Tracking down ominous noises in your PC
Strange sounds — especially abrasive or grinding noises — emanating from inside a PC are definitely cause for alarm! Here's how to correct the two most common sources.
Noises you just can't ignore
A reader sent in this seemingly alarming question.
"My computer is making a grinding noise. What is it and how do I fix it?"
The most common sources of grinding noises in a PC or notebook are worn-out bearings in cooling fans and spinning-platter drives.
Eventually, the factory-installed lubrication wears out or evaporates, and you begin to hear the dry contact between the rotating and stationary parts.
The wear is very gradual at first — and barely audible. But at some point, as the wear becomes significant, the amount of noise increases, and you're suddenly aware that something inside the PC's case needs your attention!
As long as your PC is still working as expected, incipient bearing noise usually isn't an all-out emergency. In fact, this kind of wear is unavoidable. The bearings in a high-quality PC or notebook will last longer than those used in low-end models, but no PC is immune — all friction points in mechanical devices will eventually wear out.
But just because it's not an emergency doesn't mean it can be ignored. Any significant change in drive or fan noise needs attention fairly soon. Here are some options.
For noisy drives: Here's an old-school trick that might offer temporary help. Use the PC for a while to get the drive up to normal operating temperature, then turn the machine off. If possible, immediately remove the drive and place it upside down (typically with the info labels facing down) on a flat surface. If you can't remove the drive easily, try turning the whole PC upside down. Let it sit for several hours — overnight, for example. When time's up, put everything back to its normal orientation and boot the system. With luck, the remaining lubricant will have re-distributed itself, temporarily quieting the noisy bearings.
Note: That's not a repair! It's just a way to forestall the inevitable. When the bearings get noisy, it's time for a new drive, and the sooner the better.
Replacing a drive isn't difficult, even for those who've not tinkered inside a PC. There's an abundance of how-to material and instructional videos online.
(FYI, now's a great time for drive shopping! SSD (Solid State Drive) prices are in free fall, so you might consider replacing an older mechanical hard drive with a new 10x faster SSD even if it's not making noise.)
You can usually find exact replacement parts and directly relevant how-to information by including your specific brand and model of PC or notebook in your search query. For example, you might search: "how to replace hard drive dell inspiron desktop" or "how to replace hard drive hp envy 17 notebook" — and so on.
For noisy fans: If a fan's bearings are making noise or causing the fan to spin slowly (possibly resulting in system overheating), just replace the fan. Exact-replacement PC cooling fans are cheap and relatively easy to install — they're usually held in place with ordinary screws and use keyed, can't-plug-it-in-wrong electrical connectors. Fan replacement is very common, so there's lots of how-to material and supplies available online (see examples via Google).
Notebook replacement fans are also inexpensive and usually not difficult to replace — the hardest part of replacing a notebook fan is often just figuring out how to get the case open! But this is also a fairly common repair, with plenty of Web-based guidance available (more examples via Google).
And again, you can enhance the odds of finding exact replacement parts, and directly relevant how-to information, by including your specific brand and model of PC/notebook in your search query.
Is Windows Defender really a front-line defense?
A Sangat member is wondering whether some old PC-security advice still pertains.
"I have relied on your advice to use Microsoft's built-in Windows Defender as my first point of defense for Win10. I remember you had suggested Malwarebytes as a second line of defense. Has that changed?
"If we put stock in [third-party anti-malware] test results, shouldn't we turn off Windows Defender and install a freebie anti-malware product instead? And should we still be thinking about malware protection in terms of two-step protection? Or is the risk of interference high enough, and the potential for building a stronger barrier low enough, that we really should pick one product and stick with it?
"Finally, would it be a wise strategy to just go with the free version of programs and change each year or so, based on how the products fare in head-to-head tests, such as those published by AV-Test?"
Those are all good questions; and yes, my recommendations have changed somewhat.
That's partly due to personal experience (more on that in a moment), and partly due to a long trend in those head-to-head anti-malware tests.
Windows Defender has been steadily climbing in the rankings since its unspectacular beginnings. For example, looking at the most recently available (June 2020) AV-Test.org results, you'll see that Windows Defender now ranks among the very best anti-malware tools — even surpassing some commercial AV suites!
Specifically, Windows Defender earned a perfect score in the Protection category, along with Avast, AVG, Avira, Comodo, F-Secure, Kaspersky, McAfee, and Norton. So in terms of "will it keep malware off my PC?," Windows Defender does as well as any commercial product.
Two demerits in other categories kept Windows Defender from tying for all-around first place. It lost a half point in Performance, mainly due to "slower installation of frequently used programs." And it lost another half point in Usability, due to four false positives.
Are those significant issues? Slow installation might matter if you're installing "frequently used programs" over and over (Defender scans apps during installation), but that's not how most PC users work. Plus, a dozen other AV apps in the same testing category scored on par with or worse than Windows Defender. So to me, this mostly seems like a non-issue.
What about the false positives? Windows Defender's four AV-Test false positives are actually better than the industry average of six in the same tests.
So, given its overall high performance — especially its tied-for-first-place finish in the most-important Protection category — I'm comfortable using Windows Defender as my primary, always-on, anti-malware app.
That said, I still use other anti-malware tools including Malwarebytes. Rather, I rely on Windows 10's numerous other built-in security features — core isolation, security processor, trusted platform module, secure boot, and so forth (MS info). They all work in the background with zero input or oversight from me. Similarly, I let the built-in anti-malware and security features of Chrome and Firefox (my two main browsers) do their thing, also unattended. So, my PC is well protected by multi-layer security that is built in, has no extra cost, and requires zero extra effort on my part.
I know it works — and that's the "personal experience" part. Once a month or so, I'll run Windows Defender's built-in but separate offline scan mode to look for rootkits and other low-level, hard-to-detect malware. I also use ESET's free and excellent Online Scan (info). Either way, the idea is to occasionally use a different anti-malware tool or type of scan, just to make sure that your primary tool hasn't missed something.
All my PCs have stayed clean in check after check, so I'm confident that this approach of using almost entirely built-in security software (all except for Malwarebytes) is working fine for me.
What's best for you? It's the setup you feel comfortable using, day in and day out.
Chrome Uncovers Phishing Scams
Google is testing a new way of showing a web page address in the browser. It hopes that simply showing the domain name will make it easier for us to spot phishing scams - as already happens with some rival browsers.
At the moment, most browsers will show the entire web page address (URL) in the address bar; that's the box near the top of the screen that has a dual purpose in most browsers: it shows the current page address but is also where you type in both addresses and search terms.
A study for Google looked at ways scammers can take advantage of the browser bar. One example was the website address "https://bank.com.acct.balanc.es.". At a quick glance, one could easily assume the page belonged to the organization which controls "bank.com" when in fact it belongs to whoever controls "balance.es"
In this hypothetical attack, the scammers would have registered the domain name "balance" on a Spanish registry to create what might look like the word "balances" at the end of a page address. The reference to "bank.com.acct" is purely a directory within the "balance.es" website and doesn't give any insight into the organization behind it.
Most Scam Sites Not Spotted
Google's study found that while people could correctly identify a site as being genuine from the website of address 93 percent of the time, they were only able to spot a misleading site in 40% of cases. (Source: googleapis.com)
Now a random set of users of Google Chrome Canary (a version of Chrome used for testing features before they go into the main browser edition) will not see the full website address by default. Instead, they will just see the actual main domain name (without any page details) and in some cases the registrable domain will be highlighted. In our example, that could mean the user's attention is drawn directly to "balance.es", with "bank.com" potentially hidden or downplayed.
New Policy Optional for Users
Users will still be able to see the full URL which includes directories within the domain, and the specific page details.
To do this they can either hover over the address bar to reveal it, or right click on the address bar to bring up a menu that includes an option to revert to showing the full URL by default. (Source: chromium.org)
One problem with the testing is that the type of people who use Chrome Canary may be more likely to pay close attentions to website addresses and domain mismatches in the first place. It could also be difficult to prevent scams with visually similar domains such as rnicrosoft.com (with the 'RN' forming an 'M' at the beginning of the word) instead of 'microsoft.com'.
Help make this column better by sharing your tips or experiences with your own tech with the Sangat. Email me and tell me your story, and keep sending me your suggestions for column topics, along with your own favorite smartphone app recommendations and reviews so I can share them here. Just email them to me at [email protected]