PC Troubleshooting Part Two

Processes

It is useful to become familiar with what processes are running in Windows and how much resources they are using. Once you know what processes are running, you might decide to disable the ones that aren't responding, or have frozen. The task of reviewing the running processes is also handy for 'tuning up' the PC, helps with troubleshooting and can also help find evidence of malware (viruses, trojans, etc.).

To see what is running on your computer in Windows, simply right click on an empty part of the task bar and choose Task Manager . [There are also free 3rd party tools, one of which is 'Process Explorer', which is much more revealing than even the current built-in task manager.]

In Task Manager, in the Processes tab, the Apps category will show what user-initiated programs are running and is a convenient way to end a program session that is not responding as shown in the status column. You end processes using the End task button.

The Background processes and Windows processes categories will list all the processes that are running - this includes the many processes that are an essential part of Windows itself. The list will contain entries that are foreign to you at first, but once you become familiar with them (and add them to your journal), you will be able to identify new processes when they appear and be able to question their purpose and validity through research.

Sounds like a scary proposition, but there are a number of Internet resources that can help. One method is to simply search Google for a process by the name of the file to learn more about it. There are various web sites dedicated to explaining the purpose of the processes you'll spot in the list:

• https://www.file.net/process/
• https://www.processlibrary.com/en/directory/a/1/ . 

Keep in mind that you shouldn't trust everything you read in a single site on the internet, so if you're not sure that what you're reading is true, get corroborating evidence from another trusted site.

I divide the items you'll find in your processes list into 4 categories: System processes; Background Utilities; Helper Apps; and Everything Else.

System processes includes the processes that must run in order for Windows to function. They will be regulars on the list - even if there are no other programs running.

Background Utilities include things like your anti-virus software, your graphics card dashboard or your print management software.

Helper apps are the helper processes that assist in loading certain programs faster. These processes are usually optional. An example of a helper app is acrotray.exe, which is a helper app for the Adobe Reader program. All it does is help load Acrobat Reader a bit faster.

Everything Else refers to the processes that you don't recognize, and that you should validate. You may discover processes for the programs you have open, anti-virus or internet security tools, print management tools, password managers, etc. But you should identify what each process is for and decide if it is legitimate. If you misidentify a process and get rid of it by mistake in this task manager, the worst that can happen is you'll have to reboot - the processes will automatically come back. Note that we haven't disabled anything yet, we're just identifying what processes are running and whether they're needed.

Windows Startup

Once we become aware of the processes that are running, the next thing we need to do is explore what processes are being loaded as part of Windows' startup routine. Many of the processes identified in the previous topic are loaded as part of this routine. Although Windows comes with its own startup configuration editor (msconfig or startup apps in Windows 10), I find a 3rd party tool like Autoruns is more user friendly (check the 'Logon' tab in Autoruns).

While going through the list of programs that startup with Windows, as in the previous topic, identify what each one is for and decide if it is legitimate or necessary. Any item you disable will not load in any subsequent Windows startup routine. 

When you edit the startup routine, disabling processes might have adverse consequences if those processes were actually necessary. Do not fear - you can always re-enable any startup process if things go wrong.

Becoming familiar with the running processes and startup routine are an integral part of being aware of how your computer system operates.

Uninstalling

One Windows task that can create more problems than it solves is uninstalling software. In a perfect world, this task would perform well - we expect that when we uninstall a program, everything that was changed by the installation is reversed. In reality, remnants of uninstalled programs often get left behind in the form of user preference files, orphan directories, start menu items, desktop icons and even registry entries. I've even seen examples of programs still in their original folders after an uninstall. It is important to learn how to clean out these remnants to help tune-up the system and is part of the troubleshooting process when you are upgrading to newer versions of the same software.

One of the reasons uninstalls don't go according to plan is because users learn that they can move items around in their Start Menu and the Desktop. When a program installs, it puts specific things (files, icons, shortcuts) into specific locations. During an uninstall, a program will not know you've simply moved its location in the Start Menu, and as a result will not know how to find and remove itself anymore. You may have to manually remove the menu item. Advanced users learn how to scan the registry looking for remnants of uninstalled programs. Look by executable file name, even company name (e.g.: To remove the program 'Ad-Aware', one would look for instances of 'ad-aware'; and 'lavasoft'). Always make backups of your registry before modifying it in any way.

Startup Options

Explore various advanced boot options in Windows. These differ between versions of Windows. See this page for how to access advanced boot options in Windows 10 and 8. For a picture of the Windows 7 menu, go here and look about 2/3 the way down the page.

Preventive Maintenance

Get into the habit of performing basic preventive maintenance on your files. Disk cleanup; error checking (scandisk); defragmentation (except on SSDs); a second error check; virus scan; these should all be part of a regular weekly routine. Or at least monthly.

File Management

The next step in your journey (in my opinion) should be file management. Attend a class or hire a pro to teach you how libraries, folders and files work; discover what file extensions are about; learn what files can and cannot be moved or deleted.

Learning file management will also better prepare you for backups, as it's going to be hard to know what to backup if you don't even know where all of your personal files are.

PC Troubleshooting Part One

Hardware Preventive Maintenance :

Monitor

• Never spray cleaner directly on the screen and let drip down inside. This can cause an electrocution hazard and liquid will damage the monitor due to the high voltage. Instead, spray liquid onto a cloth and wipe.
• New monitors have plastic screens that can become permanently cloudy if harsh cleaners are used. Distilled water or a 50/50 distilled water / isopropyl alcohol solution is best.
• When cleaning a monitor, use a light touch - easy on the pressure against the screen.
• Tip: Monitors don't suffer from image burn-in anymore, so screen savers are unnecessary and purely for entertainment now.

Keyboard

• Keep liquids and food a safe distance away.
• If spills happen, turn the computer off immediately or quickly pull the keyboard cord out of its connector on the case (wired) or remove the batteries (wireless). An electrical short caused by liquid in a wired keyboard will affect the computer's power supply at the very least. This could be costly.
• For a sticky spill, rinse the disconnected keyboard under very hot water, shake off excess water, let dry for 2-3 days before using it.
• Use compressed air to remove particles. Disinfect keys to kill germs. Don't use a vacuum - too much static generation.

Printer

• Using good quality paper will result in a cleaner, long-lasting printer and better print quality (especially true with ink-jet printers).
• Try not to refill ink jet cartridges more than twice before buying a new one. They were not designed for prolonged use. A refilled cartridge typically voids the warranty.

Mouse

• Cordless mouse / keyboard have their own potential issues. Radio frequency interference, can make cordless less than problem-free.

Hard Drive

• Hard drives are not perfect. Even new hard drives can and do fail without warning. Protect your data with regular backups.
• Physical shock, smoke, strong magnetic fields and sudden temperature changes put hard drives at risk.
• Run error checking and de-fragmentation tools (in Windows) every month as a minimum. 
• Don't de-fragment SSD! Find SSD health tools online.

CD-rom / DVD-rom

• Top (label) side is actually more fragile than the bottom.
• Clean discs with a soft, dry cloth - no harsh cleaners.
• Wipe the disc in a straight motion in a line through the centre hole, never in a circular motion.
• Heat, direct sunlight, food, dirt, fingerprints and scratches are bad for discs.
• Experts are now predicting the data archived to CD-R or DVD-R discs may only last 10 years, maybe less.

Case / Power Supply

• Keep all case vents clear. Make sure all the fans are running. Fans get noisy from dirt build-up.
• A computer case is a very efficient electrostatic air purifier - clean the vents, power supply and circuits of dust at least yearly. Do this outside with compressed air. Only vacuum the outside of the case, never the inside (static electricity can damage components).
• A surge suppressor (rated for at least 750 joules) can save your PC. Insist on one with an LED which indicates when protection is still active. Once a suppressor has done its job, it becomes just a power bar - it needs to be replaced.
• Anything that comes in contact with the circuits inside the case must be static-free.
• Heat, magnets and locations high in static electricity or which risk the case being bumped / kicked put the contents at risk.

Troubleshooting Technique

• Document everything you do on your PC. Then refer to it whenever you repeat a task. Documenting makes tasks easier to do the next time around.
• There's no reason to make mistakes more than once.
• Logged steps and events help with troubleshooting and relaying the computer's history to others.
• Most faults have easy causes. Don't make the mistake of:
• Complicating a fault.
• Overlooking the obvious. 
• Assuming anything.
• Use a logical technique:
• When did it stop working? 
• What happened prior to fault? An install? Uninstall? Upgrade?
• Is just one program affected? Eg.: Can you open a doc in another program?
• Look for every possible clue - it could mean the difference between 10 possible causes and 3.
• If you're in over your head, stop messing with the problem, perhaps making it worse, unless you really don't mind the possibility of losing your data and re-installing everything from scratch.
• Become a researcher. The internet is a treasure trove of solutions to problems already experienced. You are likely not the only person who has experienced a particular fault.
• Burnt smells or smoke are bad news - remove power immediately.
• Cables work themselves loose, but be sure to check connections with power off. Check them with your hands, not your eyes.

Gathering Symptoms while Troubleshooting:

Computers don't always reveal their secrets to us in obvious ways. Here's list of things to watch for when trying to determine what's going on with your computer:

Monitor - typically has an LED on the front. If this LED is green (or blue - check the manual for specifics) it means that not only is the monitor getting power, it is also getting video information from the video controller inside the computer case. If the light is a colour other than green/blue (usually yellow, orange or red), it means power is fine, but video is missing. No LED - no power.


Keyboard - has 3 LEDs on the right side at the very minimum. If these lights flash during startup, it's getting power from the case. If once the computer is finished booting you can press Caps Lock or Num Lock and the LED changes state, you also have a functioning data connection between the keyboard and the motherboard inside the computer case.


Mouse - optical mice have an LED on the bottom. Once the computer is turned on and finished booting, this light should come on, indicating power from the case.


Printer - printers don't have any standard that the whole industry follows regarding their LED indicators, so always refer to your manual to determine what the various LED combinations mean. There are 3 basic parts to a functioning printer subsystem, the printer itself, the cables and the computer (especially Windows printer setup and the print queue).


Computer Case - again, there is no standard, but most cases have at least 2 LEDs on the front. One represents on/off state and the other represents hard drive activity. Many computer users pay little attention to these LEDs. The hard drive activity LED often reveals something about the state of the computer. If it is completely off, it means your computer isn't doing very much of anything requiring the manipulation of files. This LED will at least flicker from time to time indicating activity and appears to be on steadily when involved tasks are occurring involve files. Examples of such times include boot-up; when a virus scan is taking place, de-fragmentation tasks; downloading files or opening / using a large program. Mind the fans too. They will indicate if the case is getting power once you turn the computer on.


Task Manager - one of the most useful yet little known tools that comes with Windows. Access by right-clicking the task bar and choosing Task Manager. The performance tab reveals how much CPU power is being used in real time. If the CPU Usage meter is pegged at or near 100%, it means your computer is very busy doing something. If it seems unresponsive - this is why. What we can check next is what exactly is using all of that CPU power by choosing the processes tab and clicking the CPU column header twice to re-sort the list putting all the CPU-hogging processes at the top. Ignore the process called System Idle Process - if this process is using 90% of CPU power, it just means nothing is using 90% of the CPU power right at this moment - I know it's confusing. So if a virus scan is running, and it is at or near the top of the list and the CPU power meter is pegged, the reason your computer isn't responding as quick as you want is because it's busy scanning all of your files for viruses. Of course, your computer doesn't come right out and say this - you have to research the situation yourself. A combination of the hard drive activity LED on the case coupled with Task Manager will reveal much of what your computer is up to in real time.


Software Preventive Maintenance :

• Make backups! Develop a strategy of making a copy of everything that cannot be replaced. Programs and Operating Systems can always be re-installed. I'm talking about your documents, music, pictures, etc. Copy them to another hard drive; another PC; a CD-R(W); whatever is suitable for you.
• Warm (restart) and cold (from OFF) reboots often solve many problems. Users who leave their systems on all the time often forget to reboot (once a week is good enough).
• When installing new software:
• Before you install new software, close all other programs.
• It is a good idea to reboot after an install.
• Avoid installing another program until you see the result of your last install on your system.

How to buy a computer

What do you really need?
Many vendors will try to sell you items or features you don't need, so it's important to know what you need and stick to the plan. Unfortunately, it's difficult to know what you need as a first time buyer, sometimes even as a repeat buyer. Ask friends what they like or dislike about their systems and what they would do different if they were to buy today. It may surprise you to know that most people who buy a PC have regrets about one thing or another. Examples include a drop in price the week after the purchase, or a monitor that looked good in the store, but causes eye strain at home.

How much performance and is it worth the cost?
It's usually better value if you buy a system or components that are not state of the art. The fastest PC is also the most expensive PC. But if you buy something at the lower end of the performance scale then you may not get longevity out of the deal if you intend to get the latest productivity, graphics software, and games. Be aware that CPU maker Intel is the trend setter in the world of business computing, but AMD (the competition) offers a competitive alternative - some say better value for home use where gaming is a priority.

Memory (RAM) is the single greatest performance boost you can get for your money. Try to aim for at bare minimum 4GB, the more, the better, especially if you multi-task or run intensive software. Pay attention to memory speed ratings. If your PC supports memory speeds of a certain range, you may save money buying something a bit slower than the maximum, but slower memory may be a handicap to your computer.

Do you need the greatest video, sound or motherboard components? If you are using the system only in a basic browsing role, the answer is likely 'no'. In fact, a traditional PC may be overkill with the current option of tablets and mini-PCs.

Upgradeable
Not long ago, the smart buyer chose their PC components based on future upgrade plans. But PC architecture is changing so rapidly now, it is likely that new (interior) components may not work in your old system, nor would many old parts you're saving be suitable in a new system. I advise people to buy the best value for their money with the intent to replace the whole system when the time comes for a new computer. However, if you are buying an incomplete package, with the intent to complete it later - make sure the system you buy has the ability to accommodate those anticipated future parts and don't wait too long to perform the upgrade.

Brand name PC versus 'Build your own'
Brand name package systems like Dell, Gateway, HP and Compaq etc. offer both pros and cons. Build your own (or at least choose your own parts) systems, also known as 'clones' offer their own set of pros and cons:

Brand Name PCs Pros & Cons	Build Your Own Pros & Cons
+ Fewer decisions to make. + After-sales support. + Attractive warranties and on-site repair options. + Parts that are guaranteed to work together. + Often packaged with free software and/or hardware. - Fewer choices. - No guarantee all parts are best quality. - Can be pricey.	+ The ultimate in choice of price ranges, components, etc. + No waiting for delivery. + Deal with a live person face to face. + See the product before you buy. - Repair / warranty issues often fall on you after you leave the store. - Compatibility issues.

Hard Drive Options
How big of a drive do you need? Capacity requirements depend on computer use. If you accumulate large collections of photos, movie files and music, you'll need a large drive. Look at differences in price between capacities. You may notice that tripling drive capacity may only show a doubling of cost of the drive. Consider getting an external USB drive too. They are affordable and very practical, particularly for backups and sharing data.

Optical Storage
Most PCs come with DVD-ROM drives, but if you intend to record to CD or DVD, make sure the drive has record capability. If you intend to watch (or rip) Blu-ray movies on the PC, make sure the DVD drive can read Blu-Ray - many do not. Optical data storage has generally become obsolete and most people archive their files to hard drives.

Monitors
Size of the screen is a very important choice. A larger screen allows for easier reading of text and more flexible seating options. Technical specifications help compare one monitor to another, but some specifications can be misleading. Readability and lack of eye strain over long periods of use are more important.

Desktop versus Laptop
The desktop computer used to be the most common type of computer sold; now laptops outsell desktops. But tablets outsell laptops.

Desktop Pros & Cons	Laptop Pros & Cons
+ Much more choice. + Modular parts make upgrades possible. + Industry standard interchangeable parts make repair possible. + Price. - Not very portable. - Not very small (this is changing though). - Tied to source of AC power.	+ Portability. + Use much less space. + Great combinations of features. + Computer + DVD player + MP3 player in one. + Wireless capability out of the box. - Price. - Battery performance could be better. - Accessories and repair parts are expensive and can become rare in a short time. - All interface options may not be available. - Usability (keyboard / pointing device). - Upgrades unlikely.

Enter the Tablet
Now the playing field has a new entry - the tablet. I'll compare it to the laptop only. They're lighter, smaller and have amazing battery life. The OS is usually much simpler and designed for touch. Programs are tablet-specific. Tablets usually can't interface with other hardware via USB, etc., but this is mitigated by a wireless connection and the cloud. Accessories are available to add keyboard, etc., but this misses the point of a tablet. My iPad has never been connected to another device or computer, even for backups or updates.

With 3 contenders for computing use, the choice is more complex and now typical consumers are likely to be choosing 2 or 3 from the PC / laptop / tablet combination.

Printer - Inkjet or Laser?
Inkjet printers are the least expensive and seem to be a great buy when you consider they can print in colour and produce photo prints as well. But many owners are shocked to see how quickly the ink cartridges run out and balk at the price of replacement cartridges. Many try to save money by refilling cartridges - a practise that you don't want to repeat too many times before buying a new cartridge. Laser printers tend to offer much crisper printing, especially text. Colour laser is finally becoming affordable, but does not quite produce photo quality - yet. Paper quality has as much to do with the quality of your print as the printer itself. Multifunction devices offer scanner, printer, fax and copier functions in one package. You'll save money, but be aware that if a multi-function breaks, you've just lost 4 functions. Beware of ink jet multifunction devices passing themselves off as laser printers.
Keyboards and Mice
Cordless keyboards, mice and duo combos seem like a great idea - no wires! Be aware these devices need batteries, which may not last long. A battery operated mouse might be heavier - something to get used to. Because they use radio frequency (RF) to pass data back and forth, interference from wi-fi and other RF sources, solid objects and distance will have an effect on performance.

Other web sites on security

Infosyssec.org - a Canadian security portal for security professionals to start searching for information.

Security Focus - yet another portal. There are many more like this. They all tend to link to each other. Simply choose the one best suited to your needs.

Shields Up (Gibson research) - a great place to check your computer's security posture on the Net and learn a little about software firewalls.

Computer Virus Myths Home Page - once you've read this page, you may never accept "experts" at face value again. Nobody is safe from scrutiny on this page, thankfully.

CERT - this is a good site to see what the latest threats are.

Sans Institute - there are many more portal sites like this, but SANS has the added benefit that you can subscribe to security bulletins which will be emailed to you.

Hoaxes & Myths

How much of what you hear or read about information security can you trust? Have you heard that shopping online isn't safe? Some people believe it's true. But just like any other source of information, you have to scrutinize the source.

 

People may sound confident and experienced when they discuss security, yet few have adequate knowledge of this complex and technically obscure subject. Journalists regularly make the mistake of quoting network administrators, PC support people or even retail salespeople as if they were security experts. After all - if they know stuff about computers, they must know about security too, right? Even IT professionals generally still have a lot to learn about security. We all do.

  

We need to be able to separate fact from fiction and ignore the hype. It is easy to fall prey to "False Authority Syndrome" and it contributes significantly to the spread of fear about infections and a true lack of understanding about security. Myths continue to circulate about the safety of downloading files, exchanging email, using credit card numbers for shopping, etc.  

 

One myth is the notion that getting utilities and programs from popular download sites is a sure way to get infected with a virus. But in fact these files are typically checked quite thoroughly by their owners for infections. Software obtained from warez sites, peer to peer networks or public ftp sites is another matter altogether.

 

Another distortion of fact involves the safety of shopping online. Many people refuse to give out their credit card numbers even over encrypted web connections for fear their account numbers will be intercepted. The real danger however, isn't in the transaction being intercepted, but the way the vendor you buy from stores your credit information on their own facilities.

 

A common trap is the virus hoax. Email systems can crash to a halt due to the sheer volume of mail that gets generated from virus hoaxes. If virus hoaxes were just a nuisance, that would be bad enough, but they can be dangerous. Warnings went out years ago that the file SULFNBK.EXE is an infection and must be deleted. Heck, it's got a teddy bear icon and everything! Surely it must be a virus! But it's not - it's part of the Windows Operating System, but only a knowledgable PC user would know that, and even a few veterans were hoodwinked by that one.

 

A few words of wisdom: Microsoft, AOL, law enforcement and the like do not send out warnings about viruses. Never delete files from your computer because someone suggests they are viruses. If a friend sends you one of these hoax messages, do them a favour and tell them that they've been had........ The only protection you need from the most common infections is an up-to-date virus scanning program.

On a lighter note, a joke about viruses circulated a few years ago:
"You have just been infected with the Newfoundland Virus! In Newfoundland we don't know much about computer programming, so this virus works on the honour system. Please forward this email to everyone on your address list. Then promptly delete all the files on your hard drive. Thank you for your cooperation."

What's not funny about this joke is that this is exactly what a virus hoax accomplishes. It gets you to do the work of a virus, then propagates itself to everyone under the sun.

Social Engineering & Privacy

If you received a phone call from your Internet Service Provider (ISP), announcing that they were now offering credit card payment, would you give them your credit card number so they could automatically bill your card? What if they offered to make it a sweet deal by cutting your monthly bill by $15? If you said 'yes', you could have just been socially engineered into giving your credit card number to some clever stranger!

Besides credit card scamming, another common social engineering tactic is to trick people into giving out their account passwords. OK, so imagine that your ISP asked for your Internet user name and password to validate your identity when you speak to them on the phone. I hope you would decline because this is something they would never ask you to do.

On your Messaging application, or social networking site, you might receive a message from someone who claims to be a support person: "Hello! I'm sorry to inform you that there has been an error in your account configuration in our database. The server's password information has been damaged. We need you to type in your password and hit reply. Thank you for your assistance". Survey says, 'Bzzzzzt!' No!

Statistics have shown that 20% or more of all successful security attacks were made possible through simple social engineering. It is perhaps the easiest way to gain access to computers, networks and their data, because it relies not on technical know-how but knowledge of human nature and our inherent desire to trust one another. With phishing scams on the rise, banks and credit card companies are warning their customers to be wary of suspicious e-mail supposedly coming from them, especially if it links to a web site that asks for personal details. Identity thieves create authentic looking web sites to fool people into providing account numbers, passwords and more. It used to be relatively easy to tell if you were at the real web site by paying close attention to the address field in your browser. But a recently discovered vulnerability makes it possible to spoof even the web site address. If you are sceptical about the actual address of a web site you are visiting, try the following:
Copy and paste the following into the address field of your browser and hit Enter:
javascript:alert("The real URL of this site is: " + location.protocol + "//" + location.hostname + "/");
It will tell you the real address of the site you are visiting.

Do you think you have what it takes to tell a legitimate email from a 'phishing scam'? Try this quiz.

A wise person once said, "There is no privacy on the Internet. Deal with it!". They weren't kidding. Do a Google search on your name. You may be surprised to see what comes up. Did you know that the content of email messages that are sent or received on a company's network are the property of that company? Be careful when using web-based email services at work or to discuss work-related subjects. Some people are surprised to discover that free e-mail services actually own the content of messages sent through their web service. Hotmail and Gmail are some of those services. There is a simple rule to live by when sending information of any kind onto a network, especially the Internet:
 
Imagine the content of your communications being posted on a public bulletin board.
This includes email but also includes web browsing, messaging, social networking, file transfers, etc. If the stuff you communicate with others is not suitable for public discovery, find a way to encrypt it or don't send it via these means. If your PC is not configured to prevent it, and your software's vulnerabilities haven't been patched, you may as well imagine all the files on your PC are being shared on the Internet. If you are using file sharing programs or torrent sites and you haven't limited what these share with the world, all of the files on your PC might be shared on the Internet. Look for the lock icon in your browser to see that your web connection is encrypted before entering personal information like credit card numbers.

Another hot topic with regards to privacy is SpyWare. Spyware was created in an effort to build a profile of your Internet habits. This data is useful to direct marketing companies, because it's cheaper to target marketing to specific people. Whenever you download a program for free, you may actually be downloading Spyware as part of the product. Free software such as screen savers; download managers; FTP programs or peer to peer file sharing clients (like Kazaa) often contain spyware. Some would suggest that Facebook is a form of spyware due to what it does while you're on their site. In these cases the software itself actually IS useful. But the price for using these applications is having your net surfing habits reported to a marketer, perhaps without your awareness or permission, unless you read the End User License Agreement or EULA - but who does that? Do you read the fine print before using your software? What's even more devious about these applications is that even after you discover their true intent and remove the software from your PC, the SpyWare portion quite often remains on your computer, continuing to do its work. Programs such as OptOut, Ad-Aware and Spy Bot can be installed on your computer to check for the presence of spyware. There are also web sites to pre-check if the program you're about to download contains spyware first.

Before you get all up in arms, building a marketing profile on you is not a new practise. Those club cards that help you save money at the store are really just a method of electronically linking you to the purchases that you make in an effort to build an accurate marketing profile. In fact, I'll offer a controversial opinion here - the main reason spyware (along with adware, shareware, etc.) exists is because many small firms who develop software have a hard time getting paid for their efforts. Witness the sheer number of people who copy other peoples' programs. Small time software developers often have few other choices (if they want to get paid) but to allow a marketing company to include spyware into their program.

People who value their anonymity while surfing the web can use a variety of methods to protect themselves. One way is to pay a fee to an "anonymizer", a company that enables you to surf the web through their "proxy", which makes it seem that the proxy is doing the surfing. The banks are also working on a way to make it possible to shop online anonymously with a form of electronic cash. For now, PayPal is your best bet, but BitCoin is making a splash right now.

For more information on non-technical security, read my article The Weakest Link.

Infections

Infections (viruses, trojans and worms) are still a problem and are becoming more specialized. Email is currently the most common method viruses use to get around.

• People continue to open email attachments without considering where they might have come from. People click hyperlinks in phishing emails not realizing that businesses don't solve account issues via email.
• People use email programs whose security vulnerabilities haven't been patched.
• People leave the preview option 'on' in Outlook or other email programs.
• Viruses typically use the address book incorporated into Windows to find new destinations to mail themselves to.
• Now viruses are capable of searching for email addresses inside your files.

For all of the above reasons, I limit myself to webmail, where the message and attachments are kept on an online server until I permit otherwise.

Infections don't need to use your email program to send themselves out to other computers - many now have their own compact email programs built in. Viruses have the ability to forge or 'spoof' the 'From' address. So don't bother contacting the person who supposedly sent you the latest infection because it likely did not come from them anyway.

Due to both the unpatched vulnerabilites in web browsers and their add-ons, it is possible to get infected just visiting an infected web site.

Anti-Virus software plays a huge role in the defence against infection, but users often don't use Anti-Virus products the way they were intended. You can turn many of the anti-virus program's features off, or features may not be enabled by default, rendering its existence moot. Having anti-virus software is useless unless you consistently scan your files, your downloads and your email. You must also get the anti-virus signature updates for your program to be able to detect new viruses as they are discovered. Updates are available almost daily in some cases. Remember - an anti-virus program that was only updated 30 days ago will only be able to detect viruses discovered until 30 days ago. Incidentally, the viruses you need to worry about the most are the ones that were discovered most recently, because they are most prevalent 'in the wild'. Do not install more than one anti-virus program on your PC at the same time. You might think you are creating another layer of safety, but in reality 2 programs can interfere with each other.

Some viruses are simply an annoyance - nothing damaging is done to your PC, particularly if the virus is detected before delivering its "payload". In worse cases, the damage can be instant, disabling your Operating System or deleting important personal files. If regular, organized backups have been performed, damage control can be relatively swift and painless. But this assumes you got infected (and detected that infection) since the last backup. Using infected back-up files will just re-infect your PC. That's why you have to scan your backups too. In the worst cases, you may lose very important data and/or have to reinstall your operating system and all of your software from scratch, using known good software. But your backup can give you back your irreplaceable files (documents, pictures, music, etc.).

Some viruses randomly attach a document from your PC before emailing itself off to the next victim. So now not only could you suffer infection, but you could actually be putting your sensitive files at risk and you would not even know it before it's too late - assuming you find out at all. Hopefully this illustrates why it's not really a great idea to keep sensitive data on PCs that have a connection to the Internet. So what do you do with this data? Save it to CD/DVD, to a removeable external hard drive, or put it on a secure cloud service that requires a login to connect.

Viruses hiding in macros or vbs scripts in documents for MS Office applications exist. As a security measure, newer versions of MS Office come configured by default NOT to run macros. In many cases, the unseen damage done by an infection is the enormous workload put on email servers because of the sheer volume of new infected messages created by the virus in an effort to copy itself. This is especially true of a type of infection called a worm, whose only typical goal is to replicate onto as many PCs as fast as possible. Worms do not require any action from you whatsoever to find their way onto your PC, as you will discover if you connect an unpatched Windows PC to the Internet. Worms have taken down some of the world's biggest and most important networks in minutes, in many cases, simply because known Operating System vulnerabilities were never patched through available updates.

So how do you protect yourself from viruses? Here are some of the things I suggest:

• Stop opening unexpected email messages, attachments and hyperlinks, even from people you know. This includes your Internet provider, your bank - anyone!
• Make sure your anti-virus software is updated as often as possible. Make it part of your daily routine, or use its built in auto-update feature if it has one. But don't assume the auto-updates are working - check. If the update is scheduled to run when your computer is off, it's not updating. 
• Regularly scan your files, and configure the anti-virus software to automatically scan your downloads and email.
• Apply all updates for all software on your computer.
• Consider non-Microsoft programs which are less integrated with Windows (such as Thunderbird, Firefox) and stop using the address book integrated into Windows (use a password protected database or spreadsheet instead).

Trojan horses are an effective tool for intruders to use who want access to your PC. Trojans promise / pretend to be one thing when in fact they serve an ulterior motive. A Trojan may be disguised as a useful program while containing hidden malicious functions that exploit the privileges of the user. Trojans can do things the user doesn't want and usually doesn't know is happening because it all occurs in the background. Open your task manager and look at all the processes running in Windows. Do you know what all those processes are for and whether they are legitimate? Maybe it's time to find out. I have lost count of the number of times I have looked at someone's processes and found trojans or some other malicious software operating in the background. By the way, Google is your friend here.

Most Trojans get onto PCs because users are ‘tricked’ into installing them. A Trojan might arrive in an e-mail attachment from a friend, described as a great utility, a screensaver, a cool game, a funny joke or even a fix for a security vulnerability! Consider that infections can automatically email themselves to you and spoof the 'from' address. So just because you receive an attachment from someone you know, doesn't mean it's safe. Quite often the (infected) sender didn't even know the email was sent in the first place, assuming it even came from their PC at all.

Pop quiz: If you receive an email from someone you know and it has an attachment, is it OK to open it? The correct answer is NO!. Even if I'm expecting an attachment from someone, I'll still confirm it before trusting the source. Remember, there's no way for you to tell if the email was generated by a virus or by a person.

Trojans operate with the same privileges as the user (a program often has the same rights to folders and files etc. as you do). Windows has gotten better on this front - the User Access Control feature asks your permission before a program changes your system. But some people turn this safety feature off - bad idea. Therefore Trojans can delete files; send files to another computer; alter files; block your anti-virus program's ability to download updates (OH YES!); install other programs including other Trojan horses or viruses, all while the user is totally unaware. Trojans are the method attackers use to turn computers into 'zombies' or 'bots', which can be remotely organized to participate in Distributed Denial of Service (DDoS) attacks on other computer systems (typically corporate servers). Trojans are also being used to send out spam e-mail. Now that originators of spam are being sought by law enforcement, they try to cover their tracks by using other computers to do the distributing. Now that most internet users have an 'always on' connection, we are easy targets to be used as zombies or bots. This includes ADSL and cable modem connections, as well as high speed government, corporate and university networks.

Internet Security

Once the vulnerabilities in your Operating System and the programs you use have been identified and fixed (by running all updates), you need to focus on the network connection. You will want a kind of 'perimeter defence' on your network, called a firewall. A firewall can block and monitor the conversations programs on your computer have with other computers online - and deny anything that hasn't been specifically permitted by you. A firewall can aid in protecting your computer from attacks when connected to the Internet. This is essential since most of us have an 'always on' connection like ADSL, Wireless Broadband or Cable modem. Always on Internet connections make it easier for your computer to be discovered. If someone out there is probing for computers with known vulnerabilities and your system is detected, you could be infected or accessed. If a Trojan should find its way onto your PC, a firewall could prevent the Trojan from gaining internet access. If your PC is infiltrated, it could be used to access your work's corporate network whenever you connect to it. Or it could be used to launch denial of service attacks on other networks, or deliver spam.

The 'personal firewall' is just a consumer grade version of a tradition software firewall - it has just enough features to make it easy to use and help you sleep at night. Personal firewalls run as software on your PC. One of the more known products is Norton Internet Security. Other retail offerings include McAfee Firewall, PGP 7 Firewall and PC Viper Personal Firewall. There are even some free products available such as Zone Alarm, eSafe, Sygate and Tiny. Windows has a firewall built in, but it doesn't have the flexibility and customizability some people want. Each of the aforementioned products offer varying features. If you get a firewall, learn everything you can about what it can and cannot do. Do not use more than one firewall program (on your PC) at the same time - they will interfere with each other. Understand that a firewall is not a 'set and forget' program. Every new piece of software you install that connects to the Internet may require a re-configuration of your firewall.
You can read some great comparisons of Firewall products at Security Portal and at SysOpt. There are more reviews of several firewalls at Steve Gibson's Shields Up site. Steve Gibson endorses one of the free products for personal use mentioned earlier called Zone Alarm.

If you have purchased a Cable/DSL or wireless router, it probably has a firewall built in. The firewall in your router will do nothing to stop outgoing connections, such as the ones created by malware. That's why the Windows firewall or other software equivalent are still needed. Many people are left with the impression that a firewall suddenly makes them immune to any type of security problem. Nothing could be further from the truth, and some firewalls (even the high cost professional ones) have already been shown to suffer from their own vulnerabilities. Firewalls have a fundamental weakness. Just like the doorman at a nightclub, they can be bypassed. A rule allowing the web browser access the Internet for example, can be taken advantage of by malware that can hijack the browser. A weakness of desktop firewalls is that they can only monitor data that is processed by the communication modules of the operating system (WinSock). If a harmful program uses it's own communication module (it's own protocol stack) the firewall likely can't do anything about it. It's like showing up to the nightclub with your own door, that instantly installs itself to the back wall - letting you in for free.

Also, a firewall will do nothing to prevent you from receiving (or opening) a malicious virus or Trojan via email, any messaging program, Facebook, Twitter, downloading torrents, etc. You must understand that connecting your PC to the Internet carries with it a certain amount of risk. All of these measures simply help minimize the risks. Hopefully you realize that it has become increasingly important to know what is running on your PC.

Many people have asked me which software controls I prefer to keep their children safe from visiting sites with objectionable content. My answer is that most of these programs are not perfect, in that they use rules to determine access and these rules are far from fool-proof. Also, net nanny type software can be bypassed quite easily. If I have a Knoppix or Ubuntu (Linux) live CD, I can completely circumvent Windows, let alone any program running to filter (or record) access to the Internet. If you want to watch what your children are doing online, take their computer out of their room and set it up in an open space, where you can supervise them as needed. Keep in mind that any opportunity for them to access objectionable content outside the home or on mobile devices will nullify any steps you have taken.

PC Security

The Internet is based on the concept of sharing information. But the Internet was originally designed by and used by people who trusted each other. The Internet also started out as a private network. It is not private anymore. Yet we now connect our computers to this network and our computers often contain very personal bits of information that we would not want made public. This includes pictures, credit card numbers and other forms of financial data, email addresses, private correspondence, even sensitive information about work. This data needs to be protected, yet when we connect to the Internet with an insecure, improperly configured computer, we are making it possible for others to access this information quite easily.

 

But protecting your computer isn't just about securing your information. If made into a bot or zombie through infection, your computer can be used by others as a launching point for attacks on other computer systems or as a delivery mechanism for spam. It's a pessimistic description of the situation, but you must be aware of the risks that exist in connecting a computer to this network. Mobile devices are another can of worms.

 

So what can you do? Before I launch into my rant about some facets of PC security, you may want to quickly check out my security tips. Then be sure to return to this spot.

Please realize that your software is not perfect, in fact it's quite flawed. So much so, that many pundits criticize Microsoft and many other software companies for the sorry state (security-wise) of their products - some would say rightly so. Important first steps toward securing your PC include eliminating the vulnerabilities inherent in your software. I'm talking about the operating system (OS)and the programs you use. Security flaws or vulnerabilities inherent to Windows are discovered regularly. When these vulnerabilities are discovered, the companies that made them will usually develop updates to fix the problem. If Windows isn't configured to download and install these updates, and/or correctly configure your other software to operate more securely, some vulnerabilities still exist. One is just as bad as many. Much of the damage done to corporate and home computers could be prevented if computers got all updates installed as soon as they were available. You'll find that a fresh install of Windows without the complete collection of updates connected to the Internet will likely be infected within minutes. That's even before you start surfing the web or getting your email.

This problem is a double edged sword. You're not really safe online until you obtain and apply the Windows updates, but you have to connect to the Internet to get them in the first place. This problem can be mitigated somewhat by installing security software (such as Microsoft Security Essentials) right away, then running Windows update soon after.
 

One of the things that makes a Windows computer susceptible is the way programs like (especially) Internet Explorer and MS Office have intertwined themselves with the Windows operating system. This is one of the reasons why some folks switch to non-Microsoft products to browse the web (Opera, Chrome, Firefox), manage email (Eudora, Thunderbird) and for productivity applications (Open Office, Star Office, Corel Office). These alternatives have a cleaner track record today, but this is partly due to the fact that Microsoft is an easy target due to its dominant (90%+) market share. Once alternatives become more prevalent, people will begin to discover and exploit their vulnerabilities too - and they do exist, they're just not in the spotlight at the moment. I've heard it said that Linux and Mac OS OS are more secure operating systems than Windows. While they do have fewer problems than Windows, that will likely change once they become more popular. 
 

No matter what software you use, you should find out what features put your system at risk. If the preview feature is on, e-mail programs like Outlook or Eudora allow program code to be executed within downloaded email messages, before the user even opens the message. ActiveX controls, Visual Basic and Java Scripts offer similar problems, as they can execute within a web page or email without you knowing. Tiny scripts can be written to access your system files or deposit a Trojan. You have to be aware that a program running on your computer may have the same rights as you do (such as reading, writing and deleting files). The solution? Be vigilant about getting the latest updates, especially those related to security. Be sure to get them directly from the company who created the program. These days, some infestations even come disguised as patches to Windows vulnerabilities which are offered up to you. Never accept an online offer to fix a problem with your PC. The legitimate companies don't work that way. The Computer Emergency Response Team (CERT) at Carnegie Melon University has put together a brilliant primer on Threats To Home Users.

Speaking about all of these problems can lead to a paranoid user. I am not trying to scare you, but to motivate you to learn more about security and take it seriously. Speaking of paranoia, I take issue with people who would suggest that everyone must delete their cookies and disable Javascript on their web browsers. Cookies, in many cases are what make certain Web applications function. They are not the malicious entities some people paint them to be. Cookies may potentially be used to track you, but they can't extract information from your computer such as your name or e-mail address. They can't steal any information about you that you didn't provide to the web site in the first place. Cookies cannot magically figure out your credit card information. When it comes to Javascript, there are many commercial and corporate Web-based applications that simply won't function unless you have Javascript enabled. For the Windows-based user, get to know the "security zones" settings in IE - so you can define who you trust and who you don't, and what you trust each person or zone to run on your computer.