Thursday, 6 August 2015

What's (secretly) Killing Your PC?

What's (secretly) Killing Your PC

Hidden processes are making your PC slow, unstable and unsafe. Jane Hoskyn reveals how to fix the 10 worst offenders - and none of them are malware!

What on Earth is your PC up to this time? There you were, happily writing an email and touring Spain in Google Earth, when your computer had another one of its funny turns. Your mouse cursor got stuck, the little spinning circle went haywire, and then the screen turned blue. Or maybe everything just ground to a halt again.


When things like this happen, it’s easy to blame malware or even ransomware. And yes, it’s good practice to run an antivirus scan whenever your PC goes bump in the night, and remembering to keep your antivirus up to date and properly configured. If you need a recommendation, Kaspersky Internet Security 2015 consistently wins our rigorous lab tests (www.snipca.com/17394).

However, this isn’t a feature about malware, and you’d be wrong to assume that malware is responsible for all your PC’s funny turns.

So if it isn't malware...?


Malware’s ego is its fatal flaw. Malicious hacking is basically vandalism, so it loves to make its presence felt, which makes it easier for you and your antivirus to detect it and deal with it. It’s destructive but often avoidable.

The stuff that’s really killing your PC is quieter, gentler and much harder to pinpoint. It generally has good intentions, too. Drivers and startup programs, for example, don’t mean to annoy the heck out of you or send your PC to an early grave, but that’s what they’re doing, especially when there are lots of them. Then there’s the system-tray junk that comes bundled with software and lives like a parasite on your hard drive, eating memory and slowly extinguishing your computer.

In this feature, we’ll highlight your PC’s 10 most likely stealth assassins and reveal the best free tools - some new programs, some long-standing favourites - for finding, fixing, stopping and removing them for good.

FIX THE FILES THAT ARE KILLING YOUR PC


1 CORRUPT DRIVERS


Why bad drivers cause crashes


Bad drivers are just as much of a menace on your computer as they are on the road - but at least on the road they’re easy to see. Old and corrupt drivers are tiny files buried deep inside your PC, and they can wreak destruction for years before you figure out what’s going wrong.

Drivers tell your hardware what to do. Every piece of hardware inside your PC or plugged into it - from motherboard to mouse - needs a driver to “drive” it. You can see all your installed hardware in Windows Device Manager. To open it, type device manager into Start and press Enter.

Despite their modest size and uncomplicated role, drivers are notably accident-prone. They go mysteriously missing, fail to update, get left behind when hardware is uninstalled and - as with other file types - get corrupted.

The resulting problems can easily be mistaken for signs of a malware infection. Bad drivers mainly cause unexplained crashes and malfunctioning hardware, which ultimately means a malfunctioning PC.

Fix drivers using built-in tools


When your PC and its components start behaving badly, the Device Manager is your first port of call. At first glance, all you see is a list of hardware categories (‘Storage volumes’, ‘Mice and other pointing devices’ and so on). Work through the list, clicking each dropdown arrow to see all installed devices in that category. Click ‘Show hidden devices’ in the View menu for important system hardware.

Look for the device (or devices) you’re having trouble with, then right-click it and click Update Driver Software. Some drivers can also be disabled or uninstalled via the right-click menu.

If a device is marked with a yellow exclamation mark in Device Manager, its driver is corrupted or not installed properly. Delete the device in the list, restart your PC and let Windows re-detect the device. You may then have to reinstall the driver from the manufacturer’s website. Use the Properties option in Device Manager to jot down details, such as the driver’s full name and version.

Create a system restore point before making any changes to device drivers, whether they’re hidden or not. It’s a good habit to get into before making any system-level changes to your PC.

Weed out Blue Screen drivers


NirSoft’s free, fast, portable tool BlueScreenView (www.snipca.com/17390) is designed to diagnose the infamous ‘Blue Screen of Death’ - the screen you see when your operating system (OS) has suffered a fatal error (Windows 8’s blue screen includes a “sad face” emoticon, as if to rub salt into the wounds). The diagnosis usually involves a dodgy driver, so this safe tool is brilliant for weeding out misbehaving driver files.

When you run BlueScreenView it lists all the DMP (memory dump) files saved by Windows during blue-screen crashes, along with the exact error message that appeared. You can then run the message through Google to find out which driver was the culprit and how best to fix it.

If one particular driver keeps coming under suspicion (graphics card drivers are common culprits), it probably means that driver is faulty, corrupted or even missing. Its associated hardware may even be damaged. Update the driver using Device Manager, and if that doesn’t work, you should consider a hardware upgrade.

2 SYSTEM-TRAY HOGS


Why system-tray icons are a problem


At the extreme right of your Taskbar you’ll see a collection of system-tray icons. Some of these icons may be hidden in a pop-up box that appears when you click a little arrow; you can move any system-tray icon to the box by dragging it into the space above the Taskbar.

Every icon represents a running program, and each program may be responsible for a number of running processes, so the system tray is an important clue to the secret processes grinding away inside your PC.

Some of the icons are important and reassuring. Your antivirus should have an icon in there, for example. Right-click it for options (Settings, Pause and so on), and left-click it to open its program window.

Other system-tray icons, however, are just parasites. They represent running processes that are leeching your PC’s resources without your knowledge. They can appear and disappear from the system tray willy-nilly, like flies at a barbecue, and some are as hard to identify as insects because they provide little or no information about their associated program.

Find and kill system-tray hogs


You kill processes using the Task Manager, right? Indeed you can, and on page 70 we offer six Fast Fixes for making Microsoft’s tool easier to use. But even at its smoothest, Task Manager is a blunt instrument. It assumes a certain level of knowledge about running processes that most of us just don’t have. It’s great if you know what process you want to stop, but the thing about unidentified hogs is that you don't know what they are.

Our favourite Task Manager alternative is the free, open-source program Process Hacker (http://processhacker.sourceforge.net). Its installable version is PUP-free with no hidden charges, and there’s also a portable version (www.snipca.com/17399) that you can store on a USB stick and run on any computer (XP and later).

Unlike Task Manager, Process Hacker lists all processes next to the program that triggered them, along with their system-tray icons. Items are organised in a ‘tree’ format, so you can click a program to open a list of its processes, then click it again to close it up. This is especially useful if you use Chrome and programs by Adobe, whose processes are scattered throughout Task Manager with no rhyme or reason.

Right-click any item for options, including Terminate, Terminate Tree (end the process and all its sub-processes) and Create Dump File (dumps the process’s current memory load).

To get even more out of Process Hacker, click ‘Choose columns’ and decide which extra columns to add. Columns like Start Time and Virtual Size can help give an even better insight into what’s throttling your PC.

Also look at Process Lasso (www.snipca.com/17400), which lets you create rules to prevent certain processes running under certain conditions. AnVir Task Manager (www.snipca.com/17391) is also worth a look, but it tried to smuggle something called Reg Organizer on to our PC and fill our Desktop with shortcuts. All shortcuts are processes, and every extra process chips away a little bit of your PC’s life force.

Definitely avoid the free tool System Tray Cleaner (www.snipca.com/17392). Its installer insists on sticking Wajam on your hard drive, and that’s too high a price to pay. We’re supposed to be saving your PC’s life here, not finishing it off.

3 UPDATE SCHEDULERS


Why you don't need update schedulers


Many of your PC’s background-running processes have honourable intentions, such as keeping your software and plug-ins up-to-date. Software updates are vital for your security (we devoted a whole Cover Feature to their importance in Issue 432), but that doesn’t mean you need update monitors running constantly in the background.

Take ‘Jusched.exe’ (Java Update Scheduler), for example. It runs constantly while your PC is switched on - but it only checks for updates once a month.
Is that really a sensible use of resources?

Know which update tools to keep


Some update monitors are vital. Others just hang around chomping resources like slugs in your garden. To weed out these destructive little pests, open Process Hacker, type update in the search box and press Enter. Then on the Processes and Services tabs, you’ll see all your installed update monitors and schedulers.

Right-click an update item in Process Hacker and click Copy Name or Copy Display Name. Then go to the free online tool Startup Programs Database (www.snipca.com/17401) and paste the process name into the search box. The Database will then deliver a detailed verdict on whether the process is worth keeping or stamping out.

Hie answer isn’t always a straight yes or no. For example AdobeARM.exe’ (Adobe Reader and Acrobat Manager) is “a valid program”, but takes up ’‘unnecessary resources”, so you're advised to disable it and check for updates manually instead. Similarly ‘DivXUpdate.exe’ needn’t run constantly, because it automatically updates anyway when you open any DivX program. The Java Scheduler ‘Jusched.exe’ deserves the boot completely - as does Java.

Disable and delete unnecessary updaters using Process Hacker, then use the superb free online tool Ninite (https://ninite.com) to update just the programs and plug-ins that need updating.

FIX MICROSOFT JUNK THAT'S KILLING YOUR PC


4 PREFETCH PROCESSES


Why Prefetch kills PCs


More to the point, what is Prefetch? Throwing a ball for a dog? Sadly not. Windows Prefetch is supposed to speed up startup by caching files for every program you use - up to 1,024 files maximum. That’s a lot.

Caches initially make programs and web pages load faster, but an over-sized cache has the opposite effect by clogging your hard drive and over-working your processor.

Trivia corner: in Vista Prefetch was renamed SuperFetch, and in Windows 7 it was renamed ReadyBoost (though the cache folders are still called Prefetch). The best of those names, clearly, is SuperFetch. Bring back SuperFetch!

Make Prefetch worthwhile


NirSoft comes to the rescue again with its free, portable tool WinPrefetchView (www.snipca.com/17402). Run it on any computer from XP to 10 to see its Prefetch folders, check which caches need to load when you start your PC, and then delete the rest.

5 MICROSOFT SETTINGS


MS' doesn't mean OK'


Never assume that just because a process is made by Microsoft it's important. Sure, many Microsoft items are vital building blocks of your OS, but some do more harm than good.

For example, the Windows Messenger instant-messaging file ‘Msmsgs.exe’ has been in your default startup list since XP, but will you ever use it? Not likely, and it’s devouring memory behind your back.

Stop Microsoft killing your PC


To get rid of pointless Microsoft junk, look no further than CCleaner (www.piriform.com/ccleaner), one of our favourite free programs ever. Free plug-in CCEnhancer (www.snipca.com/T7403) adds even more power by automatically integrating with CCleaner to expand its cleaning list.

Run CCleaner and look through the Windows tab for pointless tat. CCleaner ticks dozens of boxes by default, but go ahead and tick more once you’re sure they can be removed safely.

But don’t be too gung-ho. As mentioned, some Microsoft processes are important. Check the database Pacs Portal (www.snipca.com/17377) for an informed verdict.

FIX SOFTWARE THAT'S KILLING YOUR PC


6 BUILT-IN BLOATWARE


Pre-installed programs kill PCs at birth


Even a brand new PC is slower and less stable than it could be, thanks to the commercial bloatware installed by its manufacturer.

This rubbish eats up hard-drive space before your PC even leaves the shop. It feels like fraud. You pay for a 1TB hard drive and only get 700GB of usable space (you’ve probably noticed similar problems with new tablets and phones). Then, of course, the bloatware starts wasting processor power when you switch it on.

Pre-installed junk can even be dangerous. The Superfish adware bundled in Lenovo laptops earlier this year was actually spyware. Lenovo was forced to create a Superfish Removal Tool (www.snipca.com/17410) and the business faces a struggle to win back customers’ loyalty.

Decrapify your PC


Free tool PC Decraplfier (www.snipca.com/17405) is designed to ditch junk that comes pre-installed on PCs and laptops. It works on older PCs too, though - and if your PC isn’t new, it'll invite you to create a system restore point before wiping out any software.

Our antivirus (Kaspersky) didn’t seem fond of Decrapifier, which may be testament to Decrapifier’s power. We can confirm the tool is safe, so tell your antivirus to ‘trust’ it when prompted.

Run Decrapifier, click Analyze and wait for the lists to populate. Innocuous programs appear under Everything Else; dodgy programs appear under Questionable or Recommended (recommended to remove, that is). Tick what you want to ditch and click Remove Selected. They’ll be uninstalled in one go.

7 PUPS AND ADWARE


Why PUPs are not cute


To clarify: puppies are cute. PUPs (‘potentially unwanted programs’ -far too polite a phrase) are vicious, selfish PC-killers. Some are obvious, such as toolbars and search engines that hitch a lift into the browser when you’re installing free software. Others are silent, hidden destroyers - and if you find and kill them, they regenerate. They are the stuff of nightmares.

They don’t quite qualify as malware because they don’t steal or spy on you. But make no mistake, they’re hideous. They leech processor power, prevent other programs working properly and can be extremely intimidating.

Kill PUPs for good


Adware and PUPs are masters of disguise and regeneration. We’d call them “superheroes” if they weren’t so rubbish.

So even if you think there’s nothing untoward on your PC, regularly check it for hidden villains using AdwCleaner (www.snipca.com/13532), another of our favourite free programs. Download the portable program file, right-click it and select ‘Run as administrator’. Click Scan and then wait a few seconds while it checks your PC and Registry for dodgy files.

When the message ‘Waiting for action’ appears, click through the tabs (Services, Folders, Files and so on) to see all your PC’s hidden adware. You may be shocked by how much is in there - including stuff you’ve never noticed or heard of. Click Cleaning to get rid of the junk, but make sure you’ve saved any work first - AdwCleaner will automatically close all your running programs and restart your PC. When it restarts, you’ll get a text log of hidden villains and where they were found. Save it for future reference.

Some adware is tricky to avoid even when you’re vigilant, because opt-out buttons can be hidden very cleverly. So it’s worth adding the free tool Unchecky (http://unchecky.com), which automatically opts you out of any PUPs in software installers. Like us it’s not completely foolproof, but it’s a worthy addition to your anti-adware arsenal.

8 FLASH AND JAVA


Why plug-ins are pointless


Plug-ins are amazingly easy for hackers to attack. That’s why Flash and Java are continually being patched - requiring yet more tedious updates on your part.
What’s more, they’re serious memory hogs. So as well as making your PC unsafe, they’re also making your PC slow. Are they worth it?

Kill your plug-ins


We’re fond of our CCEnhancer plug-in for CCleaner, but other plug-ins can take a running jump.

Video websites including YouTube and Netflix are gradually switching from Flash to the safer HTML5 (which isn’t a plug-in) for video support (find out more at www.snipca.com/17412). If you do want to use Flash, set it as click-to-play in your browser settings.

As for Java, ditch it completely. Its occasional usefulness is far outweighed by malware risks, constant updates and the amount of space and memory it consumes.

9 STARTUP JUNK


Why startup programs are destroying your PC


Startup processes are meant to bring your PC to life, not kill it. If too many are set to run automatically when Windows starts, your PC’s speed will suffer.

Even great programs such as CCleaner add themselves to your PC’s startup list without asking you first. It’s not for your benefit, either. CCleaner only runs in the background so it can pester you with pop-ups reminding you that your PC needs cleaning - which you know anyway.

Get rid of startup pests


Our favourite tool for removing startup junk is Autoruns (www.snipca.com/17380), which is free, portable and very easy to use.

Run it as administrator and wait a moment while the list populates, then untick any items you don’t want to run at startup (which is to say, any items you don’t want running in the background the whole time you’ve got your computer switched on).

The list will run to dozens. If it’s too long to read easily, go to the options menu and click Hide Microsoft Entries. Now you’ll only see third-party' startup processes. Click Hide VirtusTotal Clean Entries to only see items that malware database VirusTotal has deemed dodgy.

To speed up your PC and make its processor work less hard, untick any item you don’t need running constantly in the background. Leave your antivirus ticked, but you can safely untick CCleaner - run it manually when it suits you.

If you’re not sure what a process is or does, right-click it in Autoruns and click Tump to Image’ to see it in Windows Explorer. Right-click the file, select Copy and then paste it into the search box at Pacs Portal for more information and a safety verdict.

If Pacs Portal recommends removing the item completely, uninstall it and follow up with AdwCleaner.

10 OLD SOFTWARE


Why old software is killing your PC


Nobody ever gets round to uninstalling all the software they no longer want, and even fewer get round to updating all the software they do want. That may be understandable, but it’s a problem - because old and outdated software is killing your PC. It clogs hard-drive space, runs processes that are long-redundant, hijacks your file associations and just gets in the way. And if you miss vital security patches, it could make your PC dangerous.

Update software automatically


First batch-remove all the programs you no longer need, using Geek Uninstaller (www.geekuninstaller.com/download; click Download Free). Then run AdwCleaner and CCleaner to sweep up any leftovers.

Next, get those updates. To do it manually, use Ninite. To keep your software updated automatically, use the free Personal Software Inspector (PSI) from security firm Secunia (www.snipca.com/17415). You have to create a free account before you can download the tool, but as long as you untick the ‘Yes, I would like to receive...’ box you won’t be battered with spam.

Download and run PSI, click ‘Scan now’ and wait while it scans your installed software and calculates your System Score.

Our score was 95 per cent, which doesn’t sound too bad, but that missing five per cent still represents a big un-patched hole that hackers can exploit. You can then update out-of-date tools from the same window. To switch to automatic updates, click Settings at the bottom of the program window, ‘Update handling’ and then tick Update.