Specialized Computing Blog

Increasingly sophisticated software, faster networks and online communication have brought many technological advances and benefits. However, with it have come increased security risks including many previously unknown ones as the bad guys harness this very same technology to further their evil ends.

Some of the more common threats and ways of overcoming them are:

Viruses – These are malicious software codes that cause undesirable effects on your computer. A virus is designed to spread itself without the knowledge of the computer user. A computer may become infected through downloads from the internet using CD’s or disks with infected programs or from other computers on the network. Another extremely common way viruses spread is through infected email attachments. Given the many modes of transmission viruses are clearly a threat online as well as offline. The old adage “Prevention is better than the cure” is particularly true in the case of computer viruses. You can save yourself a whole heap of trouble and countless hours of misery by avoiding infection in the first place rather than trying to repair the effects of viral infection. Some simple rules can help you achieve this:

1. Install a reliable and reputable anti virus software and run regular scans. Preferably have the scan run on boot up.

2. New computer viruses are created everyday. Ensure that your anti-virus software is kept up to date with the latest virus definitions.

3. Do not download software from questionable or unknown sources. Always scan software using your anti-virus software before executing or installing on your computer.

4. Do not open email attachments from unknown senders. It is best to use an anti-virus software that automatically scans your email and can warn you if any threats are detected.

Worms – These are a type of virus which replicates itself and takes control of computer resources. The main distinction between a worm and other viruses is that a worm does not necessarily have to live within a host program and can run itself.

Trojans – these are malicious programs that masquerade as something useful thereby enticing the computer user to execute them and unleash their nasty payload.

Spyware – these are programs usually installed secretly along with other software whose purpose is to capture information about the computer user, the computer installation and other sensitive information about computer usage. This information may then be transmitted to a third party either by email or through the software “calling home” to transmit information to a remote website. Depending on the nature of information collected and transmitted this could pose a serious security risk.

Adware – propagated in a manner similar to spyware, these programs serve to pop up advertisements on the user’s internet browser or desktop. These programs too may capture information about the user’s browsing or purchasing habits so that advertisements may be tailored to suit.

Keyloggers – These are programs that record keystrokes entered through the keyboard and then secretly transmit this information to a third party. Naturally this can expose passwords, credit card details and other important information.

Control of worms, trojans, keyloggers, spyware and adware is achieved using similar strategies to those adopted for viruses, namely using appropriate anti-virus software including spyware and adware scanners and avoiding executing programs obtained from unknown sources.

Hackers accessing and taking control of a computer is another serious risk especially today with the widespread use of “always on” broadband internet. Hackers may exploit vulnerabilities in legitimate software or use trojans or viruses they have implanted to gain control of a computer which they can then use for sending unsolicited commercial emails (spam) or for other illegal activities. The idea here is to shield the perpetrator from detection as the illegal activity appears to originate from the computer they have taken control of.

In order to minimize risk of hacking attacks it is important to ensure that software used including the operating system is kept up to date by installing all vendor supplied updates and upgrades especially critical and security related updates. An effective firewall is another vital defence against unauthorized access by third parties. A firewall could be installed on the modem used to connect to the internet or as a software program that runs on the computer. The firewall serves to control who and what programs are allowed to accept or make connections with the internet. A firewall can also be useful in detecting and controlling programs like keyloggers which attempt to call home.

Phishing is another security phenomenon that has seen an alarming increase in recent years. Criminals are employing increasingly convincing and sophisticated means of sending emails which appear to originate from legitimate websites. However, links in these emails actually lead to websites controlled by them where they can capture valuable personal information such as logins and passwords. This is commonly used to cheat unsuspecting users by tricking them into revealing online bank login details etc. The golden rule in dealing with phishing attempts is to treat all emails which request personal information with at least skepticism if not suspicion. Never click a link in an email and enter login information or other personal information as the ultimate destination of that link may be cleverly concealed. When logging into online banking sites for instance always type the address in the browsers address bar. It is also important to pay attention to security features on webpages where sensitive information is input. A webpage address that starts with https: and shows a padlock symbol is secure. This means that any information transmitted from that website is encrypted and is therefore not at risk if intercepted.

There are offline risks to your computer as well. For instance it is important to select strong passwords which cannot easily be guessed. Ideally they should be at least 8 characters long and not consist of a regular word or name and comprise a combination of numeric and non-numeric characters. The strongest password would serve no purpose however, if a hacker is able to get you to disclose it to him. It is important to always be on the look out for social engineering attempts which aim to get you to unknowingly or knowingly reveal sensitive information such as passwords.

Needless to say physical security of your computer is also vital. The best antivirus software and firewall will not protect a laptop left in full view in an unlocked car! Maintenance and adequate care of hardware should not be neglected either. Regular backups stored in a location away from your principal computer and uninterruptable power supplies are good ideas to protect the integrity of your hardware and data stored thereon.

Perhaps the only way that comes close to completely eliminating every possible risk to your computer is to never turn it on and store it in a locked vault! However, even that may not work one hundred percent of the time. Nevertheless, it is possible to minimize your risk to an acceptable level by following common sense and adopting some of the simple rules discussed above.

Removing an unwanted item from your computer can range from the trivial, to the downright nerve-wracking. Here are some of the most basic types of unwanted items and how they may be removed.

First let us classify the various types of ‘unwanted items’ in existence. Also for the purposes of this article, assume that a Windows-based computer is the object of this exercise.

Unwanted items in the most generic sense may appear in the form of files (items of data), or programs (executables), either fully installed in the normal fashion (using the Windows Installer program), or simply stored in some folder location. The latter simply needs to be clicked on for it to run as intended, or unintentionally triggered by some other process. Moreover, programs may be ‘hostile’. In other words they may be malware – a virus, trojan, spyware or Adware.

Below are listed some of the more common types of unwanted items that may be found on your computer.

Unwanted Data:

Removal of unwanted data can be simply by identifying, locating and deleting the data file, followed by emptying the trash can.

However, you should be aware that if security is an issue, simple file deletion as described above will not completely remove all traces of the data. To ensure that sensitive data is removed ‘forever’ the data must be overwritten with new data designed according to recognized secure methods. Details of such a procedure are beyond the scope of this article and should only be attempted by an experienced user.

Since it is theoretically possible to retrieve even data that has been overwritten, some would argue that the only secure way to prevent sensitive data from ever being retrieved is to physically destroy the hard disk originally used to store the data. It is safe to say, though, that retrieving data that has been overwritten is way beyond the capabilities of all but the most technically sophisticated, and probably isn’t a concern for the vast majority of the population.

Cache Files:

Cache files are used by Windows to help speed up the execution of routing and/or repetitive operations. While these are not ‘unwanted’ in the strictest sense of the term, over time the cache file size may grow unnecessarily large, thereby degrading computer performance. There are various means to delete the cache files of various programs. A Google search should yield the information you need.

Internet Temporary Files:

During the course of the normal use of Internet Explorer of other Internet browser, many temporary files are created. Again, there are various means to delete the cache files of various programs. A Google search should yield the information you need.

Windows Temporary Files:

Windows creates temp files during software installation as well as various other operations. These files provide the ability to easily recover from various possible ‘glitches’ that may occur during execution of a given process. These are often automatically deleted by the program that created them, but should you find that your temp directory is unmanageable, a Google search should give you the appropriate procedure to delete the files you’re being troubled by.

Similar to Cache files, Windows uses ‘temp’ (temporary) files to provide smoother operation of various installed programs. Temp files are conspicuous by their ‘.tmp’ file extension. For example, you will find temp files being created whenever programs such as MSWord or Excel are used.

Unwanted Installed Programs:

Any program originally installed using the Windows installer may be uninstalled by the usual (recommended) method of going to the Control Panel and running the ‘Add/Remove Programs’ utility. Many programs are also supplied with their own uninstaller. In such cases this feature should be used as a first option for its removal from your computer.

It should be noted that if the program’s own uninstaller and/or Windows Add/Remove Program utility fail to remove the program, other more intrusive means of removal may be employed, but should only be attempted by experienced users.

Malware:

The removal of malware (spyware, adware, etc.) is typically the most challenging of all the procedures described thus far. In fact, the initial obstacle is recognizing that such an ‘infestation’ does indeed exist.

Some of the first signs of possible malware infestation are:

- Erratic computer operation.

- Computer crashes.

- Slower-than-normal operation.

- Pop-up messages warning of virus infestation or other problem (trying to scare you into taking some particular action, such as visiting a website promising to fix the problem).

- Your Home Page suddenly being changed from the normal site (home-page hijacking).

To be sure, there are other factors that may slow down your computer or cause erratic behavior, such as file corruption, or software bugs. However, there are a few procedures you can follow which will reduce or eliminate the possibility that your computer is in fact the victim of a malware ‘attack’.

It makes good sense to run a complete check for malware and remove any items found, and then perform routine maintenance procedures (temp file removal, etc.).

Simply put, the Windows registry is a directory which contains keys and values that hold data necessary for the operating system, software and hardware to work properly. The registry contains, for the most part software settings and configurations that would otherwise be scattered around the system as .INI files.

When you install a new piece of hardware (or software for that matter) a new set of keys and values are created within the registry. Sometimes software applications which are poorly coded may alter values within the registry that could affect the way your computer works.

To illustrate this point we can provide the example of spyware applications that change or alter the behavior of other applications within your system such as your browser. The worst-case scenario is that when a user tries to remove a spyware/adware program he will be able to complete this task successfully but because the spyware program has already altered certain keys and values in the registry which is the underlying settings for the Web browser (or Internet access) the user will no longer be able to use the application that was bundled with the spyware/adware and as a terrible side affect the user will not be able to gain access the Internet either.

Since bad registry keys and values can affect the performance of the operating system and other applications within it, registry repair applications have been developed to look for registry entries that are no longer needed (because the software/hardware may have been uninstalled) and repair conflicting or redundant registry values. At this point some PC users may be thinking of doing a registry cleanup and tune-up manually; advanced PC users will definitely know what software and hardware has recently been uninstalled and removed therefore they will try to alter the registry manually.

While the registry can be tuned up manually, it can be quite a hassle because of its sheer size. So to automate the process one can use a registry cleaner, this will be a far more efficient way to address the problem. Most registry cleaning applications provide a list of possible entries that may be in direct conflict with other values that will in turn affect the performance of your system, after the software has scanned the registry you can manually select which item to remove, which ones to repair and which ones to leave untouched.

Registry repair software has been programmed to identify the most common registry values that are created by malware and after the registry has been scanned, the suspicious keys and values will be displayed in the report to show users which entries were removed along with a short explanation.

Windows registry repair options

– Live OneCare: this is a program which was developed by Microsoft to provide the end-user all the benefits of having a security center and PC tuneup application that can increase the speed of the operating system by removing unnecessary and suspicious registry entries. This software program includes a Antivirus, anti-spyware, firewall and backup/restore functions.

– PC Tools Registry mechanic: this is an application developed by PC Tools that is intended to be used by people who want to increase the performance of their system by finding unnecessary registry entries and repairing those that may be damaged.

There are many more software applications that have been designed to clean and solve registry problems. Some of them are: Registry fix, Clean MyPC, Registry first aid, advanced Registry, ACE Utilities, Advanced System , Fix it Utilities, and many more.

Regardless of which software application you choose, make sure that you first make a backup of your registry before you go and make any changes that will potentially alter the way your system behaves. If the application doesn’t offer a way for you to backup your registry then it would be wise to do a quick Google search and get some additional feedback on the different ways you can backup your windows registry before any changes are made.