Overall Windows tips

 Security

Passwords / personal info

First, beware of entering a password on ANY site where you do not see:  HTTPS://  at the beginning of the url (address). If you only see HTTP:// that means the site is NOT secure, and your password is transmitted over the Internet in "plain text", i.e. anyone "sniffing" the Internet has your password.

In FireFox, you wll see a nice green padlock at the beginning of the address. If you see a grey padlock with a orange triangle and an exclamation mark, that means the page is not secure, that there are some insecure elements on the page, usually links.

copy the address and go to http://whynopadlock.com and paste the address there, it will analyze the page and tell you why it's insecure.

Do NOT use the same password for everything. Try coming up with a system that will help you remember the passwords. Don't keep a list of your passwords on your computer (you heard me!)

Don't store credit card info on any site that you can stop it. Elmininate any information in any accounts you are not using. IMPORTANT: I advise AGAINST trying to delete accounts. It is too easy to create an account in your name by someone else, since the first time you create it, it has no idea of your email address... changing an account almost always notifies the original email address, so for all things you pay on, like utilities, car loans, house lones, make an online account immediately and protect yourself.

I do not believe in ANY social media sites, if you MUST have one, the just use one, point all your friends there, lock it down, don't put anything on when you are going on vacation, you home address, birthday, etc.

At least make information private so only your "friends" can see it. Don't use Linkedin as Facebook, you CANNOT limit your "network", i.e. your "friends" can add more friends for you.

If you are FORCED to enter personal information, then put in false email addresses, phone numbers or birthday. On the birthday, make a "false" birthday that you remember (because you might have to use it to access some site)... if you see that birthdate pop up somewhere else, you know it's been compromised.

If you are on a web site and you don't want to be there, contact the webmaster, normally they will eventually cooperate.

Get off mailing lists, or at least make a "garbage email address" to put them somewhere.

The 'right to be forgotten' ruling  recently enforced in Europe  means that search engines can be made to remove links to publicly available news items from their search results. While Google has appealed the ruling, many links have been removed -- although this has resulted in the creation of lists to de-indexed pages in its stead -- due to the belief that irrelevant and inaccurate information gives a data subject the right to request removal from a search engine data controller.

Software

Basically, don't install anything you don't need. Don't install toolbars, and uninstall things that you tried and do not use.

Turn off all the notifications you can.

Social.

Google yourself and track down where the information is and get it off the internet, or at least get it corrected.

 

consider using private browsing in your internet browser all the time, some web sites will not tolerate it.

block adware with something like Ghostery

Email

DON'T use web mail, why are you leaving all your personal mail stored on a server to be hacked or given up to the government on a whim, or some nosey person working there?

Use an email "client" program, like Microsoft Outlook (the best), Thunderbird (free), and keep your emails on your computer.

I recommend against using email from Yahoo, Google, etc. EVEN IF you download them to your email client. This is because Yahoo and Google will still "see" your emails. Find a nice ISP to host your email, and tell them you don't want it backed up (which they probably are not doing anyway). I've used a small ISP, Khoza Technology for years, very happy.

Note, if you try using outlook with Google Gmail, you have to enable a setting in your account security settings, called "Access for less secure apps", hah! the nerve of Google saying that keeping your emails off their server is LESS SECURE! Leaving ANYTHING on Google is insecure.

Keep it clean

Use a file and registry cleaner and other regular maintenance as on my weekly tips

When you uninstall programs, often they leave directories and crap behind, and also you should periodically look for large files left behind, exe or zip files used for installation, etc. One nasty issue with windows, and it's been there since Windows 7, is that often the windows file explorer will NOT find certain files, even if you have the show all files options set. I recommend getting a third party file explorer, because you CANNOT TRUST Microsoft file explorer. I have used Free Commander XE and it is WAY faster than windows file explorer, and it works, and has more features. As another benefit, you can turn indexing/windows search off to save cpu and disk access. It's really a pity that Microsoft cannot keep a program so BASIC working reliabily. You can google this topic and see for yourself. Shame on you Microsoft.

Another related tool is TeraCopy, the windows copy/paste/drag is pitiful with large files. I was copying a bunch of files across a VPN connection and it was telling me 7 hours, TeraCopy uses variable buffers, and also tells you more info in a better UI when there are same named files.

 

Locking down windows

 

AVG context menu, stopping it.

For 32-bit :

 regsvr32 /u  "C:\Program Files\AVG\AVG2014\avgse.dll"

For 64-bit:

 regsvr32 /u  "C:\Program Files (x86)\AVG\AVG2014\avgse.dll"

 

Stopping programs for automatically running

This part is USE AT YOUR OWN RISK, and may not be applicable for all versions of windows.

Use the schtasks program to create a file showind the scheduled tasks and you can disable them.

From a command line use the help to see what to do.

I created a csv and looked at it with excel, so I could sort it according to enabled and disabled.

schtasks /Query /fo csv /v > tasks.csv   - execute this to create a csv file you can look at.

Now check out the status, and next run time, etc.

To disable a task you need:  schtasks /Change /TN (then the task name in quotes)  /Disable

I have found lists of tasks to stop, here's one, no validation on my part yet...

schtasks /Change /TN "Microsoft\Windows\AppID\SmartScreenSpecific" /Disable

schtasks /Change /TN "Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" /Disable

schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\Consolidator" /Disable

schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" /Disable

schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" /Disable

schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\Uploader" /Disable

schtasks /Change /TN "Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector" /Disable

schtasks /Change /TN "Microsoft\Windows\NetTrace\GatherNetworkInfo" /Disable

schtasks /Change /TN "Microsoft\Windows\Windows Error Reporting\QueueReporting" /Disable

schtasks /Change /TN "Microsoft\Windows\Shell\FamilySafetyMonitor" /Disable

schtasks /Change /TN "Microsoft\Windows\Shell\FamilySafetyRefresh" /Disable

schtasks /Change /TN "Microsoft\Windows\Shell\FamilySafetyUpload" /Disable

schtasks /Change /TN "Microsoft\Windows\Application Experience\AitAgent" /Disable

schtasks /Change /TN "Microsoft\Windows\Application Experience\ProgramDataUpdater" /Disable

schtasks /Change /TN "Microsoft\Windows\Autochk\Proxy" /Disable

schtasks /change /TN "Microsoft\Windows\Customer Experience Improvement Program\Consolidator" /Disable

schtasks /change /TN "Microsoft\Office\OfficeTelemetry\AgentFallBack2016" /Disable

schtasks /Change /TN "Microsoft\Office\OfficeTelemetry\OfficeTelemetryAgentLogOn2016" /Disable

schtasks /Change /TN "Microsoft\Office\OfficeTelemetryAgentLogOn" /Disable

schtasks /Change /TN "Microsoft\Office\OfficeTelemetryAgentFallBack" /Disable

schtasks /Change /TN "Microsoft\Office\Office 15 Subscription Heartbeat" /Disable


 chkdsk command / parameterMeaning  FAT32 / extFATNTFS  As of Windows version
 Volume Specifies the drive letter or volume (followed by a colon) or the mount point x x 
 File name Specifies the name of the files you want to check x x 
 /F Fixes errors on the disk x x 
 /V  Displays the full path and name of every file on the drive x  
 /V  Displays any cleanup messages   x 
 /R Finds damaged sectors and recovers readable information (implies /F if /scan is not specified) x x 
 /L:size Changes the log file size to the number of KBs you specify. If you do not specify the size, the current size is displayed  x 
 /X  Forces the volume to dismount. All open process on the volume are then invalidated. (Implies /F)  x x 
 /IRuns a check of index entries (less vigorous) x 
 /CCycles within the folder structure are not checked x 
 /B Rechecks all bad clusters on the volume (implies /R) xWindows 7
 /scanRuns an online check, allows drive to stay mounted, not all fixes can work xWindows 10
 /forceofflinefixBypasses online repair (must be used with /scan); errors found are queued for offline repair (i.e. chkdsk /spotfix) xWindows 10
 /perfUses more system resources to speed up verification; can have a negative impact on the performance of other tasks running on the system (must be used with /scan) xWindows 10
 /spotfixRepairs the errors that have been logged by the system during use, does not scan whole drive xWindows 10
 /sdcleanupRuns a memory cleanup for unneeded security descriptor data (implies /F) xWindows 10
 /offlinescanandfixRuns an offline check and fix on the volumexxWindows 10
 /freeorphanedchainsFrees unneeded cluster chains instead of recovering their contentsx Windows 10
 /markcleanMarks the volume clean xx Windows 10

 

 
 

 

 

Weather Underground PWS KCACARLS229