless it is a known file type and is coming from someone that you know and regularly communicate with.
A worm is similar to a virus by design and is considered to be a subclass of a virus. Worms spread from computer to computer but, unlike a virus, they have the capability to travel without any human action. A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided. The biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge devastating effect. One example would be for a worm to send a copy of itself to everyone listed in your email address book. Then, the worm replicates and sends itself out to everyone listed in each of the receivers’ address books, and the manifest continues on down the line. In the case of some worm attacks such as the much-talked-about Blaster Worm, the worm has been designed to tunnel into your system and allow malicious users to control your computer remotely.
A Trojan Horse is a malware application that at first glance will appear to be useful software, but will actually do damage once installed or run on your computer. Those on the receiving end of a Trojan Horse are usually tricked into opening it because it appears to be legitimate software or files from a legitimate source. Trojans are also known to create a backdoor on your computer which gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. Unlike viruses and worms, Trojans do not reproduce by infecting other files, and they do not self-replicate.
There are many AV software applications available today. Many of these applications offer a free version available for download and installation. These free versions usually are limited to a “scan only” version, meaning that they will scan a computer for viruses and alert the user if any are found. At that point, many of these free versions will prompt the user to purchase the product in order to clean the system. Some will clean it for free. Almost none of them, though, provide real-time protection that prevents viruses from infecting the computer in the first place. Any users today should be using real-time protection for their computers.
A popular AV choice today is Microsoft Security Essentials. The screenshot below shows the primary interface of the application.
Notice that real-time protection is enabled and that the virus and spyware definitions are up-to-date. This is very important, as new virus and malware applications are being created every day. Just like Windows Updates, AV software companies are continually releasing updates for their supported applications as new virus outbreaks are found and identified. The scan options on the right currently show Quick Scan. “Quick” scans are quick because they don't scan every file. Quick scans only look for the most common virus and spyware extension files such as .exe. They also focus on the most popular folder locations targeted by malware such as the Windows directory and a user’s profile directory.
A full scan, on the other hand, will scan every file on the entire computer or select volumes and will search for all known file types. A quick scan is more than adequate much of the time, but full scans should be implemented now and then or if a malware infection is suspected.
A custom scan is used to exclude certain file types of folder directories from the AV scan. Some legitimate applications may have file extensions that the AV application may misidentify as malware. Some applications may also not function correctly if their directory is scanned.
At the bottom of the screen it shows that the computer is assigned the time of Sunday at 2:00 AM for a quick scan every week. It is usually best to have a computer scan itself when the computer is not in use, as scanning does require additional resources and may interfere with processes that the user is implementing at that time. Should the computer be turned off during the assigned time, the AV application will usually scan the computer the next time the computer is turned back on.
The following screen shows more setting options that are available in Microsoft Security Essentials.
Sometimes an AV application can’t delete a malware application while it is running. This means you have to boot into SAFE Mode. SAFE Mode starts up the computer with the absolute minimum drivers and services started. This means that any malware applications that are installed will not operate in SAFE Mode. To access SAFE Mode, simply reboot the computer and continue to hit the F8 key right after the computer POSTS. A command prompt-like menu will appear. Simply use the up and down arrows and select SAFE Mode and hit the ENTER key. Once booted up, open the AV application and scan the volumes.
Should you ever download a virus or malware application that your installed AV application can’t clean, it might be beneficial to download another AV application’s free version to run a scan and see if it can delete it. A great AV application, especially for running in SAFE Mode, is MalwareBytes.
Anti-Spyware Applications
Another form of malware is spyware. Spyware isn’t malicious in that it doesn’t damage your computer. Spyware is a term used to describe a software application that is intentionally installed on the computer by a user to monitor or spy on what other users of the same computer are doing. It is designed to track a user's activity without the user’s fully understanding the intentions of the program or not knowing about its installation. Spyware programs are often used to help with tracking users' habits and delivering proper advertisements to a user. Spyware is installed onto a user's machine when installing free programs such as free music-sharing programs, visiting web pages such as adult-oriented web pages, and through other downloads and plug-ins on the Internet.
There are two main issues when it comes to spyware: One is a privacy issue in that most people don’t want their Internet activity constantly tracked and monitored. The other is that spyware consumes resources fairly quickly. A computer that is choked with spyware can run agonizingly slow, creating a bad experience for the user. Most AV software today targets spyware as well, but it is best to also use one of the dedicated anti-spyware applications on the market today. Some brands include LavaSoft http://www.lavasoft.com/), SpyBot (http://www.safer-networking.org/) and SuperAntiSpyware (http://www.superantispyware.com/). All of these are free to download. It is a good practice to do a spyware scan once a month on your computer.
Below is the configuration console of SuperAntiSpyware.
Hard Drive Tools
Many users at some point start running short on hard drive space, especially on the system volume if they have multiple volumes on their computer. This is due to the continual installation of new applications, Windows and application updates, temporary Internet files, music and video downloads, spyware, etc. There are a variety of things one can do in these situations.
The first is to figure out what is taking up so much space on your drive. A great free application to accomplish this is TreeSize (http://www.jam-software.com/treesize/?cp=Domain_treesize.com). TreeSize scans a selected volume and then shows a breakdown of the size of each and every directory and file on your computer. Once you know which directories are eating up all of your space, you can target those folders and delete any unnecessary files. A prime culprit many times are log files which record events over a prolonged period of time. Log files that were created months or years ago can usually be deleted safely. The TreeSize console is shown below.
Another way to save on hard drive space is to uninstall any applications that are no longer utilized. This was shown in Lesson 2 by accessing Programs and Features and then selecting which application or applications to uninstall.
Your computer is constantly downloading temporary and junk files all of the time if you are on the Internet, which over time can consume a lot of space. Windows comes with a Clean Disk utility that will look for these types of files and ask the user if they wish to delete them. To access this tool, pull up the properties of a selected volume and click the Disk Cleanup button on the General tab.
Clicking this button will result in the following window.
A great third-party disk cleaning utility is called CCleaner. CCleaner has a lot more options for targeting files that are open for deletion and does a more thorough job. You can download the free version from a number of websites. The console of CCleaner is shown below.
Another important maintenance task that should be performed regularly on a computer is to defrag your hard drive. Most hard drives are made up of something called platters, which are actually small DVD-like disks. (One thing to note is that solid-state drives do not need to be fragmented.) Optimally, the computer saves data sequentially but, over time and with regular use, files and folders on a computer's hard drive become fragmented. This is especially the case when users delete lots of files and applications from their computers because this makes empty holes in areas of the platters. When computer files are fragmented, they are typically disorganized. This can cause the system to run slowly and to experience processing problems. Defragmenting the computer gathers and organizes the files, which usually improves retrieval time and the computer's overall performance.
For example, an application must access various files on the hard drive every time it is run. If those files are spread out on opposite sides of the hard drive instead of gathered and organized neatly, as they are supposed to be, the computer will have to work extra hard and take extra time to access the information it needs. In some cases, severe defragmenting may even cause a program to stop running entirely.
Defragmenting, also referred to as "defragging," reorganizes the hard drive by putting pieces of related data back together so that files are organized in a contiguous fashion. As a result, the computer system can access files more efficiently. By efficiently organizing files and folders, defragmenting will leave the computer's free space in one big chunk. This will allow new files to be saved in an orderly fashion, thereby reducing the need for future defragmentation.
The Windows operating system includes a Defragmentation tool. Like the Disk Cleaning utility, it is accessed by going to the Properties of the volume you want to defrag. Go to the Tools tab and click the “Defragment now” button.
A drive doesn’t need fragmenting all the time. The first thing to do is to click the Analyze button to determine the level of fragmentation. One should defrag any volume with a fragmentation rate of 15% or greater. In that case, simply click the “Defragment disk” button.
Like other tools, there are many third-party defrag tools out on the market. Auslogics (http://www.auslogics.com/en/software/disk-defrag/) is a popular defrag application on the market today. It offers more options and does a better job in some cases.
The screen above shows a typical fragmentation map. Red is bad, blue is good. Notice the blocks of free space represented in gray. Ideally, a defrag tool will organize the files on the drive so that there are no gaps.
For more information on Defragging a disk go to http://windows.microsoft.com/en-US/windows- vista/improve-performance-by-defragmenting-your-hard-disk.
Sometimes when you boot your computer you may be prompted to run the CHKDSK utility prior to the computer booting into the operating system. This occurs when the computer senses errors on the hard drive. It displays the file system integrity status of hard disks and can fix logical file system errors. CHKDSK analyzes the physical structure of a disk to make sure that it is healthy and can repair problems related to bad sectors, lost clusters, and directory errors.
These types of problems can be caused in many different ways, such as system crashes or freezes and power glitches. Incorrectly turning off a computer can also cause corruption in the system files.
Physically bumping or knocking a computer can cause the head that reads disks to hit the surface and damage sectors. Once some sort of error occurs, it can end up creating more errors, so a regularly scheduled disk check is part of good system maintenance. CHKDSK can also serve as an early warning that a hard drive is deteriorating; disks will gradually wear out and sectors may become bad.
You should run CHKDSK manually every once in a while as part of your personal maintenance program. In order to run it in Windows 7 or Windows 8, you must open up an elevated command prompt. To do so, right-click Command Prompt and select “Run as Administrator.”
At the command prompt, simply type the CHKDSK command.
The command above is directing CHKDSK to the C drive. It also has two parameters listed: /f and /r. Here is a list of the CHKDSK parameters and what they do.
Fixes errors on the disk. The disk must be locked. If chkdsk cannot lock the drive, a message /f appears that asks you if you want to check the drive the next time you restart the computer. /v Displays the name of each file in every directory as the disk is checked. Locates bad sectors and recovers readable information. The disk must be locked. /r includes /r the functionality of /f, with the additional analysis of physical disk errors. Forces the volume to dismount first, if necessary. All open handles to the drive are invalidated. /x /x also includes the functionality of /f. Use with NTFS only. Performs a less vigorous check of index entries, which reduces the /i amount of time required to run chkdsk. Use with NTFS only. Does not check cycles within the folder structure, which reduces the /c amount of time required to run chkdsk. Use with NTFS only. Changes the log file size to the size you type. If you omit the size /l[:
For more information on the CHKDSK utility, visit one of the URLs listed below. http://technet.microsoft.com/en-us/magazine/ee872427.aspx http://technet.microsoft.com/en-us/library/cc730714(v=ws.10).aspx
Restore Points
At some point, everyone installs a new piece of hardware, a new application, or a new Windows update which creates an undesired consequence. This is when Restore Point comes handy. Restore Point is a great feature that allows you to restore your computer to an earlier point in time. In other words, if you install a number of Windows updates one day and your computer isn’t working properly, you can restore your computer to the most previous image prior to the installation of the updates. An image is a virtual picture of your hard drive, just like the image mentioned in Lesson 2 when we discussed the concept of ghosting and image in order to install a complete desktop.
Restore points are created automatically before:
A program is installed, assuming the program's installer tool is compliant with System Restore An update is installed via Windows Update An update to a driver Executing a System Restore, which allows for undoing the restore
In other words, every time you install something, Restore Point creates an image that you can restore to in case the installation goes badly. In order to utilize Restore Point, you must ensure that it is enabled. To access the Restore Point menu, simply type “Restore Point” in the Search box at the bottom of the Start menu which will take you to the following menu.
The screen above shows that the C drive is protected by System Restore. To change this, simply click the Configure button.
You can manually create a Restore Point at any time. Restore Points do not affect data files or aspects of the user profile such as Internet favorites. They simply restore system files, drivers, and application files.
To restore the computer to an earlier point, simply click the System Restore button shown in the screenshot earlier. You can then select a date that you want to bring your computer back to.
For more information on Restore Point go to http://windows.microsoft.com/en-us/windows7/create-a- restore-point. Task Manager
Eventually, everyone’s computer runs slow. A number of things can contribute to slow performance. Some of them include: Inadequate amount of memory Inadequate CPU Not enough free space on the system volume Spyware A bad application Fragmented hard drive
A great tool for determining some of these factors is Task Manager. As discussed earlier in the course, you can access the performance tab to review if your memory or CPU resources are being maxed.
You can view the Process tab to see if certain processes are consuming a high degree of memory. If you click the Memory column header, it will sort the processes from largest memory consumption to smallest.
You can terminate many of these processes by right clicking on them and selecting “End Process.” “End Process Tree” will not only terminate the selected process, but all processes related to it. Note that you cannot terminate a process that is run by the operating system itself because the Windows operating system protects itself from having its processes terminated.
If there is a process that is consuming a lot of resources, you can do a web search for the process name to determine if it is a legitimate process for your computer or if it is spyware. On the Application tab, you can also right-click on a selected application and select “End Task” in order to terminate that application. Sometimes an application will hang and be unresponsive. In these circumstances, the application tab will display that application as “Not Running” at which point you will need to terminate it manually.
Spyware often attributes to slow performance as accumulated spyware applications consume more and more resources. Deleting spyware will often improve a computer’s performance a lot.
Your Best Resource
As you have witnessed from this course, there is so much to learn about computers and we have only scratched the surface. The fact is that no one knows everything about the computer and computer applications. This is where experience comes in. The more you troubleshoot problems, the more you will learn.
When you are confronted with a problem you are unfamiliar with, or need to know how to do a certain task such as “How to save a file in a certain application,” the Internet is your best resource. For instance, doing a simple web search for the phrase “How do I save a file in application x” will many times point you to a web page illustrating how to do this. The Internet is full of discussion boards as well, in which IT professionals and regular users post questions or issues that they are having with a computer or application. Believe it or not, many people answer these posts for help and offer questions and solutions.
As stated at the very beginning of this course, learning never stops when it comes to computers. Activities
1. Create a regular maintenance plan for your computer(s) at home.
2. Run CHKDSK for all of your Windows computers.
3. Download CCLeaner from the Internet and run it on your computer.
4. Run the Windows Disk Defrag utility to see if your computers need to be defragged.
5. Verify that Windows Restore Point is available on your computer and, if it is, see if it is enabled. Download an application or game from the Internet and install it. Now restore your computer to the point just prior to this installation.
6. If you have antivirus software on your computer, look through the various management console screens to learn all of its options. If you don’t have antivirus software installed, download a 30-day trial of MalwareBytes.
7. Download one of the spyware applications mentioned in this lesson and do a scan for spyware and delete any suggested spyware applications.
8. Check to see if your Windows computer is up-to-date in its updates and, if not, download and install the necessary updates.
9. Open Task Manager to see which applications are currently running, and manually terminate one of the applications currently running. Then view your processes and sort them according to how much memory they each consume. Which processes are consuming the most?