PC Tune Up SE


Does your PC run slow? Are you seriously contemplating taking it into a computer repair show where they'll charge you $100+ to speed up your system? There are a few things you can do before you succumb to the computer "repair" shop.

PC Tuneup

Websites that claim they'll scan your PC for free if you download their software are nothing than money mongers — seriously, it's a rip off. Even if you have a fresh install of your operating system they'll claim you have viruses and other malware. If you think you have malware see this lovely article on malware. There is also an article on virus removal if you know that your system is infected.

The Tools

Windows utilities don't always have a good reputation with users (whether they are computer savvy or not). Utilities like Task Manager, Disk Cleanup, Disk Defragmenter, and Services Panel, Event Viewer, Windows Explorer, and System Restore.

These utilities can usually be found in the System Tools portion of the Accessories menu. All of the highlighted items are essential pc tools that you should be aware of.

PC Tune Up
Though this OS is Windows 7, the location of the tools is the same for Windows XP and Vista.

Step 1

The first step is something quite obvious but is commonly overlooked. You need to ask yourself, "Do I have the most recent updates for my PC?" As it was stated before, this may seem like a dumb question but it is not. Sometimes, problems due to speed or hardware not working are caused by out-of-date drivers and software patches. To see your most recent service pack, open Run by pressing Window Key + R or opening it via the start menu and typing winver.

OS Service Pack
Windows XP Service pack 3 (all but XP Professional X64)
Windows Vista Service Pack 2
Windows 7 None to date

PC Tuneup

This shows you the version of Windows OS you are currently using and the Service Pack which is installed. As we can see from this example, we have Windows Vista with Service Pack 2 installed.

A Service Pack is a major OS update that updates core files of the OS. They are different than a regular OS patch. One key difference is the size of the update. Most service packs are well over 100MB in size.

To check and see if you have any updates, navigate to control panel and select Windows Updates.

For XP users it will be on the left-hand bar menu and for Vista users it will be under System as the first option. For Windows 7 users, click on System and Security and then on Windows Update.

Click on "Check for Updates" and Windows will check for any updates that you might need. If it finds any updates, be sure to install them and then restart your computer if you are prompted to do so.

Step 2

The next step is to remove unnecessary files from your system using Ccleaner which is a free and open source utility for all to use. It comes with a windows system cleaner and a registry cleaner together. This is a great utility to install and to run at least once a month.

PC Tune Up

Ccleaner will clean up various applications and various windows items that you select. Looking at the image, we can see that there are several applications and windows items that are using quite a bit of space on the hard drive.

Step 3

Next we want to defragment our hard drive. There are two utilities that are excellent and blow away the Windows Disk Defragmenter. Auslogics Disk Defrag and Piriform's Defraggler. Personally, I prefer Auslogics over Defraggler because it comes with an optimization option and it is usually faster.

These examples are screen shots of Auslogics before defragmentation and after defragmentation.

Before After
Fragmented Hard Drive Defragmented Hard Drive

But what exactly is fragmentation of the hard drive? First we need to understand how a hard drive works. Most hard drives that we have are called magnetic hard drives which consist of one or more platters and a read/write head. Data is written in these 512-byte slots on the hard drive called sectors. The amount of space on the hard drive is determined by the number or sectors in each track. A track is a full rotation around the disk platter.

Data is stored as a magnetic spot in the hard drive and the absence of data is stored as a non-magnetic spot in the hard drive. This is also known as storing data as binary (0's and 1's). The presence of a magnetic spot is "1" and the absence of one is a "0". 8 bits = 1 byte, so each sector can hold 4096 bits or 4.096 kilobits of information. Translated into the terms of bytes, each sector can hold 512 bytes of information.

When we write information to the hard drive, the information sometimes gets scattered because it is using the closest sector with free space. More notably, when we uninstall programs or delete files, that frees up the spot on the platter so data gets written to that spot where the old data used to be. This allows for data to get placed in different sectors on the hard drive and thereby increasing the access time for the read/write head to get the data we need.

The defragmentation process places data in the proper sectors and tracks there the majority of the data is for that particular file or program is found. Auslogics does a little bit more with the optimization option, however. The optimization option "compresses" the free space we have instead of merely moving data to the right spot. This places all of the data we have in a single compacted block on the hard drive to further decrease the access time. Read more about the defragmentation process here with Auslogics' great explanation.

These images below depict the fragmentation, defragmentation, and optimization process.

Fragmented Hard Drive Deragmented Hard Drive Optimized Hard Drive

Step 4

msconfig. Though this seems somewhat daunting, fret not PC users. Run is a great tool and is the gateway to many PC features and shortcuts. We must open Run by pressing the Window key + R or by opening run manually. Type msconfig and then navigate to the Startup tab. Hide and non-windows startup services (if you have the option) and begin unckecking all non-windows startup services. Leave core services like video drivers and wifi drivers checked. Items like iTunes, Adobe, Quicktime, and other programs can be unchecked because we don't need them to startup right when our OS loads.


All of the items that are highlighted are things we don't need to be loading during the startup process. There is a more advanced way of going about this; however, this is the practical and easiest way of increase your systems speed during startup.

Notice that we leave the NVIDIA, touchpad, google update, and our anti-virus programs checked so they launch during the startup process. These are all items we want to loading during the startup process.

Step 5

Run a virus scan with your existing antivirus software or by using Microsoft Security Essentials or you can browse paid anti-virus programs. But if you're running any version of Windows, AtomicPages commends and endorses the use of Microsoft Security Essentials.

PC Tune Up

Be sure to update your virus definitions daily and scan your system at least once a week and stay off of websites with bad reputations. If you want to check how reputable a website is, we recommend the WOT Plugin for Firefox/Chrome/IE/Safari. This plugin check to see how reputable a website is from community votes. This plugin will warn you if you are visiting a website with a poor reputation.

How to Prevent a Virus


Although this might seem like a silly question, "How to prevent a virus?", some people really have no clue how and why we should protect against malware and other technological parasites.

Why Protect?

Let us assume "malware" is an all-inclusive term that includes, but is not limited to, worms, viruses, grayware, riskware, scareware, and trojans. Why on Earth would we protect our computers from these little bits of code that could possibly have no adverse effect on our systems? Well, you always must think to yourself, "what if?"

What if you did visit a website or opened an email attachment and you did get malware from this malicious website or email attachment. What if this malware took over your computer and copied itself into hundreds of directories and was secretly logging every keystroke you made on your computer. This malware could potentially have banking usernames and passwords, credit card information, or other personal information that is sent over the internet.

What if malware took over your computer and began deleting critical system files and folders? It would be annoying to have to reinstall your operating system because malware hijacked your computer. But this doesn't happen with ever infection; we need to weigh the pros and cons of both sides.

Pros Cons
Protects system against malware Reduction of system performance
Peace of mind Expensive anti-virus programs
Less chance of becoming infected Doesn't always catch everything
An extra set of eyes always watching out for your system I don't need it because I don't visit malicious websites

As wonderful as these arguments are, it is still better to have anti-virus than to not have it. When surfing the world wide web, you never know what your system might catch. Even if you visit a website that you know is malware-free, it still could give you malware. Malicious code writes are always coming up with better ways to infect systems and steal information or cause a nuisance.

What Programs to Use

It is a well know fact that there are a billion different anti-viral, anti-adware,and anti-malware programs. Not to mention email filters, spam filters, and popup blockers.

This begs the question, "What program should I use?" In my opinion, the best option is always the free option. This will save you money and will suffice in most cases. Great free programs are the following:

There are other paid options, however. According to CNET ( a widely respected and well known technology-based website), the top paid anti-viral programs were the following:

To see the full list the CNET's reviews, check out this link for the full list.

Personally, my favorite antivirus is free and it worked wonderfully. Download Microsoft Security Essentials for free and be protected from viruses and other malware. This software works very well and AomicPages strongly recommends this program.

Tools for Virus Removal


Whether you wish to prevent having a virus or malware or if you suspect your system to be infected, here we will be going over some tools and utilities that can be used to prevent malware or to clean your system.

Disclaimer: This is merely for instructional purposes. I am not responsible for any mishaps that may overcome you and your system while executing some of the techniques covered in this tutorial.


Is your system showing signs of an infection? You should ask yourself these questions if you are unsure:

  • Do programs take longer to load?
  • Do popups plague me when surfing the web?
  • Does it seem like the hard drive is doing an awful lot for a simple task?
  • Do programs that once worked give strange error messages?
  • Is there less memory available than before?
  • Is there less space on the hard drive available than before?
  • Do files often become corrupted?
  • Does Windows hang before going to the desktop?
  • Can I access task manager? 1
  • Are there strange process running?
  • Can I access Run? 1
  • Has my internet browser home page changed?
  • Am I able to access other windows utilities? 1
  • Can I visit anti-virus websites like or 1
  • Can I access System Restore? 1

If some of these questions is "yes" then the chances your system is infected with a virus is high. (See below)

1 If you answered "no" to these questions the chances your system is infected with a virus is high.

Note: not all of these questions will mean that your system is infected. It may be an insufficient memory problem, other non-viral software problem, or hardware conflict.


If you answered "no" to the following questions:

  • Can I not access task manager?
  • Can I not access Run?
  • Can I access System Restore?
  • Can I visit anti-virus websites like or

Then you more than likely have an infected system and should be taken off a network immediately. If you cannot access task manager and you suspect there is a malicious process running that needs to be terminated, there are a few options.

First, the malware needs to be found. This can often be tricky if the malware or virus is one that is hidden in the system32 folder or in hidden folders within Windows.

If you are using Windows Vista or Windows 7, open task manager first and look for any malicious processes (see first solution below).

Go to Control Panel > Appearance and Personalization > Folder Options > Click on the view tab and select view hidden files, folders, and drives.

Task Manager

If you have access to task manager then this is the solution to see if you have any malicious processes. If you do not have access, see more solutions below.

Open task manager by pressing CTRL+SHIFT+ESC or CTRL+ALT+DELETE to bring up task manager. Click on the processes tab to view the running processes. Look for any processes that seem malicious by checking the amount of CPU and RAM the processes are using. Malicious processes are not named very intuitively. They generally contain random numbers and letters or there are several instances of the same process running.

task manager

This images show several instances of the same process running. This is an easy example that shows poorly names processes and the redundancy of the process. Observe the amount of RAM and CPU usage each instance uses.

If you are using Windows Vista or Windows 7, right click on the process and select Open File Location and then process to end any malicious processes. If you are using Windows XP then the malicious or infect file will need to be found manually which be covered later on.

To end a process, simply click on the process you wish to end and click on end process or you may right click and select end process.


If you have access to run/command prompt, but not task manager, this is the option for you. If you do not
have access to run/command prompt, see more solutions below.

Note: If you are using Windows Vista or Windows 7, launch DOS in administrative mode by right clicking on command prompt and selecting "Run as Administrator", respond to the UAC box.

Killing and process in dos does not require any special knowledge of DOS but it does require two main commands: tasklist and taskkill.

Tasklist shows us all services and console processes that are running on the system. We are particularly interested in the console processes. Our command in the command prompt would look like the following:

C:\ > tasklist

We don't need any special switches for this DOS command. Remember that we're looking for console [processes]. Look for console processes that have random number and/or letters. If there are multiple instances of such a process then it might be malicious.


In this instance, the process called 16af79bhdf.exe is likely to be a malicious process. Let us assume that this malicious code is blocking our access to task manager. We cannot find the source of the process from DOS we can, however, kill the process and the search for it manually. There are a few things we should do first:

  1. Write down the process name 16af79bhdf.exe
  2. Document how much RAM the process is using
  3. Document the PID of the Process
  4. Go to your favorite search engine and search for the process in question. Look on websites to see if this process is malicious.

Assuming that the process is indeed malicious, we will not kill the task!

Note: taskkill is a very powerful command and will terminate core system processes without any hesitation. Be sure you have the image name or PID entirely correct before you terminate a process.

In addition to stopping a difficult process, if you regularly use task manager to stop a process that is freezing your system, you may use the taskkill command as an alternative.

For the example provided above, since there are multiple instances of the malicious program and we're assuming that they all need to be terminated, we will use the image name switch: /im. We also want to be sure the process will actually end and we will not get a error message, use the /f for forceful termination of the process.

C:\ > taskkill /im 16af79bhdf.exe /f

This lick of DOS code will kill the task (process) with the image name of 16af79bhdf.exe in a foruceful manner. If there are multiple instances of a single process and you happen to know which processes are malicious, there is an alternative to ending individual processes.


C:\ > taskkill /pid 2588 /pid 4448 /pid 304 /f

This will allow us to select each individual process we wish to end via the Process Identifier (ID). We must use the switch, /pid at every single instance that we wish to kill.


Windows Powershell

If you do not have access to Run or DOS, there is an alternative method that we can use: Windows Powershell. Windows Powershell is a task-based command-line shell and scripting infrastructure designed for system administration. IT Professionals might use Windows Powerhshell to accomplish everday tasks.

The beauty of Powershell is that it will also take some DOS commands and execute them exactly as DOS would. If malicious software blocks access to task manager, run, and command prompt, but not Powershell, we can view running processes and kill any malicious processes within Powershell like we could with DOS.

The environment is slightly different and a little bit more colorful. We can enjoy a medium blue background with the same raster-based text of DOS. To view the running processes we can use tasklist and to terminate malicious processes we can use taskkill.

PS C:\ > tasklist

Remember, there are things to ask yourself before you killing processes:

  1. Write down the process name 16af79budf.exe
  2. Document how much RAM the process is using
  3. Document the PID of the Process
  4. Go to your favorite search engine and search for the process in question. Look on websites to see if this process is malicious.

If you find that a process might be malicious, proceed with further instructions to kill the process.


PS C:\ > taskkill /im 16af79budf.exe /f

This lick of DOS code will kill the task (process) with the image name of 16af79budf.exe in a foruceful manner. If there are multiple instances of a single process and you happen to know which processes are malicious, there is an alternative to ending individual processes.


PS C:\ > /pid 2588 /pid 4448 /pid 304 /f

This will allow us to select each individual process we wish to end via the Process Identifier (ID). We must use the switch, /pid at every single instance that we wish to kill.


Process Hacker

If you have no access to task manager, Run, DOS, or Windows Powershell, there still is hope out there! There are programs that exist like task manager that can run completely locally. This means that no install is required in order for the program to run and it can be stored on a USB Drive, SD Card, or other hot-swappable portable devices. Be sure to visit to download the program.

If you wish for it to run locally, download the binary zip file and save to desktop or other convenient location. If you wish to install the program then click on the download button.

If you're running the program locally, create a new folder called process hacker and put the .zip file inside the folder. Once the .zip file is inside the folder, extract to the same location in which the zip file is located.

Process Hacker File List

There will be 10 files one of which will be called ProcessHacker.exe. Double click on ProcessHacker.exe and the program will launch. Since it's running locally, give it a moment to fully propagate all of the processes that are running on your system. When it's complete it will look like the following:

Process Hacker

Process Explorer

Process Explorer is an alternative to Process Hacker if you do not have access to task manager, run, DOS, or powershell. Both Process Explorer and Process Hacker have the ability to run locally, however; Process Explorer will only run locally and has no installation .exe available.

Final Thought

Whether you're preventing an infection or dealing with one, keeping Process Hacker and/or Process Explorer is always something to keep handy. This will help you extinguish malicious software very quickly after your system is infected and you are denied access to task manager. Having a Graphical User Interface (GUI) makes life a lot easier and is definitely more appealing than straight DOS.

Process Hacker

Things to consider:

  • If you don't already, get some anti-virus software like kaspersky, bitdefender, notron, mcafee, etc.
  • Consider investing in anti-malware software like malwarebytes
  • Do not visit shady websites and always have your firewall on
  • Use a popup blocker
  • Filter your webmail with a spam filter
  • Backup your data regularly
  • Enable Parental Controls on a wireless router or by using third-party software such as Net Nanny or Cyber Patrol to prevent children from accidentally infecting a computer with malware.

Think you have a virus?


Is your computer running awfully slow and is sluggish? Does a mysterious program keep popping up on your desktop every 10 seconds? Do you get a lot of popups while browsing the web, random error messages, or the Blue Screen of Death (BSOD)?

If so, then I've got some bad news for you. There is a probable chance that your system is infected. In order to understand the infection, we need to be able to identify the characteristics of infections. There are many types of infections and they all have different characteristics.

  • Malware
  • Trojan
  • Virus
  • Grayware
  • Spyware
  • Worm


Malware is a broad term meaning malicious software including, but not limited to, trojans, worms, viruses, logic bombs, and spyware.

Malware isn't simply poorly coded software that causes memory leaks and other issues with Operating Systems; this software is created solely with the intent of collecting information, annoying the user, and causing mild to severe harm to a user's Operating System and sometimes hardware.

Since we've gone over the broad umbrella of Malware, let us delve into the specifics.


Spyware does exactly as its name implies. Spyware is used to collect bits of information about a user when the computer is being used. This is done without the users knowledge and is done in the background without the users knowledge.

Spyware is known the change computer settings, install programs, changing internet settings, change internet homepages, slow connection speeds, and other types of things that can invade a users privacy.

Spyware can lead to identity theft, credit card fraud, stealing of banking information, and password that gain access into encrypted content. A popular spyware program is called a keylogger which literally logs every keystroke to a remote location via browser exploitation and the internet.

Yet another form of spyware is called scareware which is design specifically to get a user to buy a product. This type of spyware will often have messages claiming a users computer to be infected and in order to remove said infections a full version will need to be purchased. This can lead to credit card fraud since they usually require payment by credit card.


Spyware has specific traits to it, however. This will allow you to identify a spyware infected computer.

  • Slow system performance
  • Significant decrease in connection speed
  • Random programs being installed without your knowledge or consent
  • Background has changed and will not change back
  • Popups claiming that your web browser is out of date or system is infected
  • Not able to uninstall programs
    • These are some symptoms of Spyware; How to prevent spyware will be covered later on in the article.

      Trojan Horse

      Named after the Trojan Horse in which Greek solders housed themselves in for a surprise attack in Troy. This Trojan Horse was intended to deceive the Troy solders, making them think it was a gift of peace rather than a surprise attack.

      A computer infection called a Trojan or Trojan Horse is no different. These trojans have hidden agendas and hidden functionality.

      A trojans sole purpose is to acquire information about a users, initiate distributed denial of service attacks on web server, data theft, deleting files, installing unsolicited programs, etc.

      Sometimes trojans can be relatively harmless and other times they can infect the master boot record (mbr) or partition tables which will cause a critical failure of a users operating system. This will crash the computer and essentially render the computer unusable unless the OS is reinstalled.

      Especially dangerous Trojans will allow a hacker to physically hijack a users computer. Depending on the complexity and severity of the trojan, the hacker can disable the keyboard, mouse, monitor, change the desktop background, access the administrator command prompt, access the registry, and delete critical OS files.


      The traits of a torjan are similar to spyware since a trojan is basically a form of spyware. They do, however, differ from spyware.

      • Desktop has changed and cannot be changed back
      • Mouse pointer moves itself
      • Mouse pointer disappears
      • Cannot access run or task manager
      • Windows start bar/button goes missing
      • Computer shuts down and starts up by itself
      • Documents and files are printed by themselves

        • Worms

          Worms are unlike a Torjan Horse or Spyware. Worms are self-replicating programs that uses a network to send copies of itself to other computers. Worms are specifically target computers with unencrypted internet access, weak network passwords, weak computer passwords, and computers with out-dated antivirus software.

          Perhaps one of the worst worms ever in the history of technology is the ILOVEYOU worm which arrived in email boxed in early May of 2004. This internet worm contained the text, "ILOVEYOU" as the subject line and the content of the email. There was also an attachment called "LOVE-LETTER-FOR-YOU.TXT.vbs". This visual basic extension was hidden from unsuspecting users to see and tricked users into thinking it was a mere text file with more lovely words. However wonderful as it was, upon opening the .txt file the worm automatically sent a copy of the email to everyone in the users windows address book with the users email address. The worm also made malicious changes to the Windows Operating System and replicated itself throughout the registry. The worm estimated $5.5 billion damage and infected 50 million systems.

          Bad worms can infect a computer and render it basically unusable. Worms can literally hijack a users computer and use the system as a zombie computer where it send copies of the worms to anyone and everyone.


          • Slow internet connection
          • Dramatic loss of hard drive space
          • Denial of Service attacks
          • Web Server being brought down

          Worms are somewhat tricky to detect since they depend heavily on a network connection to work. The majority of the worms out there don't contain payloads or additional code to seriously harm a system. They're mainly implemented to see how many systems can be infected, to bring down a website, or to cause a nuisance.


          Grayware is a different form of malware and is solely intended to make a user bang their head against their monitor. They also harm a system but it's done in a highly obnoxious fashion. Popups, banner ads on websites, remote access tools, dialers, and irksome jokes are embedded in grayware.

          Grayware can cause serious security holes in a system and it can also introduce more severe infections like spyware, viruses, and logic bombs.


          • Annoying popups on your desktop
          • Cannot access task manager
          • Cannot access Run
          • Cannot System Restore
          • Cannot visit certain websites like or

            • Virus

              Viruses are in their own category at times. Some consider a virus to not be a form of malware and some do.

              A virus will attach itself to a program of file and will begin to copy itself. These file transfers will cause the virus to spread as it is passed through one computer to the next. Viruses might change data, corrupt data, or degrade the performance of a users system by taking up memory and disk space.

              Viruses have for main categories, they are the following:

              • Boot Sector Virus
              • Master Boot Record (MBR) Virus
              • File Infecter Virus
              • Macro Viruses
              Boot Sector Virus

              A boot sector virus infects the boot records on a hard drives and also floppy disks. Once the users boots the computer the virus will be saved in the boot record and infect other types of media as data is written to them.

              MBR Virus

              MBR viruses infect the Master Boot Record of a hard disk which is the first of a hard drive. The MBR contains the partition table, bootstrapping files to load the OS after the POST has run, and a unique digital signature to identify the disk media.

              The virus will fester on the mbr upon successful boot and will infect other files and may even corrupt a users partition table and critical system files that load the OS.

              File Infecter Virus

              A file infecter virus will infect files that contain .exe and .com files. Sometimes these viruses will remain in the memory and infect other files and applications. This type of virus will only infect files as they are executed.

              Macro Virus

              Macro viruses will infect certain data files and most notably, Microsoft Office Files such as, Word documents, Excel spreadsheets, Power Point presentations, and Access databases.

              A macro virus may also share the traits of a worm and spread themselves across a network.


              • Slows system performance
              • Dramatically slows web browser
              • Sluggish internet connection
              • Random error messages
              • Blue Screen of Death (BSOD)
              • Not able to access run
              • Not able to access task manager
              • Processes running with random characters and/or numbers
              • No access to System Restore
              • Blocked access to certain or all applications
              • Unable to access anti-virus websites e.g. or

XP versus Vista and 7


The title is somewhat misleading. We're not going to go over the ins and outs of XP, Vista, and 7, we're not going to be comparing their kernels, hardware, structure of the OS, etc... This is simply on the drastic differences between the XP file system and the Vista/7 file system. Any user that switches from one OS to the other will notice that their files are stored differently.


XP was somewhat revolutionary back in the day because it was a stable OS based on Windows NT, it was unlike any other Windows OS at the time, the themes were great, the graphics were state of the art, and the list goes on and on.

One advantage XP had over previous Windows Operating Systems was the file structure, how data was stored in the folders on the hard drive. This new file structure was an easy way to navigate through the hard drive to quickly find exactly the file you need. The file tree was easy to remember and it looked like the following:


This diagram does require some explanation, however. Admin, All Users, and Username (this is your account) do not all share "My Documents". They are actually three difference types that they share. Think of this as it's own user so no files are shared with the others.


  • Admin Documents
  • Admin Startup
  • Admin Favorites
  • Admin Desktop
All Users (Shared Documents and Programs)

  • Shared Documents
  • Shared Favorites
  • Shared Startup
  • Shared Desktop
Your Username

  • Your Documents
  • Your Favorites
  • Your Startup
  • Your Desktop

Each user has their own documents, favorites, etc... All Users will grab anything that is shared including programs, documents, startup programs such as anti-virus, and shared desktop items like shortcuts, etc.

Vista and Windows 7

Vista and Windows 7 have a different file structure than XP and is even easier to find files and folders in my opinion. One big advantage is the cut of "documents and settings" and it being replaced by "users". Here is the general vista and 7 file structures:

Note: Vista does not contain the prefix "my" in front of any folders. They are simply "Documents", "Pictures", "Music", etc.

Windows 7

From this chart, we can see that the path to files is significantly neater than XP. There are fewer directories to deal with, less typing involved in the command prompt environment, key directories like music and pictures are not embedded in my documents folder anymore, and many more advantages.

As mentioned for the XP file structure above, Your Account and Public will not contain the same files and same directory names. They are two different users; however, Vista and Windows 7 illustrate this concept much more clearly then XP does.

Go to Top