Software Development

Items to address with a PC tune-up

How often do you perform periodic maintenance on the PCs you support? My guess is that most answers will fall between one year and never. Nonetheless, what maintenance steps do you perform? Here's my list.

How often do you perform periodic maintenance on the PCs you support? My guess is that most answers will fall between once a year and never. Nonetheless, what maintenance steps do you perform? Here's my list.

-------------------------------------------------------------------------------------------------------------------

It's always a good idea to perform periodic maintenance on the PCs we support, and it's probably just as good an idea to periodically review the items on our PC tune-up checklist. Here's a start.

Make sure all service packs and security updates have been installed: Sure, most of us have this set to update automatically, but the update settings can -- and do -- get changed at times. And if the automatic update has been turned off, turn it back on and emphasize to the user that it's important to keep it on. Application updates: In most cases, it would also be a good idea to make sure all applications have the necessary updates installed. This also applies to the free stuff like Adobe Reader and such. Update all virus protection files: Again, these are probably set to update automatically, but the same thoughts apply as the Windows updates. Run a virus scan: And make sure it's set to automatically scan periodically (preferably daily). Scan for malware: I prefer Malwarebytes, as do most support pros at TR. See this link for TR member preferences. Delete all temporary files: Including all software installation temp files, temporary Internet files, and so on. In coordination with the user, delete other files that may be obsolete or are no longer needed. Empty the recycle bin: It's amazing to see how large that can get. Check applications and processes: Over time, the applications and processes that run (either in the background or foreground) tend to grow. Check to make sure they're necessary and legitimate. Firewalls: Verify that proper firewalls are in place and turned on. Verify adequate space is available on the hard drive: Personally speaking, I don't like a hard drive to get more than half full. If it's approaching 75-80 percent full, it's a good time to do some serious cleanup (either by the user or done with the user). If files and programs simply can't be removed, plan to install a larger one. (Which will be a service order over and above the normal PC tune-up.) Review the amount of installed memory: The current memory installed might have been adequate at one time, but with application updates and such, it might be prudent to increase the amount of memory. (Again, something that will be a service order over and above the normal PC tune-up.) Defrag and optimize the hard drive: I don't really like Vista's defrag tool, but there are some good free ones available out there. Verify backup procedures: In my case, all data files are kept on and backed up from file servers. But if the user keeps data or e-mail files on the local drive, make sure backup procedures are in place and working. Create a System Restore point: It might be more prudent to do this more than once per year, but if the user can't do it and you can't visit each machine more regularly, once a year is better than nothing. Check the fans: Make sure the fans are spinning freely and quietly: the processor fan, case fans, graphics card fan, etc. If they're noisy or don't spin freely, replace them. (Another service order over and above the normal PC tune-up.) Although it's not always possible to predict a fan failure, it's better to replace them before they fail. Check the UPS battery: The average life of a UPS battery is probably around five years. If it's close to that time, you might want to replace it. If you have a battery life tester, that will give you a good indication of future battery life. (Their costs vary, but the good ones run from between $100 and $175.) Like the fans, it's better to replace the battery before it fails than to find out it has no life when it was needed the most. The computer doesn't even have a UPS you say? Why not? Clean it out: Computers are dust magnets. Use a computer vacuum or a can of air (outside the building) to get rid of it. Focus on the fans and filters (if any). Remove the front panel (if possible) to remove the dust from any cavities or between parts. Clean the rest: Cleaning the keyboard, mouse, speakers, and monitor is always a nice finishing touch. Replacing a grungy keyboard might also be a good idea -- just because some are so dang hard to clean. And some keyboards survive a dishwasher cleaning quite well, although there's several days of drying time involved, so there would have to be extra ones available.

Just like your automobile and your body, performing an annual checkup and tune-up is always a good way to give your computers not only a longer life but better performance.

Your comments are most welcome. And if I'm forgetting an item or two, please add to the list as you can.

72 comments
jwork
jwork

I like to use the free program Ccleaner (download from www.ccleaner.com) to clean up all temp files on the drives I maintain, it also has a great tool to remove any unneeded registry entries. It also will uninstall unwanted programs and allow you to set your startup programs which I find to be a great help in the process of maintaining the computers I support.

NotSoChiGuy
NotSoChiGuy

Depending on your industry, you may need to run some of the proposed items past the compliance and/or legal department. I've been at firms that were subjects in active litigation, and was prevented from doing such routine things as defrags and scandisks. Other than that, this is a good list.

exitatwill
exitatwill

How do you delete all temp files?

kevaburg
kevaburg

If users are turning off Automatic Updates, then sort the domain user accounts out and use WSUS for testing and deployment. Bear in mind that some updates might break applications rather than resolve issues. The same applies for virus definition updates. Full system scans should be done out of hours. Firewalls should of course be turned on, both on the host and Gateway. But there was no mention of checking that the ports that should be closed are still closed. If anything managed to get in and open gateways in, your security becomes a moot point. Restore points? In a business network? Data should be stored centrally and not on the local computer (unless off-line files are being used). The local machine should have the capability of being booted and installed over the network, directly into the configuration that is required. Restore points in this environment are not my tool of choice. Someof the items on the list are user tasks, some are administrator tasks. A user for example cannot defragment a harddisk and some users don't know how to empty temporary files. I am of course speaking from the standpoint of a Windows-based network and in that environment, group policy should take care of the majority of the tasks listed. And the checking of the UPS battery is sensible, but should be part of another plan and not just a casual look-and-see. A UPS is a mission-critical item that falls into the category of disaster-recovery planning at its most important. Occasionally the battery should be run down under load and then recharged. Ideally, the administrator should touch each machine if possible. Start the machine from cold and check the boot sequence. The things to look for here would be: 1. The CMOS battery not supporting the CMOS (ie; flat) 2. The boot menu appearing with every start 3. Drives not being correctly detected 4. Drivers/devices/services not being loaded correctly 5. Chkdsk running with every boot This is just an off-the-cuff list but there is an enormous amount that the Enterprise users wwe support require that the normal home user doesn't and I am afraid your article doesn't differentiate very well.

keithkato
keithkato

Your right, but COME ON... any tech worth his salt would, and should do all of these once a month. (unless he wants the sack).

LocoLobo
LocoLobo

It seems that when I use disk cleanup it only deletes temporary files for the user who is logged in. Am I wrong? I would like it if the disk cleanup utility allowed me to cleanup all user profiles.

derek
derek

I think this is a GREAT and thorough list... not perfect, but either is technology, but nonetheless, a great list...for B/F model tech support.

jmarkovic32
jmarkovic32

What about us one man shops? I refuse to clean keyboards. At less than $10 a pop I always keep a few spares in inventory and just replace them. Let me also add running a CHKDSK to the list of maintenance tasks.

wolfgang
wolfgang

I agree with all except the updates. As an associate of mine has in his email signature line "software updates . . . replacing old bugs with new bugs". Seriously, If Microsoft and all would ever explain some detail of their updates, I would be much more inclined to trust my computer to their care. Wolfgang Franke

itpro_z
itpro_z

All of your advice is good, but I always hit the Add/Remove programs list and get rid of the junk that the user has accumulated. Do they really need four different versions of Acrobat Reader? What about all of those toolbars that appear in IE? Other software that has a way of creeping onto a system includes iTunes, Safari, Chrome, QuickTime, RealPlayer, PC optimizers, and various online backup services. Apple and Google are the worst offenders, but it is sometimes amazing the crap that a user can manage to download. Before you ask, yes, our users run with administrator rights because some of our software won't work otherwise. I even find systems where the user has removed our AV software and installed something else because someone told them that it was better than what we use. Of course, games are also found, and the user never seems to know just how they got there.

Neon Samurai
Neon Samurai

Something the discussion so far brought to mind. Checking for hot components and adding additional fans. I took a box to a friend and the first thing he did was grab his glue gun and add a little inch and a half fan to the chipset heatsink. Between that and organizing the case a bit better the machine hasn't had any heating issues since.

NickNielsen
NickNielsen

The only addition I can think of is that you should remove the processor heat sink/fan and clean under it as well. For some reason (static charge? ?:| ), dust tends to collect there in my PC and other PCs in the family.

Lost Cause?
Lost Cause?

Not enough time in the day to perform cleanups once per week. I live in the bootheel of New Mexico where the dust blows for 3 months out of the year. Is there a remote tool that will do the Hard Drive cleanup for me? We have 3,000 computera and only 4 techs to do the everyday stuff (mostly break / fix) for the public schools in the county. Always looking for a way to get the edge.

JCitizen
JCitizen

Got to expand that readership!

JCitizen
JCitizen

I imagine CCleaner doesn't because of file permissions, and general policy restriction factors. That would be dad-gummed handy though!

JCitizen
JCitizen

for reasons obvious to file integrity.

Oz_Media
Oz_Media

I find that going through Add/Rem always turns up at least three or four apps I don't use anymore or on other machines I always find toolbars etc. that need to be uninstalled/disabled. usually onlhy takes a few minutes and you can remove a lot of crap that also removes startup entries, reg keys, ackground processes etc.

chrisritchie
chrisritchie

If these are business machines, it may be quicker to just re-image the machine when it goes from one user to the next. That would save the tech the time of figuring out what programs to keep & remove, cleaning up the various junk & registry entries, making sure programs are up-to-date, etc. Assuming that your desktop image is up-to-date, this just seems like the way to go. Unfortunately, most of us don't have the time on our hands to touch the machines if they are currently in production and in use, as a thorough tune-up & cleaning takes time. However, this is a great list when it needs to be done (in my case usually when the user departs his or her position or when the machine becomes so slow that the user complains.)

Neon Samurai
Neon Samurai

If your supporting user personal machines I can see how they add games and replace the AV but if these are business machines, you may want to look at why users are able to install and uninstall such software.

lordazoth
lordazoth

Another thing would to check the cabling for signs of damage or if the cables are intruding to much in to the air flows. Had a friends computer near crap itself because of dust and poor cable management. He took it back to where he had it built and they started to lecture him on it. They kinda shut up when he told them that it was one of their techs that built the machine and did the cables that way.

Joe_R
Joe_R

..... (don't you hate [i]howevers[/i]?) In order to remove some processor fans, it's not possible unless the processor comes with it (as they practically weld themselves together); and in some cases (no pun was really intended), the processor tightening lever can't be disengaged unless the fan is removed first, leading to a catch-22 type situation. In many cases (there's that unintended pun again), it's actually easier to remove the whole motherboard if you want to remove the processor and/or processor fan. And depending on the computer case itself and what kind of processor fan was used in the first place (some are kinda' huge!), I've even had to remove the power supply in order to remove the motherboard (if the processor and fan is still installed). Therefore what, you might ask? Therefore, it might be a one hour job to replace the silly processor fan. Not that it wouldn't be worthwhile, but if a person charges time and materials, it could get rather expensive.

santeewelding
santeewelding

You get down on your hands and knees a lot, don't you? Can I get you to come over to my place? Not only no, but f-no? Okay.

Neon Samurai
Neon Samurai

I hear it's also good to replace the old baked transfer goo with fresh silvo or similar.

Neon Samurai
Neon Samurai

CCleaner can run when the user logs in. Disk Cleanup and programs like myDefrag can be run from the system scheduler. Diskkeeper has a nice schedule setting that only runs if it will cause improved performance.

enticeme
enticeme

Keep up the good work. Thank you .

726tacrecon
726tacrecon

ATF Cleaner Select all and let it rip.

Lost Cause?
Lost Cause?

Wonder why the folks at JAVA don't have a removal of previous versions built into the new installs. I have run across machines with 9 or 10 versions of JAVA installed. I manually remove all except the newest version and all looks OK.

alexisgarcia72
alexisgarcia72

I always have 5 pcs in stock already with the new fresh images. If we have new hires, I only login the user and setup printers / map drives (scripts and roaming are off for now) and is done in 5 minutes. Fresh new pc, user happy, IT happy...

itpro_z
itpro_z

Sure, when the machine changes users we many times will wipe and do a clean install. When I visit a machine and find non-approved software, I just remove it and talk to the user about why the offending software is not allowed. Most of the time the user did not install the programs, but they piggy backed on something else. As I mentioned, Apple and Google are especially bad about this. I have users who need QuickTime because their video camera captures in .mov format, and they end up with the full iTunes suite and all of the crap associated with that, not to mention Safari. Google, of course, wants to install Chrome and a host of other apps just because the user downloaded Google Earth, which some of our users need. Even when I uninstall the unneeded apps, they tend to come back with the next update. Keep in mind that this only affects a small percentage of my users.

sterghe
sterghe

Some of the classes I teach involve bringing a bunch of not-tech-savvy people into an open lab, logging them all into admin identities, and proceeding to wander through hidden system files and everything else together. Some of you probably edited your register for the first time in a classroom--have you ever thought about how the IT people there protected *those* machines? Even if we're supposed to stay together, sooner or later someone's going to do something completely different from whatever I just had up on the big screen. That person may then even try to hide the gaffe instead of mentioning it immediately, compounding any problems. And yet, we "miraculously" have very few real problems with our lab computers. Our "miracle" is named Juanita, who'll happily reimage one machine or the whole lab at will. With a maintained backup image on the server, and all software there kept up-to-date, she's the secret behind our happy and smoothly functioning instructional lab.

itpro_z
itpro_z

We don't lock down our machines, for a variety of reasons. One is that some of our critical apps require that the users run in full administrator mode, as I mentioned above. My organization is also a government entity, which means that I have to deal with elected officials, judges, and law enforcement. Some of these people tend to be somewhat independent minded, as you can imagine. I can't just lay down the law to a judge or an elected department head what they can do with their computer. Instead, we must explain why we do things a certain way to keep everyone on board. For the most part, this works well for us. When someone crosses over the line, we explain what they did that is against our policy, why our policy exists, and correct the situation. Our people are professionals, and we treat them as such. The end result is that we sometimes have to clean up a mess, but we maintain the respect of our users. First and foremost in our minds is that the IT department is here to support our users. What we do is important, but they are the ones doing the real work.

Neon Samurai
Neon Samurai

Every time I build a new case and think I've managed to improve my own ability with the art of cabling, I take the box back to this hardware hacker friend and watch him still manage to clean it up further. Speaking of cabling.. oh me want.. me can't remotely afford.. but if I could.. it'd be this: http://dl.maximumpc.com/galleries/level10/lvl10backgut_lW.jpg Very obviously and intentionally providing a conduit area for cabling. I know cases to provide some conduits and this one by necessity kind of has to do it this way but still..

NickNielsen
NickNielsen

It seems to happen much more often when the PC has been off for a while and the unit is cooled off, allowing the thermal compound "weld" to set. In my work, the customer has usually left the PC powered up in the forlorn hope that it will magically start working again and they can use it to sell stuff; the warmth loosens that weld. I'm very glad that processor pins these days are so short; I've only once bent a pin when the processor did come out with the heat sink. Am I lucky? I sure hope so! As for the "many cases" punishment...I don't see it much now, but I've seen it quite often. For whatever reason, it's almost always an OEM PC and not a home-built that has those problems. And finally, the flip response: It gives you the opportunity to clean the excess thermal compound from between the heat sink and processor!

JCitizen
JCitizen

as their are many good utilities I'd like to try, but their FAQs warn against trying them on 64 bit systems. However it is worth looking into; Thanks!

JCitizen
JCitizen

It doesn't work on Vista, but my XP users will appreciate your advice! It will definitely make their day!

Neon Samurai
Neon Samurai

It's relatively new though. I think it was around version 6 update 9 (maybe update 10?). Something pretty recent anyhow. Since then, updates have removed previous version 6 installs. My v6u16 removed v6u15 for example. The older versions 5 and previous are probably still a manual removal though. My grief with JAVA is that it re-enables the auto-update function. After each update, I have to visit control panel to disable autoupdate checking. For home users who are not going to check themselves, it makes sense. For business machines or other places where updates are managed by the admin rather than whim of the dial-home app, it's a pain. It should simply leave the setting as it was previous to the update; if it's disabled, don't enable it by default. Previous update version removal should be there now though. Heck, even Flash managed to replace the previous versions now which is a welcome change from how it's behaved previously. (if only they'd put the Flash plugin in the Mozilla repository now)

JCitizen
JCitizen

As I like to say,"Happy-happy-joy-joy" Like Stimpy the cat! :)

Neon Samurai
Neon Samurai

Not sure about Google's apps but with Quicktime there is a "quicktime only" and a "quicktime + itunes" installer download available. Of course the bundle is default but you should be able to get the player only. It'll not install itunes and shouldn't add it with updates by default.

Neon Samurai
Neon Samurai

VMs would give you the easy revert to recovery point type function. A backup server and easy re-imaging is a great way to go though.

726tacrecon
726tacrecon

A govt agency is almost assuredly taking federal money and is subject to a few regulatory requirements that this admin obviously has no idea of. There is no application I have ever encountered that could not be made to run for a user without full admin access to the box. This is just plain irresponsible and unprofessional.

JCitizen
JCitizen

relating to anything personal health. We could reign in the law, and nobody could argue, because they didn't want to go to jail. Your're right it wasn't the administrator trying to gain a kingdom, it was the CIO trying to stay out of jail! We never got anymore arguments from "power users" after that passed! And lo and behold, almost all network and PC problems dissappeared?!? Hmmm! Now trying to get software vendors to code language for restricted users, that one was tough. Sometimes our in-house programmers tried to fix the situation themselves and argue with the EULA authority later. What we need is a personal privacy and goverment standards law that could give IT administrators [u]more[/u] teeth to lock it down. Not less!(At least in the US)

Neon Samurai
Neon Samurai

so you don't actually have anything to contribute to the conversation. Smells remarkably like a forum troll. So, you've had your two of three chances. If your third try is no better than your first two, then run along little trolly. If you can manage to refrain from the baseless personal accusations and offer something regarding the topic of the technology then let's have an actual conversation like adults.

Eric Hall
Eric Hall

I noticed you've already posted around 20 comments on this site since the beginning of the month, so I wonder what exactly you do for a living that permits such an extravagance. You must be self employed so congratulations on your ingenuity. And if so, the network is really yours, so no one, least of all myself would dare suggest what you do to secure your personal property. But just one suggestion...learn how to use a spell checker and don't take me so seriously! :)

Neon Samurai
Neon Samurai

Let's look at your comment. "The writer justifies tying the hands of users as a security necessity, not treating users like children." "The writer" justifies no such thing as tying the user's hands. There is a huge grey space between completely locked down and fully wide open. I suggest that it may be worth looking for ways for users to work without admin rights by default. I even suggest giving them the admin password so that they can make use of admin rights when needed without always being admin by default. "But he reveals his own status as a self-imposed dictator when he refers to himself as having the "keys to the kingdom."" You missed the point so let me clarify. My job is to know the admin password. My expertise includes working on systems under admin rights. Even with that kind of access, I don't regularily log in and work as admin. I work as a regular user on the system and elevate specific programs to admin if they require it. When absolutely required, I log in as admin but only as long as needed. The point isn't that I'm deluded into believing I'm some mighty savior but that admin by default is not a good idea. "protect the few at the expense of the many" So, let's say that for whatever reason the information they are working with happens to be your social security and banking information. It walks out the door because any user has access too it. we can't check the logs to see who walked out the door because any user can delete those too. Since any user can install software, the system is also bugged with screen and keyloggers reporting home now; and they are good, the AV doesn't catch them. You find out that your accounts are empty and you have four new credit cards registered in different states under names you've never heard of. Your credit rating is destroyed (no loan, car lease or home mortgage for you now). The bank also won't be replacing your account balances you strangely transferred to a nice family in Nigeria. Are you seriously going to think "well, it's ok because leaving the system irresponsibly vulnerable while managing such information maximized the staff's convenience." Your not going to ask why such lax security was applied to the network which has now caused you several years of grief to clean up? Your profile says your a database administrator. Do you leave all databases and tables wide open for any connection to work with. No user name or password, just connect to the database server and run whatever SQL strikes one's fancy? You wouldn't mind if a user accidentally delete a few tables. Should your users who only need to read or read and modify entries in the database still have full permission to drop databases, drop tables, create user accounts. Do your databases hold any information of value to the company you work for? Do they hold any information on customers your company does business with? Is there relevant levels of access settings you could apply to your databases between the extreme of a wide open system allowing anonymous connections and a system so locked down that no user can even connect to make use of it? Your snide suggestion that "the writer"'s comment was all about playing king of the castle also seems to ignore acknowledgement that improving the security of a government network may not be up to the IT staffer responsible for it. It wasn't a black and white "Lock it down so nobody else can play in my sandbox" thing. Mind you, I would be very interested to hear comments related to the security of the network and if or what theoretical options are available to the admin who's head rolls if there is ever an embarrassing event on the local paper's front page. You've had your childish shot at "the writer" suggesting personal criticisms. Now, let's focus on the network as a "what if" scenario and discuss why it may be best to leave it wide open and what other options could be applied. This purely theoretical of course. (encase you mistake it for dictating what itpro_z should march into the office and due on Monday) Let's have it. Based on your expertise in information security, what is your analysis of such a network and available options?

Eric Hall
Eric Hall

The writer justifies tying the hands of users as a security necessity, not treating users like children. But he reveals his own status as a self-imposed dictator when he refers to himself as having the "keys to the kingdom." So Hail to the King, who will "protect" us from the few at the expense of the many!

Neon Samurai
Neon Samurai

Do the police staff consider speed limits and other laws a matter of treating all drivers like children? Limiting admin rights is not about treating the user like a child but about protecting the system including what others can do through another user's account. Open a bad mail attachment, click anything within the "PC Protector" popup window, get hit with DNS poisoning or a hyjacked website ad; heck, anything that can get into the system gains admin rights by default. Accidentally delete a file or get bored and go exploring through the other user's files; user is admin so there are not barriers against it. Has your upper most management been briefed on the risks involved in this setup and then signed off on it or who's head rolls when the office does suffer an embarrassing breach that can't be kept quiet? Can you get or does the government require a periodical third party penetration test that would help show them that proper security practices is about protecting them and the organization not treating them like children? With the amount of data breaches reported and by extension, the amount successfully hushed, such disregard for security is irresponsible. There must be a better way to manage the shoddy apps that require admin rights. Is there no way to explain to the users why they should be limited to a user account on machines they don't own? I have the keys to the kingdom and even I run as a regular user unless absolutely requiring a full admin login. The concern is that a government organization is demonstrating the very definition of "allow all and deny as needed" but skipping the deny as needed in favor of a stern talking too. By now with the constant reports of data breach in big business and government, "deny all and allow only the minimal necessary" should be the obvious security approach. The type of organization with such a current security approach is bordering on irresponsible if not well over the line unless all your staff are computer security experts also. I should clarify a little also. I don't mean to criticize you directly. Shoddy apps are written by others and it's always harder to remove privileges from users than to give them. The network does have to support the work rather than the work bending to the limitations of the information systems. If there is any possible way to correct the organizations information security though, I'd seriously consider it. (This probably comes off heavier than intended but it's a rather shocking situation though I do empathize your having to support such a wide open target due to the demands of users who are not experts in system security though probably very expert in there own areas of law and enforcement)

santeewelding
santeewelding

The admin privilege is that of the admin privilege accorded to every officer with a gun, or judge with gavel. Can't see how else you could do it. I would quibble only about your next to last word.

JCitizen
JCitizen

Is that a media center by chance? Or server, or what?

JCitizen
JCitizen

most companies had their users run their PCs 24/7, so they could do maintenance at all hours. Without the constant cooling and warming cycles even the old chips stayed good and tight! I used to do the same with my old DELL - I probably ran it that way for six years. It is still tight as a drum. Can't remember when I had to do more than crack the side panel to dust things out. Still use old betsy to this day.

NickNielsen
NickNielsen

Chip creep was very much a problem 20 years ago, but with most chips now soldered into place, and improvements in cooling technology, it's not so much a problem today. http://foldoc.org/chip+creep "Card creep", the loosening of cards due to thermal flux, does happen, but very rarely. Most methods of fixing computer components in place usually prevent it.

pdr5407
pdr5407

I read that "chip creep" is a problem that can happen when the thermal heat from computer use causes add-on cards like NIC's, Video cards, and RAM chips to move from there slots. This results in OS errors and BSOD's over time. By re-seating these components is good preventive maintenance.

Editor's Picks