PCFIXZONE
Your #1 PChelp Portal
Search pcfixzone using Google

Left Menu

Virus Advisory

Protection

Security

Antivirus
Right Menu
Friendly Sites

Essential Software

Drivers

Service Packs

Basic Computer Tutorial

This basic computer tutorial is written for those who do not know very much about computers. The purpose of this basic computer tutorial is to help the reader better understand how to use their computer more effectively and safely. It will help the reader understand:

  • What files and file types are.
  • How to copy files.
  • Where your files are stored.
  • What the parts of your computer are.
  • What an operating system is.
  • What a computer program is.

Security and Performance

With the above basic information, this tutorial will explain methods that you can do to make your system more secure, keep your data safe by backing it up, and avoid most performance degradation caused to bad applications and SPAM.

  • How some file types can be used by third parties to gain control of your computer.
  • How to modify your file view settings so you are not as easily fooled by e-mails containing viruses.
  • How to prevent viruses and worms.
  • How to reduce SPAM.
  • How to back up your files.
  • How to reduce or eliminate unwanted programs that could reduce your system performance.
  • What to do if you receive a virus or worm.
  • What to do if you receive an e-mail telling you that an e-mail you sent contained a virus.

This basic computer tutorial gives some basic information about hardware, operating systems, and programs in the first half to help the reader understand later information about files, e-mail and computer security practices. Depending on the reader's level of knowledge, some of the basic information may be skipped and the reader may refer to the terms page if they do not understand some of the terms.


Computer Data

To help understand computers it is best to first learn about computer data. Computer data is information required by the computer to be able to operate. It is used to:

  • Run programs - This is the actual executable program data that the computer will execute to run the program such as Microsoft Word.
  • Store program or system configuration information.
  • Store information that the computer user needs such as text files or other files that are associated with the program the computer user is running. A common example of a program the computer user is running is the Microsoft Office suite of products which include Microsoft Word, Microsoft Excel, and others. These programs are also known as applications.

Data Structure

Computer data is in what is called binary format. This means that it is always a 0 or a 1. It only has these two states and must be in one of them.

There are several fundamental data units which include:

  • Bit - A data unit which must be in one of the two binary states described above. It is the smallest data unit that exists.
  • Byte - 8 bits of data which has a possible value from 0 to 255.
  • Word - Two bytes or 16 bits of data with a possible unsigned value from 0 to 16535.

Data transmission

Data transmission is the act of sending data from one place to another. Data is transmitted both inside and outside your computer. There are two fundamental methods of data transmission.

  • Serial - Data is sent on a single line and one bit is sent at at a time. This is similar to a line which one item must come one after another.
  • Parallel - Data is sent on more than one line at a time. This may be any number of bits at a time, but is usually one word at a time (two bytes) or possibly three bytes at a time.

Computer Hardware

The term computer hardware refers to the various electronic components that are required for you to use a computer along with the hardware components inside the computer case. As you know your computer equipment is made of several common components. These include:

  • The main computer box.
  • A monitor - Looks like a television screen.
  • A keyboard.
  • A mouse.
  • Speakers.
  • An optional printer.

The main computer box is the main component of the computer. It has computer hardware parts inside that perform the following functions:

  • Temporary storage of information (known as data in more technical terms) - This function is done by memory.
  • Permanent storage of information - This function is done by a hard disk, floppy disk, or CD ROM.
  • Manipulation or processing of data - Used to determine where data is stored and perform calculations which support operations that the user is doing.
  • Interfacing to the outside components or to the outside world - This supports the ability for the user to communicate with the computer and know how the computer is responding to commands which are done primarily through the monitor, keyboard, and mouse along with their interface components in the main computer box.
  • A power supply which provides the electrical power to the components in the computer box

The Main Computer Box

The main computer box is made of several computer hardware components and subcomponents which include:

  • The case - The outside component which provides protection for the parts inside and provides a fan and power supply which are used to both cool the working parts inside and provide power to them.
  • The motherboard - Hold the following computer hardware subcomponents:
    • Memory - Used to provide temporary storage of information as discussed earlier.
    • Microprocessor - Used to provide the processing of data function as discussed earlier.
    • Video interface card which is also called the video card - This card is an interface between the computer monitor and the motherboard and its subcomponents such as the microprocessor and memory. This card may be included as part of the motherboard or it may plug into a card slot on the motherboard.
    • Sound card is an interface between the computer speakers and the motherboard and its subcomponents such as the microprocessor and memory. This card may be included as part of the motherboard or it may plug into a card slot on the motherboard.
  • One or more permanent storage devices some of which may be optional:
    • Hard disk - Most computers today have a hard disk (sometimes called hard drives) which is the component most commonly used to provide permanent storage of data. Hard disks are usually permanently installed in a computer.
    • CD ROM drive or DVD drive - Used to provide permanent storage of data but this type of drive is used to bring information into the computer more commonly than it is used to store information from the computer. Sometimes this type of drive is used to back up data from the hard drive so data is not lost if a hard drive breaks. A DVD drive holds more data than a CD ROM drive and DVDs have enough storage capacity that they may be used to play or store movies. The storage media, the CD ROM or DVD may be removed from the computer.
    • Floppy Drive - A low capacity storage device which can be written to as easily as it is read. The floppy disk may be easily removed from the computer. It is called a floppy because the part of the media that holds the data is on a material that is not rigid but it is enclosed in a more rigid case to give it durability.

There are also other minor computer hardware components inside the case which include cables which may be used to hook other internal parts together along with connecting an interface to the case for printers and other devices such as a high speed serial bus called USB. (A serial bus simply refers to the fact that data is sent in a stream which is like sending one bit at a time.

The Case

The drawing below shows a typical case. It may help you understand where your connections for your monitor, keyboard, mouse, and other devices are if you should need to hook them up. For more specific information you should refer to your computer owner's manual.

Typical Computer Views

The drawing below shows a typical layout of the components inside your computer case.

Inside the Case

Components

Each different part in a computer has a different task to perform, just as each part in an automobile has a job to do. Each part works differently in order to get it's job done. There are many misconceptions about what parts do what job, and here, we will set out to correct them. Knowing what function each part has is very rewarding. If one knows what part does one, they can easily narrow down problems in a computer.

The Processor

"CPU"
The processor is known as the brain of the computer. In fact, it's not. If anything, the computer as a whole serves as a brain. The processor is just a really fast calculator. It adds, subtracts, multiplies and divides a multitude of numbers. There are two parts of the Processor that do the math. The first part is called the Integer unit. It's job is to take care of the "easy" numbers, like -5, 13, 1/2, etc. It's mainly used in business applications, like word processors, spreadsheets, and the Windows Desktop. The other half is called the Floating Point Unit. It's job is to take care of the really hard numbers, like the square root of 3, pi, "e.", and logarithms. This part of the CPU is mainly used in 3D games, to calculate the position of pixels, and images. For years, Intel's processor have had the best Floating Point around, but as of late, AMD's Athlon Processor has stolen the crown away from Intel. That is why were are seeing the race for 1GHz speed up so dramatically today.

 

The Hard Drive

"HD"
The Hard Drive is simply a multitude of metal disks that spin around inside your computer, with heads that move around those disks. Those heads read and write data to the metallic disks. The reason for using a Hard drive is because the hard drive is the only part inside a computer that stores data while the computer is off. (Besides removable media of course.) Your Hard Drive is what stores all of your settings, programs, and the operating system while your computer is off. The only draw back to the hard drive, is that it is mechanical. That means it has a tendency to break down every once in a while for no reason, and it is slower than electronic means of data storage.

 

Random Access Memory

"RAM"
RAM is easily confused with Hard Drive, because both store data. The two are actually very different. The RAM is a chip that holds data, only as electricity flows though it. It is very fast compared to the Hard Drive, but is also expensive, which is why we don't use it for our primary data storage. RAM is used as a interface between the Hard Drive and the Processor. If the Processor needs some data that's on the hard drive, the chipset (well get to the chipset later) will retrieve the data from the hard drive and put it into memory, so the processor can access it faster If the computer runs out of room in the RAM, it will make a file on your hard drive, called "Virtual RAM." "Virtual RAM" is just an extension of real RAM on your Hard Drive. As said above, the Hard drive is much slower than the RAM, so when the computer gets the data straight from the Hard Drive, your computer will also seem like it freezes, because it will be running so slowly. Once you shut your computer off, there is nothing stored in the RAM, because there is no electricity flowing through it.

 

Cache

"L1,and L2"
The Cache is high speed RAM. It stores commonly used data and instructions from the processor so that it doesn't have to go to the slower RAM to get it. This is why the modern day computer is so fast. Without cache, most processors would be limited in speed by the RAM. Without it, your computer would be running terribly slow. The Cache is split up into 2 different Levels. The first level, L1, ranges in size from 32KB to 128KB. It is split in half and resides with in the CPU core, next to the Integer and Floating Point Unit. The first half stores commonly used data, and the second half stores common instructions that the processor carries out on the data. The second level of cache, called L2, is for data only. Some L2 Caches are on the motherboard. Others are on a special cartridge with the CPU. Newer L2 Caches are in the CPU core, with the L1 cache.

 

The Chipset

The chipset is the boss inside the computer. It controls communication between the components. The chipset is split up into two basic chips. The first chip, called the North Bridge, handles communication between the AGP bus, (if it exists), RAM, processor, and the South Bridge of the chipset. The South Bridge handles all the Input and output of the computer, including the PCI and ISA Bus. The Processor, Memory, Cache, and Chipset all work together to function as a logical brain.

 

That covers all the major parts of a computer.


Software and Hardware

Hardware

The term hardware describes the physical parts of your computer which you can physically touch or see such as your monitor, case, disk drives, microprocessor and other physical parts.

Software

The term software describes the programs that run on your system. This includes your computer operating system and other computer programs which run. Software is written in a computer language (such as Basic, C, Java, or others) by programmers. The computer language is in a text format and can be read by a person although if you do not understand the structure and rules of the language you may not understand it very well. Once a program is written, an operation is performed on it which is called compiling. Compiling is the process of changing the textual written language into a binary language which can be understood by the computer.

Writing these text files and converting them to computer readable files is the way operating systems and most application programs are created.

BIOS (Basic Input/Output System)

BIOS is a low level program used by your system to interface to computer devices such as your video card, keyboard, mouse, hard drive, and other devices. What BIOS programs provide in the computer are very simple function calls or small subprograms which can be used by higher level programs to perform simple operations on computer devices. For example a BIOS program would provide the ability to write a character to memory on a video card.

BIOS is normally written in a low level computer language and is permanently or semi-permanently written into the computer system. This type of computer program is commonly referred to as firmware since it was historically written permanently into computer systems. Although BIOS is a program, because of its permanent state, it was not quite considered to be software so the term firmware is used to describe it.

Historically BIOS programs were written into a type of memory called ROM (read only memory). This type of memory would not lose its data when the computer lost power thus ensuring these BIOS programs would always be available. There were different variants of ROM memory some of which could be written multiple times but this memory could not normally be changed or re-programmed once the computer system was sold to the customer. Once ROM memory was written to, it could not be written to again and could only be read when in the possession of the customer. In more recent years a more flexible form of memory was developed called flash ROM which allows ROM memory to be written to after the computer system is in possession of the customer.


What is a Network

The word network can be used to describe a very large and complicated set of equipment. In its most accurate and simplest definition a network refers to the cables and electronic components that amplify the signals going through the cables. The amplifying equipment is necessary to ensure accurate communication and make the signal stronger if it needs to go long distances.

Broader Definition

When many people talk about a network, they are talking about a network using a very broad concept. For instance if someone cannot get to their email, they may say "the network is down". Likewise they may say this if they cannot surf the internet or get to their files. They may not stop to think that in each specific instance there is a single piece of equipment that may provide the capability which they are trying to use.

Most people who work on a corporate or organizational network think about the network in component parts. The three main parts are:

  • The cabling and amplifiers mentioned in the first paragraph.
  • The workstations which most members of the organization use to access resources.
  • Higher powered computers called servers - These are the machines that provide what network administrators call services. Services include the functions that most people try to use such as email, reading and writing files, printing, and getting to the internet. Whenever a user is trying to do something on the network, there is a service or machine providing the capability to do so. This even includes times when someone is trying to get to network resources from their home.

Services

Services include:

  • Email service
  • File service - Allows users to use and share file space on a computer with a lot of file space.
  • Print service - Allows printing to printers connected on the network.
  • Web surfing - Allowing someone to open web pages and see web sites on the internet.
  • Filtering out undesired sites on the internet.
  • Allowing someone to access the network from the outside (from home).
  • Updating virus definitions on workstations.
  • Allowing someone to log onto the network.
  • Even giving a workstation an address on the network is a service. If your computer does not have an address, it cannot access the internet or any other resource on the network.

A Typical Network

A typical corporate or organizational network is shown below:

Typical Network

Of course there are variations on this network layout and some details have been left out for the sake of simplicity but this drawing should give you some idea about what goes on behind the scene on the network at your organization. Some servers and server functions have not been shown here.

The firewall is the device that protects all computers in the network from many attacks. It allows some types of network traffic into the network from the outside, but usually only for mail or web services. Usually the internet traffic that that is allowed to come into the network is routed to the part of the network labelled "DMZ" on the right side of the diagram. DMZ stands for demilitarized zone and is also called a semi-private network. In this DMZ is a web server which is used to allow people surfing on the internet to see web pages posted by the organization. A mail server is also shown in the DMZ but this could be replaced by a mail relay server while the mail server is placed inside the private network. The mail relay server would forward mail traffic from the outside to the mail server. This would increase the security of the network since a direct connection from the internet to the mail server would not be allowed.

The private network is of course the most secure part of the network. There are several servers on this network including:

  • A login server (called a domain controller) which controls every ones permissions and access to the network resources such as files. Without this server, they cannot login to the network.
  • An address server (called a DHCP server) which provides addresses to computers on the network so they can communicate as discussed earlier.
  • A file server which provides common files and a private folder for users.
  • A remote access server which allows users to connect to the network by telephone from the outside.

Also the workstations are part of this network.

Conclusion

Knowing the above information, if someone cannot get their mail, they may think the network is down. This is not likely to be the case. The mail server may be down but the network is not likely to be down. The same goes for when someone can't surf the web. There may be a problem with the firewall or the line connecting to the internet, but it is unlikely that the whole network is down. When problems are noticed it is best for the user to describe what they were trying to do and what happened.


What is the Internet

The word internet is used to describe a network of networks which incorporate a very large and complicated set of equipment. To understand the internet, there are three areas of discussion which are very helpful. These include the various services provided across the internet, the functions that enable the internet to work, and the various organizations that are part of the internet.

Internet Services

The main services used on the internet include:

  • Web browsing - Supported by the HTTP protocol, this functions allows users to view web pages using a web browser.
  • E-mail - Allows people to send and receive electronic messages.

Other lesser used services include telnet (allows remote login to computers), FTP (Allows quick file transmission to remote computers), and gopher (An early form of text based form of reading internet documents which is rarely used today).

Internet Functions

The internet provides for the following two functions which support communications. Without the communications support mentioned below, the internet could not function. These two functions are provided by internet service providers listed below under the "Internet Organizations" header.

  • Physical lines that data is sent across.
  • Routing of data - There are special machines on the internet called routers, that determine where data needs to go to get from the sender of the data to the receiver of the data.

Internet Organizations

  • ISPs (Internet Service Providers) - They provide the connection to the internet for users and also provide routers that direct internet traffic.
  • Corporations or Web hosting providers with mail servers and web servers - They provide the information posted on the internet and virtual data connections to other mail servers.

There are also other organizations that regulate the internet, providing communication standards and designing new communication standards for improvements. These communication standards are also known as protocols.

Summary

So the internet is a collection of organizations that provide equipment that support the internet functions and services. The internet connects many corporate and organizational private networks together thus enabling all these organizations to easily communicate.

Accessing the Internet

People use an internet browser to access web pages that are available across the internet. Internet browsers include Microsoft Internet Explorer, Netscape Navigator, Mozilla, and others.

Web pages are created in a marked up form of text file called HTML (Hyper-Text Markup Language). The markup within the text indicates document structure showing where paragraphs begin and end, what items are in a list, headers, tables and other document structure.

When people are browsing of surfing the internet, they usually go from place to place by clicking on links. These links are locations for specific pages and indicate the three things:

  1. Protocol being used such as http or ftp
  2. The domain that the web page is found on. This will point to a specific organization's or company's web server.
  3. The location of the page on the server including the directory path and file name.

An example link is "http://www.pcfixzone.co.uk/tutorials/bootdisk.htm". In this case http is the protocol being used, the pcfixzone.co.uk domain indicates where the organization's web server is, and the " /tutorials/bootdisk.htm" part of the string indicates the folders the file is in and the name of the file.

These links are sometimes called hyperlinks or URLs (Uniform Resource locators)


Operating System Functions

What is an Operating System

The operating system is the core software component of your computer. It performs many functions and is, in very basic terms, an interface between your computer and the outside world. In the section about hardware, a computer is described as consisting of several component parts including your monitor, keyboard, mouse, and other parts. The operating system provides an interface to these parts using what is referred to as "drivers". This is why sometimes when you install a new printer or other piece of hardware, your system will ask you to install more software called a driver.

What does a driver do?

A driver is a specially written program which understands the operation of the device it interfaces to, such as a printer, video card, sound card or CD ROM drive. It translates commands from the operating system or user into commands understood by the the component computer part it interfaces with. It also translates responses from the component computer part back to responses that can be understood by the operating system, application program, or user. The below diagram gives a graphical depiction of the interfaces between the operating system and the computer component.

Operating System Interfaces

Other Operating System Functions

The operating system provides for several other functions including:

  • System tools (programs) used to monitor computer performance, debug problems, or maintain parts of the system.
  • A set of libraries or functions which programs may use to perform specific tasks especially relating to interfacing with computer system components.

The operating system makes these interfacing functions along with its other functions operate smoothly and these functions are mostly transparent to the user.

Operating System Concerns

As mentioned previously, an operating system is a computer program. Operating systems are written by human programmers who make mistakes. Therefore there can be errors in the code even though there may be some testing before the product is released. Some companies have better software quality control and testing than others so you may notice varying levels of quality from operating system to operating system. Errors in operating systems cause three main types of problems:

  • System crashes and instabilities - These can happen due to a software bug typically in the operating system, although computer programs being run on the operating system can make the system more unstable or may even crash the system by themselves. This varies depending on the type of operating system. A system crash is the act of a system freezing and becoming unresponsive which would cause the user to need to reboot.
  • Security flaws - Some software errors leave a door open for the system to be broken into by unauthorized intruders. As these flaws are discovered, unauthorized intruders may try to use these to gain illegal access to your system. Patching these flaws often will help keep your computer system secure. How this is done will be explained later.
  • Sometimes errors in the operating system will cause the computer not to work correctly with some peripheral devices such as printers.

Operating System Types

There are many types of operating systems. The most common is the Microsoft suite of operating systems. They include from most recent to the oldest:

  • Windows XP Professional Edition - A version used by many businesses on workstations. It has the ability to become a member of a corporate domain.
  • Windows XP Home Edition - A lower cost version of Windows XP which is for home use only and should not be used at a business.
  • Windows 2000 - A better version of the Windows NT operating system which works well both at home and as a workstation at a business. It includes technologies which allow hardware to be automatically detected and other enhancements over Windows NT.
  • Windows ME - A upgraded version from windows 98 but it has been historically plagued with programming errors which may be frustrating for home users.
  • Windows 98 - This was produced in two main versions. The first Windows 98 version was plagued with programming errors but the Windows 98 Second Edition which came out later was much better with many errors resolved.
  • Windows NT - A version of Windows made specifically for businesses offering better control over workstation capabilities to help network administrators.
  • Windows 95 - The first version of Windows after the older Windows 3.x versions offering a better interface and better library functions for programs.

There are other worthwhile types of operating systems not made by Microsoft. The greatest problem with these operating systems lies in the fact that not as many application programs are written for them. However if you can get the type of application programs you are looking for, one of the systems listed below may be a good choice.

  • Unix - A system that has been around for many years and it is very stable. It is primary used to be a server rather than a workstation and should not be used by anyone who does not understand the system. It can be difficult to learn. Unix must normally run an a computer made by the same company that produces the software.
  • Linux - Linux is similar to Unix in operation but it is free. It also should not be used by anyone who does not understand the system and can be difficult to learn.
  • Apple Macintosh - Most recent versions are based on Unix but it has a good graphical interface so it is both stable (does not crash often or have as many software problems as other systems may have) and easy to learn. One drawback to this system is that it can only be run on Apple produced hardware.

The operating system (OS)

Your operating system (or OS) looks after everything to do with your PC. Together with a basic , built-in OS called the BIOS, the operating system controls everything that comes into your PC from the keyboard and mouse, and everything that is displayed on you monitor or outputted to your printer.

It makes sure all the programs run correctly and do not interfere with each other, and controls your internet connection and links to other PC's and devices as well.

As it has so much to do, an operating system like windows will take up a huge amount of space on your hard drive and also be very complex. With everything that the operating system has to deal with, it is not hard to see where problems can arise - all it takes is for one piece of data to be put in the wrong place and suddenly everything goes wrong.

Windows XP has built up a strong reputation and is reckoned to be the most stable operating system that Microsoft has put out to date. The stability of an OS is reflected in how often it crashes or stops working - XP has proved to be the best Windows yet in that if one part of it stops working, it can normally carry on operating without bringing the whole system crashing down.

Windows XP now features more tools than ever before for identifying and rectifying problems. This means that you shouldn't have to reinstall the operating system every time things start to go wrong - something that Windows 96/98 users became accustomed to. Over the course of this feature, we will look at many of the trouble shooting tools built into XP and how to use them. Don't worry if you still use an older version of Windows though, as several of these tools are available in 98 and ME.

If you find that windows won't boot up at all, or that the system freezes as soon as you get to the Desktop, then you need the services of Safe Mode. Safe Mode is a special, stripped down version of the Windows environment that boots up your PC with only the bare essentials necessary. If a certain program that is set to start up with Windows is causing your difficulties, then Safe Mode will enable you to boot up without interference, giving you the chance to fix the problem before rebooting back into Windows as normal.

If something serious occurs when using your computer, it may restart in Safe Mode automatically. If you need to start in Safe Mode manually, following the instructions below.

The first thing you will notice when you start in Safe Mode is the Display - you will have a resolution of 640x480 under Windows 98/ME or 800x600 under Windows XP. By reverting to these minimum, safe settings, Safe Mode gives you the opportunity to rectify problems with your video card. For example, if you set the display resolution to a higher setting than your monitor can handle, you may be able to see the Desktop. By restoring the lower display setting through Safe Mode, you can get things back to normal.

One of the primary benefits of Safe Mode is that it gives you access to all of the troubleshooting and diagnostic tools available in Windows, such as System Restore.
You also have access to all the system maintenance utilities, including Check Disk, Device Manager and Add Remove Programs. Using these tools you should be able to find and repair many problems.

Back to top

Access Safe Mode

  1. When your PC first starts, you will see a black screen with your System Information. Hold down the F8 key and before long you should see a menu - from this, select Boot Into Safe Mode and Windows will continue to load (though Safe Mode takes longer to load).
  2. As soon as you get into Safe Mode you should see a screen with a popup dialogue box, this gives you the chance to restart Windows or carry on into Safe Mode operation, which is what we want to do. Click on the Yesto continue into Safe Mode.
  3. You are now in Safe Mode, here you can check all your settings and drivers, and use System Restore if you are unable to identify the problem any other way. It behaves just like normal Windows, though perhaps a little bit slower, so you shouldn't have any trouble finding your way around.
  4. A slow running system or frequent crashes could mean that there's something wrong with your hard drive. Check Disk is the relevant utility that can help you find out - you can find out it in the Start/All Programs/System Tools folder - so see if it fixes your problem.
  5. As we have mentioned elsewhere, you can use Device Manager to check that Windows is recognising your hardware correctly and to identify any troublesome devices. Right-click on My Computer, choose Properties, and then click the Hardware tab.

Back to top

Check Disk

Whether or not you are currently experiencing problems with your hard drive, it doesn't hurt to give your drive a check up every now and then to ensure it is running correctly. In Windows XP, the Check Disk (or CHKDSK) utility is the program you need the give your hard drive it's medical (in Windows 98 and ME, this process is handled by Scandisk). The program is capable of identifying most Hard Drive problems and can also fix most problems bar physical damage on the drive platter. Even in these rare instances, the program will also isolate bad sectors so you can continue to use the drive.

Using Check Disk

  1. Go to Start/My Computer, right-click your Hard Drive and select Properties. Click on the Toolstab at the top of the properties box. Here you will find not only Check Disk but also your Defrag utility and (depending on you XP setup) a backup tool also. To get the disk checker running, click Check Now.
  2. As well as just checking your disks, you can also automatically fix errors and recover bad sectors, by checking the two tick boxes. If however, you get a message saying the tool can not be run because files are in use, start your PC in Safe Mode then re-run the Check Disk program.
  3. The utility will now scan your disk for possible file system or physical errors. This process is usually carried out in three phases, and a green bar will move across the application's window to keep you updated on it's progress. At the end you will get a confirmation that all is well.

Back to top

Driver Errors

Hardware drivers are a common cause of errors and crashes, and if your PC experiences difficulties after you install a new piece of hardware or update a driver, it's almost certainly a driver compatibility problem. If you suspect your PC is suffering from driver related problems, Safe Mode should be your first port of call. This is because Safe Mode loads only those drivers that are known to be safe and that are required to boot your system. Once in Safe Mode, you can use the Device Manager to remove the offending device and uninstall the offending driver. You can then boot up as normal and reinstall a driver that you know works.
To do this, go to Start/Control Panel/System/Hardware and click Device Manager. You will see a list of the hardware installed on your system. Find the component that you think is causing the problem (Windows may put an exclamation mark next to it if it detects the cause). Double click on the offending device to see more details about it. If you like click the Troubleshoot button for online help that may assist you with your problem. To remove the driver, click the Driver tab and select Uninstall.
In Windows XP, Microsoft introduced an alternative means of dealing with troublesome driver updates. From the Drivertab, instead of selecting Uninstall, you can instead choose Roll Back Driver to revert to a stable alternative to the troublesome driver you just installed. You can find the full guide on how to roll back drivers below.

Back to top

Roll Back Drivers

  1. Make sure you are logged in as an administrator, then open Control Panel and double-click on the System icon. If you are not using the classic view, go to Performance and Maintenance and click System. In the System Properties window click on the Hardware tab.
  2. Click the Device Managerbutton and you will see a list of all the hardware on your system. Click the + symbol to see the devices, sorted into categories for easy reference. Right-click the device you are having problems with and select Properties.
  3. You will now see the properties for the device, including information showing it's manufacturer and type. Click the Driver tab and you can see details about the current driver, including the date and version number. You can also see whether it is digitally signed.
  4. Click the Driver Detailsbutton and you can see the individual files that make up the driver and whereabouts they are stored on the system. You can also see each file's version number - it isn't unusual for these not to match as sometimes only part of a driver gets updated.
  5. Click Roll Back Driver and if an earlier version is available you will be asked if you are sure you want to revert back to it. Reply Yesand the system will replace the current driver with the previous version. You may need to reboot your system for the process to complete.
  6. Once rebooted, you will see that the driver was reverted to an earlier one. You can update to new drivers from this screen too, although if the supplier recommends a different method of installation it's generally better to follow their approach.

Back to top

System Restore

It's not just drivers that can be rolled back to previous, stable versions - with the aid of System Restore, you can do the same to your entire Windows configuration. System Restore works by taking a snapshot of your system setup at regular intervals. These snapshots are called Restore Points, and by default they are created once a day and also before you install certain new programs. You can also create your own Restore points to record your current setup when you are about to make significant changes to your system. (See the guide below for instructions on how to do this). Using these Restore Points, Windows can later reset your PC to it's condition at that time, making it an excellent tool for solving many problems that come your way.
System Restore needs space on your Hard Drive in order to store your setups, and this can also be tailored to your needs. Your system's registry is also included in the backup, so this will be restored too, which is useful if you plan to make any changes to the registry. Your personal files are unaffected by System Restore, so even if you are forced to revert to a previous restore point, the documents you have created or edited in the meantime won't change. However, because the registry will be restored to a previous version, any programs you have installed since the creation of the Restore Point will probably stop working and need to be reinstalled.
An alternative to System Restore is to use the Last known good configuration. Carry out step one of Booting in Safe Mode but choose Last known good configuration from the menu.

Back to top

Using Restore Point

  1. Go to Start/All Programs/Accessories/System Tools/System Restore. Once here, creating a Restore Point is simple. From the main System Restore screen, click Create a Restore Point, enter a description and click Create. Your current settings will be backed up. I suggest this is done before any software installation as a precautionary measure.
  2. Restoring a configuration is just as simple. Repeat step one to start the System Restore utility, but this time check the radio button marked Restore my computer to an earlier time, then click Next to begin the Restore wizard. You can also alter your System Restore settings from this screen.
  3. On the next screen, you will see a calendar-style view and on the left of this, a list of the Restore Points available for any day that you highlight. Select the day you want to revert back to, then the Restore Point you wish to use, and click Next.
  4. The final window explains that restoration will cause your PC to restart automatically. Note that the System Restore will not cause you to lose any data, such as Word documents, though any programs installed after the Restore Point was created may fail and need to be reinstalled.
  5. To change the way System Restore works, such as limiting the amount of space it uses or turning off the facility on certain drives, you need to access the features Properties dialogue box. Click Start/Control Panel and double-click System. Then click the System Restore tab.
  6. If the System Restore is slow to make Restore Points, the Windows Management Instrumentation (WMI) service may be turned off. Go to Start/Control Panel and double-click Administrative Tools followed by Services. Find the WMI reference, and if it's status is stopped, right-click it and hit Start.

Back to top

Add Remove Programs

This speaks for itself. If after you installed a program you get problems, reboot into Safe Mode, go to Start/Control Panel/Add and Remove programs and uninstall the offending program. However, if the system boots OK but the program crashes, then you could try Compatibility Mode.

Compatibility mode

When Microsoft created Windows XP, it didn't just build on top of a previous version of Windows - it recoded most of the software, taking it's operating system in a new direction and leaving behind many of the conventions and rules of the past. The only problem with this is that there is a huge amount of older software around that ran very well on previous versions of Windows, but won't fare so well under XP's radically different framework. If you are struggling to get older software to work on your new PC, this is probably why.
In the years since Windows XP was released, most major programs have been updated so they run on the new system without a hitch. Unfortunately, the same can not be said of projects that were abandoned back in the days of 95 or 98. Help is at hand though, as Windows XP comes with a built-in Compatibility Mode function that tries to mimic previous versions of Windows and makes troublesome software believe that it's back in familiar territory.
In order to use Compatibility Mode, click Start/Help and Support and click Fixing a Problem link. Select Application and Software problems, followed by Getting older programs to run on Windows XP. This section will list a number of options, but the one we are interested in is Start the Program Compatibility Wizard. The wizard will now launch and will step you through the various settings required to get your program working, such as the display resolution required and the operating system you wish to emulate. A much quicker alternative is to right-click on a programs executable (or shortcut to it) and select Properties Click the Compatibility tab and choose the options you require.

Back to top


Applications

What is an application

Applications are programs that are installed. on computers to give users the ability to do specific tasks. For example, Microsoft Word® is a program that gives the user the ability to write documents. Some program packages come in a set with multiple programs included to provide multiple capabilities such as the Microsoft Office® suite of programs. This suite of programs also includes Microsoft Outlook® which is used to send and receive e-mail. It also includes other programs with more capabilities.

How Application Programs Work

Application programs are written in a text based computer language as mentioned in the section about hardware and software. Once written, they are compiled into a binary language the computer understands. The application programs use function calls (as described in the section about operating systems) to interface to the various computer peripherals such as your keyboard, mouse, screen, printers, and other devices. Most of these function calls are provided by the operating system so the application programs are usually compiled for a specific operating system such as Microsoft Windows 2000®, Microsoft Windows XP®, or Microsoft Windows 98®.

Application Problems

An application program is a computer program. It is written by human programmers who make mistakes. Therefore there can be errors in the code even though there may be some testing before the product is released. Application programs vary widely in the quality of the code. Errors in code are referred to as "bugs". Bugs can cause unpredictable results including system crashes, inability to perform expected functions, or providing an exploit for an attacker who wants to gain control of your system.

Application Acquisition and Installation

You get applications several ways. The most common way is to purchase it in a store and you will brind a CD home and install it on your computer system. The ways you may get applications include:

  • Purchase of a program from a store.
  • Download a purchased program on the internet.
  • Download a shareware program on the internet.
  • Download a free program on the internet.

Whether purchasing a program or downloading one for free on the internet, you should be aware of the quality of the product you are placing on your computer system. Ask yourself the following:

  • Do I know who made this product and are they a trustworthy source?
  • If the product is free, do I know why it is free?
  • Is there some hidden purpose for the product?
  • What is the reputation of the maker of the product?
  • What problems do users of the product have?

Before downloading a product or purchasing a product you should always spend at least a few minutes researching it. You should at least do a quick search on the Google search engine using the product name and the name of the product producer. You should perform a Google internet search and Google groups search to find out where discussions about the product have taken place. There are also many product evaluation sites that can be used to obtain reviewers and users ratings of the product before you buy or install it. Downloading and install the wrong products can not only seriously impede the performance of your computer system, it can also cause your privacy to be invaded.

Bad Applications

There are many types of applications that can cause problems on your computer system.

  • Applications with serious bugs.
  • Applications that come with unwanted programs. Some applications come with additional software that you may not really want but is installed by default. Normally this is only annoying and may slightly slow your system down when it boots because some ot these items will load every time you start your computer.
  • Adware - Most adware comes with programs that may be purchased or downloaded for free on the internet. Adware will cause advertising popups to appear on your computer. Besides being annoying, they will slow your ability to access the internet. Many times these programs will download other ad programs. These programs are very difficult to remove from your system because they are usually hidden on your system very well. Many times it requires an expert to remove these programs but later I will give you some tips on how you can either remove them or render them ineffective, but to be able to do this you must have reasonable knowledge about your system. There are some programs written to remove adware programs which I will discuss later.
  • Spyware - This usually comes with some free programs and it will monitor your internet activity and send information to some corporation. This type of program is not normally seriously harmful but most people do not want to have their activities monitored. There are also programs to remove spyware but it is best to not install it in the first place.

If you do your research before installing applications you will avoid most problem applications. It is best to ask your IT support personnel about an application before you install it. In fact many corporate IT policies are set so users cannot install programs on their systems. This is because installation of the wrong programs on corporate systems can jeopardize computer security for the entire organization.

Application Files

Applications have a variety of files they use for three basic purposes.

  • Executable files
  • Configuration files
  • Data files used by the user such as Microsoft Word® document files.

What Files Are

Files are a collection of data onto a permanent storage structure. They are stored on a permanent storage media such as a computer hard drive, CD ROM drive, floppy disk drive or sometimes even a tape drive. Files take a certain amount of room to store. For example if you have two text files and one file has one sentence in it while the other file has 200 sentences in it, the file with 200 sentences will use more room on the storage media.

File Functions

Different files have different purposes. Files are used to do one or more of the following functions:

  • Provide machine executable code which is used to run application programs and the operating system.
  • Store application program or operating system configuration information.
  • Store data used by the user such as Microsoft Word document files.

Therefore there are three types of information that files contain:

  • Executable code.
  • System or program configuration information.
  • User data.

These files are read by an application program or the operating system.

File Characteristics

Files have the below characteristics:

  • Name
  • Optional extension name - Part of the name, it is used by Windows operating systems to identify an associated program that can be used to read it
  • Size - Shows the space the file requires for storage normally showed in kilobytes (Kb) which is 1000 bytes
  • Type - Indicates the program used to access the file. The next section will talk more about file types.
  • Date Modified - Shows the last date the file was created or changed.
  • File structure - This characteristic is not viewable by the computer user but some programs can examine file structure to determine the type of file it is even when the file extension is changed.

The main items to remember include the facts that all files take a certain amount of room on their storage media and all files have a type which indicates whether they can be run by your computer. The file extension is one indication of the file type but not the only way to determine type.

If you are browsing your files using "My Computer" and click on "View" and "Details" you will see a window showing the file characteristics like the one below. Folders only take a little room on the hard drive and do not normally take as much room as files.

Local disk


File Types

Because files can have different purposes, they have different types. The file type is best identified by its file structure. For example a text file would have a very different structure than a file than can be executed. An executable file must have a specific structure to be able to be run. The file structure is used to determine its MIME type. The word MIME stands for multipurpose internet mail extension and is used as a standard to identify various file types.

File Extensions

In operating systems such as Microsoft Window systems, Linux, and Unix, a file extension is used to help identify the type of file. On Microsoft Windows systems, many file types are associated with a particular program which can read the file. For example a file with a .pdf extension can be read by the Adobe Acrobat application program.

Files are actually identified by what is called a MIME type. This can be done because files that are executable have a different structure than a data structure. Therefore file extensions are not the only way to identify a file type nor are they the most accurate. Apple Macintosh computer systems do not use a file extension to identify file types.

Executable File Types

The most important file type to be aware of are executable file types. This is because if you accidentally run an executable file on your system, it may install a virus or some other unwanted software program. Executable file types include:

  • .com
  • .exe

File Management

File Organization

Files can be placed in folders similar to the way single sheets of paper can be placed into folders in a file cabinet. Folders can be created on the hard drive or nested inside each other any way the computer user desires.

Browsing Your files using Windows

If using a Windows operating system double click on the "My Computer" icon on your desktop. A window like the one shown below will open.

My Computer

The first drive in the window shown is a floppy drive. It is labelled as drive A. The second disk is the system hard drive labelled as drive C. The third disk shown is a data disk shown as drive D. This is not a normal setup on most systems but I like to use a hard drive to hold my data that is different than the hard drive that holds the operating system. Drives E and F are compact disks (CD ROM drives) of which one is a read/write drive.

The drive letters will vary depending on how your system is configured and depending on whether you have any network drives. If you do have network drives, you should use them for the mail place you store your files. This is because files on network drives are usually backed up nightly in most organizations. If your files are not backed up and your hard drive fails, you will lose your data.

 

Local disk

Copying Files

There are several ways Windows operating systems allow files to be copied or moved. They include:

  • Drag and drop - In the window above it is easy to drag one of the files into one of the folders. This will move the file into the folder. This can also be done by opening two windows using the "My Computer" icon and dragging the file from one window to another.
  • Copy and paste - You can open a "My Computer" window, and do the following:
    • On the "My Computer" menu select "Edit", then "Copy".
    • Navigate to the location where you want to put the file. You can navigate by using the "Up" folder to go up one level into the folder structure or by double clicking on folders to enter them. If the "Up" folder does not exist in your "My Computer" window, on your menu, select "View", then "toolbars", then select "Standard Buttons".
    • On the "My Computer" menu select "Edit", then "Paste". The file will be copied to the location you have navigated to.

Copying Multiple Files

There are several tricks that can be used to make copying or moving multiple files easier. They involve the selection of the files to be copied or moved. You can hold down the Shift key and select one file by clicking on it with the left mouse button (called left clicking). While still holding the Shift key down left click on another file several files down on the list. This will cause all files from the first one through the last one selected to be highlighted and selected. Release the Shift key. After this, you can hold down the Ctrl key and by left clicking on any other files, they can be either selected or de-selected. Release the Ctrl key. Once you have selected the files you can move them by dragging and dropping them (after releasing both the shift and control keys) into another folder. This is done as follows:

  1. Put the mouse cursor over one of the selected files.
  2. Left clicking the mouse and hold it down
  3. Drag the file to the desired location such as a folder icon.
  4. Release the left mouse button.

If you want to copy the files:

  1. On the "My Computer" menu select "Edit", then "Copy".
  2. Navigate to the location where you want to put the file.
  3. On the "My Computer" menu select "Edit", then "Paste". The file will be copied to the location you have navigated to.

View Settings

The Default Windows Setting is Dangerous

Windows systems come with default file view settings. The default is to "Hide file extensions for known file types". This setting can be used to deceive a computer user into believing that a file is safe to open when it is not. Files containing viruses can be sent to a computer with the name "document.txt.exe" which is a file that the computer will run. The file will appear to the computer user as "document.txt" making the user believe that it is safe to open, but if the user clicks on it the file will be run and be able to infect the computer.

Changing the View Settings

This section will tell you hw to change your settings so you will always see file extensions. It will also tell you how to beable to see file details.

Open "My Computer" by clicking on the "My Computer" icon on your desktop. Click on the menu item "View" and select "Details" from the drop down menu. This will change the current settings for the folder or location you are in, but the change is not permanent yet.

To change the file view settings, if you are using Windows 2000 or XP click on the menu item "Tools" and "Folder options" selection. If you are using Windows 98, click on "View", and "Folder options". A dialog box similar to the one below should appear.

Folder Options

Click on the view tab and the dialog box will change as shown below:

Folder Options View tab

Click on the button in the Folder Views area that says "Like current folder" and answer yes when asked if you want to change all folders to match the current folder. Change the rest of the settings to match the dialog box as shown below:

Folder Options View tab

The first three selections are display settings which make it more convenient to navigate through files and folders. Be sure and uncheck the checkbox next to "Hide file extensions for known file types". If you are using Windows 2000 or Windows XP, this should be done for every user that logs in since each unique user that uses the machine will get their own desktop and user profile.


File Backups

File backups are very important to protect your data. Is your hard drive fails or your operating system malfunctions, you could loose all your data. If you do regular backups, you will drastically reduce the data loss that could occur.

Using the Network for Backups

Backing up your data is very important. If you are operating on a corporate or organizational network and have disk drives shared from a file server it is likely that files stored there are backed up every night. If possible you should store your files on this server.

Since Windows operating systems use the "My Documents" folder as the location to store your files by default it will be helpful to set up your system so the "My Documents" folder points to one of your network drives. If running a Windows 2000 or Windows XP system, you can right click on the "My Documents" folder ether on your desktop or displayed from the Start menu and select properties. A dialog box similar to the one shown below will appear.

My Documents Properties

Click on the "Move" button. A dialog box similar to the one below will appear

Browse For

Expand the "My Computer" object by clicking on the + next to it. Then select the appropriate network drive that is best to put your documents in.

How to Backup Data if You do not have a network

If you do not have a network and only have a single computer you should periodically back up your data. You should purchase or own one of the following:

  • A read/write CD ROM or DVD drive
  • A Zip drive
  • A tape drive - Usually these are more expensive.

You should be aware of where you store your files and you should also know where your mail files are stored by your mail program such as Outlook or Outlook Express. If you right click on your inbox folder in Outlook Express you can find the location where your mail is stored. On my system it is stored in the folder at: C:\Documents and Settings\Username\Local Settings\Application Data\Identities\{B718C535-6548-4E1D-A5D2-7D1B41CFEB2E}\Microsoft\ Outlook Express\ where username is the name I login with. If you are using Outlook, it is normally stored in a file of type .pst and on my system it is in the folder C:\Documents and Settings\Username\Local Settings\Application Data\Microsoft\Outlook\ where Username is the name I login with.

Setting up a Backup Job

To open the Windows backup program on Windows 2000, select Start, then Programs, then Accessories, then System Tools, then Backup. You must be a backup operator or administrator on your system to create a backup job. The backup utility will start as shown below.

Backup

Immediate Backup

If you want to do an immediate backup, click on the Backup tab and select the files that you want to backup. On my system I selected the folders C:\Documents and Settings\Username\Local Settings\Application Data\Identities\, C:\Documents and Settings\Username\Local Settings\Application Data\ Microsoft\Outlook\, and other areas where I store my data such as "My Computer". Also be sure to check the box next to "System State" which may save you a lot of grief if you have trouble with your system.

Backup

Click on the "Start backup" button and on the dialog box that appears select either "Append..." or "Replace..." data on the media, then select "Start Backup".

Schedule a Backup

To schedule a backup, click on the "Schedule Backups" tab. The Backup program will show a calendar as shown below.

Backup Calendar

Click the "Add Job" button. A backup wizard will start. Click "Next". A "What to backup" dialog box as shown below will appear.

What to Backup

Select "Backup selected files, drives, or network data" and click "Next". On the next box select the items you want to backup by first clicking the + next to "My Computer" to expand it as shown below.

Items to back up

Select the items in the same way as discussed under the header called "Immediate Backup" above and click Next. The dialog box will change and allow you to select the name and location of the file the backup will be stored in. Click "Next" and a dialog box will ask the type of backup you want to perform. A normal backup will be sufficient so select it unless you have another preference and click "Next".

After clicking next, select "Verify data after backup" and click "Next". Select whether to Append or replace data if the file already exists at the specified location and click "Next". Accept or specify the backup label and click "Next". The below dialog box will appear.

Time to back up

Click on the "Set Schedule button and the dialog box below will appear.

Time to back up

Select your preferred backup times and how often you want to do this backup such as weekly. Click OK and the backup schedule dialog box will disappear. Enter the name of your backup job and click next on the "When to back up" dialog box. Click "Finish" to complete the process. Backups should run when you have scheduled them.

If you want to delete a backup job that you have scheduled, click on the "Schedule Jobs" tab and click on the job shown on the calendar. A dialog box with the job name will pop up. You can click on the "Delete" button next to the Job name to delete the Job.


Viruses and Worms

In general terms a virus is a program that runs on a system against the owner's or user's wishes and knowledge. Viruses have one or more methods they use to spread. Most commonly they will attach a file to an e-mail message and attempt to trick victims into running the attachment.

Virus Damage

In most cases, viruses can do any amount of damage the creator intends them to do. They can send your data to a third party and then delete your data from your computer. They can also ruin your system and render it unusable without a re-installation of the operating system. Most have not done this much damage in the past, but could easily do this in the future. Usually the virus will install files on your system then will change your system so the virus is run every time you start your system. It will then attempt to replicate itself by sending itself to other potential victims.

The normal effect a virus will have on your system is that over time your system will run slower. Also when you are using the internet your connection may seem to run slower. Eventually you may have trouble running programs on your system, your system may freeze, and in the worst case you may not be able to get it to boot up when you turn your computer on.

How Viruses or Worms Spread

Most commonly viruses today use e-mail to spread however they have used one or more of the following methods to spread in the past.

  • Some viruses will load themselves onto any part of a writable removable drive as possible and spread from computer to computer as people use the removable drive.
  • A worm is a program similar to a virus that will exploit a vulnerability in an operating system or application that a computer user is running. The best defence against a worm is to have either a personal firewall on your system or be behind a corporate firewall. Another good defence is to update your system regularly. All you need to do to get a worm is to connect an un-patched computer to the internet or infected network when your computer does not have firewall protection.
  • Most viruses will spread themselves using e-mail attachments. They may tell the user that they need to open the attachment to get the rest of the information that is being sent to them. Many times the virus may claim it is an administrator and the user needs to either read the data or install a program on their system. Viruses have even claimed to be Microsoft sending a system patch as an attachment to the e-mail. Microsoft would never send a system patch through e-mail.

Worms and Prevention

Since worms spread by taking advantage of vulnerabilities in operating systems or application programs (remember from earlier discussion, vulnerabilities are software errors that allow some kind of unauthorized access when they are used or exploited). You do not need to do anything special to get a worm except to connect to the internet or an infected network with a system that has vulnerabilities. There are several good defences against worms.

What is a Firewall?

A firewall is a device that limits access to your system from the outside. A firewall may be a software program running on your computer or it may be a piece of hardware outside your computer. The firewall screens any attempts to access your system and only allows access that you decide to allow. In this way many vulnerabilities that could be used to gain unauthorized access to your system are eliminated.

Worm Prevention

There are three defences against worms. They are as follows:

  • A personal firewall should be run on any system that is not behind a corporate firewall. This should be done on any computer that connects to the internet even if the connection it uses is a slow dial up connection.
  • Patching your system with updates to fix the vulnerabilities. Patching is the act of downloading updates to the vulnerable operating system or application and applying the update to the program.
  • Continually running anti-virus software which may detect worms. This is not the best defence against worms however because sometimes the worm can infect the system before the anti-virus software can detect it.

Of the above measures the first two are the most effective against worms. For more information about personal firewalls, why you should use them, and how you can update your system, see the Home Computer Security article on this site.


Preventing Viruses in Microsoft Office® Products

The intention of this document is to help readers prevent viruses and worms by presenting a procedure for readers to use to protect themselves against the recent Microsoft Office vulnerability postings.

Current and Previous Problems

Several flaws (programming errors) have recently been discovered in Microsoft Office products. These flaws may allow attackers to compromise your systems. This means that because of these flaws several new viruses and vulnerability exploiting worm programs will most likely be introduced on the internet within the next few weeks. The impact of these new vulnerabilities and worms is expected to be severe and possibly affect operations on the internet, especially email for some period of time. It is likely that readers of email will see attached files mailed to them from their friends or others that they do not know. These attached files will likely be a Word document file (.doc) or some other type of file opened by one of the Microsoft Office products in spite of the fact that many current viruses are circulating as .pif files and other file types.

Recent Virus behaviour

Please note that even though a email appears to come from a friend or a particular person, there is no way that you can be sure this person actually sent the email. This is because there is no way provided in the internet email system to confirm that any given person actually sent a message. Anyone can fake a message and make it look like someone else sent the message. This is how it may at least appear to readers on the surface unless the properties of the message are examined in greater detail. Many viruses today can look in an address book and choose two addresses and use one as the recipient and the other one as the (faked) sender. Therefore then the recipient gets the message it will appear to be from a possible friend when indeed it is not. The only fact you can be sure of is that the person who has the virus has both the sender of the email and the recipient of the email in their address book.

The Solution

To keep yourself from being able to catch viruses that use these vulnerabilities, use the following procedure to update your version of Microsoft Office. Although this procedure may keep you from getting a virus now, it will not guarantee that new vulnerabilities will not be discovered in the future which will make you vulnerable to future viruses. Also this does not replace prudence when it comes to being careful about what e-mail attachments a reader chooses to open. You will need your Microsoft Office CD which you installed your product from to complete this update.

  1. To determine what type of Office product you have and what service pack is running you can open Microsoft Word. From Microsoft Word click on "Help" at the top of the program then select "About Microsoft Word". One of the lines at the top should read:

    Microsoft® Word 2000 (9.0.6926 SP-3)

    This indicates that this version has Service Pack 3 applied. It also indicates that Office 2000 is the Office Suite being used. A service pack is a group of updates rolled into one file which fixes many problems with the product including security updates up to the point in time when the service pack was released. If your description does not indicate a service pack is installed, then a service pack in not installed with your office version.

  2. Download Updates:

    To get updated automatically go to http://office.microsoft.com/productupdates. To see available downloads for Office products go to http://office.microsoft.com/officeupdate/default.aspx.

    Either use the automatic product update ability at http://office.microsoft.com/productupdates or do the updates manually as shown below depending on your Office Suite type as shown below.

  3. Install Updates - I recommend you install the updates required in the same order as listed above for your Office version. You will need your Office CD which you installed Microsoft Office from. If you need the service pack, install it first, then install the other patches. You may want to use the following procedure for Office 2000:
    1. Put your Office installation CD in your CD ROM drive.
    2. If SP3 is not installed double click the SP3 file you downloaded (O2kSp3.exe). Answer "Yes" when asked if you want to install the update. Accept the license agreement when asked. You will need to reboot your system once the install is done.
    3. If you are using Windows 2000 or XP operating system, use the Notepad program (Programs--Accessories--Notepad) to make a batch file with the below content. If you are using Windows 9x just run the below programs in the order listed by double clicking on each one after the previous installation is complete.
      		office2000-kb822035-client-enu.exe 
      		office2000-kb824993-client-enu.exe 
      		office2000-kb824936-client-enu.exe 
      		office2000-kb827431-client-enu.exe 
      		office2000-kb826292-client-enu.exe 
      		
    4. Save the batch file as updateo2k.bat with your other files that you downloaded.
    5. Double click the updateo2k.bat that you just created with notepad. Each update will run. For each update answer "Yes" when asked if you want to install the update and accept the license agreement when asked. A few updates may not install with a message that the "expected version of this product was not found". This is usually because the feature requiring this update was not installed on your system.

    You may want to use the following procedure for Office XP:

    1. Put your Office installation CD in your CD ROM drive.
    2. If SP1 is not installed double click the SP1 file you downloaded (Oxpsp1.exe). Answer "Yes" when asked if you want to install the update. Accept the license agreement when asked. You will NOT need to reboot your system once the install is done.
    3. If SP2 is not installed double click the SP2 file you downloaded (OxpSp2.exe). Answer "Yes" when asked if you want to install the update. Accept the license agreement when asked. You will NOT need to reboot your system once the install is done.
    4. Run the below programs in the order listed by double clicking on each one after the previous installation is complete:
      		officexp-kb822036-client-enu.exe 
      		officexp-kb824938-client-enu.exe 
      		officexp-kb824934-client-enu.exe 
      		access2002-runtime-kb813617-client-enu.exe 
      		officexp-kb827430-client-enu.exe 
      		officexp-kb826293-client-enu.exe
      		
    5. For each update answer "Yes" when asked if you want to install the update and accept the license agreement when asked. A few updates may not install with a message that the "expected version of this product was not found". This is usually because the feature requiring this update was not installed on your system.

Sites for more information


Patching Windows Systems

Applying the latest patches to your Windows 2000 Operating system to prevent viruses and worms

This procedure will help you determine the patched state of your system, detect and remove any viruses and apply updates. This procedure is written for Windows 2000 users. The patches are also available for Windows XP and Windows NT but instructions are not provided for those systems here although the procedures should be similar excluding the application of the service pack. If you have a system that has not been patched within the last few weeks or are not sure and do not know if you have a virus, and do not have current anti-virus software on your system follow all the steps below. Checking for and removing viruses can be skipped for users who are sure they do not have a virus. Skipping the firewall installation can be done if you already have a personal firewall or are behind a corporate firewall. For more information please read the Securing Your System.

Back up your Data

1. Back up your data to another computer, tape, CD-ROM, or at least to another partition on your hard drive. If you store data like most people, it is stored in My Documents. Always back up your data on a regular basis.

Install a firewall to help secure the system

2. Install a personal firewall. I use Norton Personal firewall from Symantec, but Zonealarm personal firewall has a good reputation and is free for individuals and non profit organizations. It is available at http://www.zonelabs.com/   Please do not violate license laws when using this product. Since antivirus software is also an essential requirement to have a reasonably secure computer a nice convenient package is Norton's Internet security package from Symantec which can be found in many stores. It comes with both antivirus software and a personal firewall. The commercial version of ZoneAlarm's personal firewall also is very well recommended.

3. Configure your firewall before connecting to the internet. Most users should at this point read their documentation or run the provided firewall tutorial. You may get alerts while configuring or in one case I got an alert indicating that a specific program wanted to act as a server on the internet. Before answering the question I used another computer and went to http://www.google.com/  and looked up the name of the program the alert had specified. At this point I realized the computer had a virus. If you are told by the alert that a program wants to act as a server the likely answer to this question should be no, but it is best to look up the program name on Google to be sure.

Check for and remove viruses

4. Install antivirus software on your computer. I use Norton or Symantec Anti-virus software but use the one of your choice. It is wise to read product reviews.

5. Connect to the internet and get your latest virus definitions from your antivirus software manufacturer.

6. Run a full virus scan on your system but configure it to only find viruses. It is best at this point to not attempt to quarantine or delete infected files. This is because the virus may modify some system files and if these files are deleted or quarantined you may not be able to reboot your system after removing the virus. At this point you only want to identify any viruses, Trojans or worms on your system.

7. At this point do not worry about connecting to the internet even if you have some viruses since your firewall will help protect you. Once you have identified viruses on your system, go to your virus manufacturers website and look up the information about each virus and print it out. Download any virus removal tool for each virus that they may provide. Use the virus removal tool where possible to remove the virus. If no tool is available, follow the manual virus removal procedures that they provide. You may be able to delete or quarantine files identified in your scan by right clicking on the files and selecting either delete or quarantine.

Update your system

8. Right click the "My Computer" icon on your desktop and select properties.

9. If under the General tab it does not state that your system is service pack 3 or above, download the service pack from http://www.microsoft.com/windows2000/downloads/servicepacks/sp3/default.asp Once downloaded click on the downloaded file and follow the steps provided in the install package, then reboot your system.

10. Review the critical updates at http://www.microsoft.com/windows2000/downloads/critical/default.asp and install them. Windows 2000 also has an autoupdate utility which can be configured from the control panel which will help get these but you must be careful to only select useful security and critical updates since the auto update facility will not always choose updates best for you.

11. Update your Internet Explorer browser to version 6 or above by using the site at http://www.microsoft.com/windows/ie/downloads/critical/ie6sp1/download.asp You will need to reboot after applying this latest version of Internet Explorer.

12. If you are using Microsoft Office, read the article "Office Virus Prevention and apply the Microsoft Office updates as instructed in that article.

13. Download and install any critical or security updates for current threats as you are aware of them or check every couple of weeks on the Microsoft site for new updates.

In this article, we will look at Windows based Security on your XP Desktop Systems. I have yet to see anything out there about how to check over and secure your desktop on Microsofts newest OS. In this article we will look at Windows XP Professional and what you need to do to be secure. This is a start to finish article on the fundamentals of OS desktop security Microsoft style. After reading this, you may be surprised about some of the items you may have taken for granted! Lets take a look...

Lock it down - now!

 

In this article, we will look at the following items and how to lock them down step by step. This will enable your XP system to be lean, mean and ready to do battle with attackers of all types.

  • Windows XP Professional Configuration Checklist Details
  • Verify that all disk partitions are formatted with NTFS
  • Protect file shares
  • Use Internet Connection Sharing for shared Internet connections
  • Enable Internet Connection Firewall
  • Use software restriction policies
  • Use account passwords
  • Disable unnecessary services
  • Disable or delete unnecessary accounts
  • Make sure the Guest account is disabled
  • Set stronger password policies
  • Set account lockout policy
  • Install anti-virus software and updates
  • Keep up-to-date on the latest security updates

Back to top

Verify that all disk partitions are formatted with NTFS

NTFS partitions offer access controls and protections that aren't available with the FAT, FAT32, or FAT32x file systems. Make sure that all partitions on your computer are formatted using NTFS. If necessary, use the Convert utility to non-destructively convert your FAT partitions to NTFS. Be careful! I have goofed this up myself so be careful and always make a backup of critical data, but that should go without saying!


Back to top

Protect file shares

By default, Windows XP Professional systems that are not connected to a domain use a network access model called "Simple File Sharing," where all attempts to log on to the computer from across the network will be forced to use the Guest account. This means that network access through Server Message Block (SMB, used for file and print access), as well as Remote Procedure Call (RPC, used by most remote management tools and remote registry access) will only be available to the Guest account. Ok, this is lame and we should change this. To change it, go to: Start => Programs => Accessories => Windows Explorer and drop down the Tools menu and select Folder Options.

In the Simple File Sharing model, file shares can be created so that access from the network is read-only, or access from the network is able to read, create, change, and delete files. Simple File Sharing is intended for use on a home network and behind a firewall, such as the one provided by Windows XP. If you are connected to the Internet, and are not operating behind a firewall, you should remember that any file shares you create might be accessible to any user on the Internet.

My recommendation is that you DISABLE IT!

To disable Simple File Sharing

  • Go to Folder Options as viewed above
  • Select the View tab
  • Go to Advanced Settings
  • Clear the Use Simple File Sharing box
  • Close out of Folder Options

 

For more info on File Sharing with XP, you can visit article Q304040

Back to top

Enable Internet Connection Firewall (ICF)

ICF provides protection for Windows XP computers that are directly connected to the Internet, or for the computers or devices connected to the Internet Connection Sharing host computer that is running ICF.

To enable ICF, right-click an Internet connection in Network Connections, click Properties, click the Advanced tab, and then select the appropriate check box.
I would suggest getting a real firewall product that is more robust then this, but if this is all you have, enable it!

Back to top

Use software restriction policies

Software restriction policies provide administrators with a policy driven mechanism that identifies software running in their domain, and controls the ability of that software to run. Using a software restriction policy, an administrator can prevent unwanted programs from running; this includes viruses and Trojan horses, or other software that is known to cause conflicts when installed. Software restriction policies can be used on a standalone computer by configuring the local security policy. Software restriction policies also integrate with Group Policy and Active Directory.

Back to top

Use account passwords

To protect users who do not password-protect their accounts, Windows XP Professional accounts without passwords can only be used to log on at the physical computer console. By default, accounts with blank passwords can no longer be used to log on to the computer remotely over the network, or for any other logon activity except at the main physical console logon screen.

Back to top

Disable unnecessary services

After installing Windows XP, you should disable any network services not required for the computer. In particular, you should consider whether your computer needs any IIS Web services. By default, IIS is not installed as part of Windows XP and should only be installed if its services are specifically required. It is my recommendation that if you don't need them, disable the following services ASAP:

  • Telnet
  • Universal Plug and Play Device Host
  • IIS (not installed by default)
  • Net meeting Remote Desktop Sharing
  • Remote Desktop Help Session Manager
  • Remote Registry
  • Routing & Remote Access
  • SSDP Discovery Service

I also recommend that the server service and computer browser be eliminated if you are on a stand-alone machine connected to the Internet. There is no practical use for them and leave you exposed.


Back to top

Disable or delete unnecessary accounts

You should review the list of active accounts (for both users and programs) on the system in the Computer Management snap-in. Disable any non- active accounts and delete any accounts which are no longer required.

Make sure the Guest account is disabled

This setting recommendation only applies to Windows XP Professional computers that belong to a domain, or to computers that do not use the Simple File Sharing model.

On Windows XP Professional systems that are not connected to a domain, users who attempt to log on from across the network will be forced to use the Guest account by default. This change is designed to prevent hackers attempting to access a system across the Internet from logging on by using a local Administrator account that has no password.

Back to top

Set stronger password policies

To protect users who do not password-protect their accounts, Windows XP Professional accounts without passwords can only be used to log on at the physical computer console. By default, accounts with blank passwords can no longer be used to log on to the computer remotely over the network, or for any other logon activity except at the main physical console logon screen. Use the Local Security Policy snap-in to strengthen the system policies for password acceptance. Microsoft suggests that you make the following changes:

  • Set the minimum password length to at least 8 characters
  • Set a minimum password age appropriate to your network (typically between 1 and 7 days)
  • Set a maximum password age appropriate to your network (typically no more than 42 days)
  • Set a password history maintenance (using the "Remember passwords" radio button) of at least 6

Back to top

Set account lockout policy

Windows XP includes an account lockout feature that will disable an account after an administrator-specified number of logon failures.

Consider reasonable settings for your environment and think about how secure your environment needs to be. If its too much, then users will freak out.

Back to top

Install anti-virus software and updates

One of the most important things for protecting systems is to use anti-virus software, and ensure that it is kept up-to-date. All systems on the Internet, a corporate Intranet, or a home network should have anti-virus software installed.


Back to top

Keep up-to-date on the latest security updates

The Auto Update feature in Windows XP can automatically detect and download the latest security fixes from Microsoft. Auto Update can be configured to automatically download fixes in the background and then prompt the user to install them once the download is complete. To configure Auto Update, click System in Control Panel and select the Automatic Updates tab. Choose the first notification setting to download the updates automatically and receive notification when they are ready to be installed.


Summary

Now, you should be able to sleep easy at night knowing your XP system is at least in better security posture than it ever was... you must keep up on your updates though and make sure you virus definitions are also updated. If you do these few things, you will find your XP system way more secure than it ever was.

Back to top


How to Configure Data Execution Prevention (DEP) in Windows XP

Purpose

The purpose of this article is to teach you the way to configure Data Execution Prevention (DEP) in windows XP.

Data Execution Prevention

Data Execution Prevention (DEP) helps prevent damage from viruses and other security threats that attack by running (executing) malicious code from memory locations that only Windows and other programs should use. To use DEP, your computer must be running Microsoft Windows XP Service Pack 2 (SP2) or later. DEP does not help prevent harmful programs from being installed on your computer. Instead, it monitors your programs to determine if they use system memory safely. To do this, DEP software works alone or with compatible microprocessors to mark some memory locations as "non-executable". If a program tries to run code malicious or not from a protected location, DEP closes the program and notifies you. If your computer's processor does not support hardware-based DEP, Windows can use DEP software to help prevent some types of attacks.

To configure data execution prevention

Follow these steps:

1. Right click My Computer and click Properties.

 

2. Click on the Advanced tab and under Performance click Settings.

 

How to Configure Data Execution Prevention (DEP) in Windows XP

 

3. Click on the Data Execution Prevention>tab.

How to Configure Data Execution Prevention (DEP) in Windows XP

4. Do one of the following:

a. To help protect some Windows processes but turn off DEP for all other programs, select:
    Turn on DEP for essential Windows programs and services only.

b. To help protect all programs on your computer, select:
   Turn on DEP for all programs and services except those I select.

   Click on Add and add the services and programs that you don't want to be protected.

How to Configure Data Execution Prevention (DEP) in Windows XP

5. Click Apply and then click OK.

Summary

By default, Data Execution Prevention (DEP) is turned on for essential Windows programs and services only. If you turn off DEP for one or more programs, other programs on your computer as well as your personal information might become vulnerable to damage that spreads from a successful attack against an unprotected program. If your computer is connected to a network, network policy settings might also prevent you from completing this procedure. DEP software alone helps protect against certain types of malicious code attacks but to take full advantage of the protection that DEP can offer, your processor must support "execution protection". This is a hardware-based technology designed to mark memory locations as non-executable. If your processor does not support hardware-based DEP, it's a good idea to upgrade to a processor that offers execution protection features.


Web Security

You are offering your IP address to the entire world at this very moment.

Make sure you are not offering access to your private data at the same time.

Your IP address is:

Accessing the Internet is a security risk.

When you are connected to the Internet, an IP address is used to identify your PC. If you don't protect yourself, this IP address can be used to access your computer from the outside world.

A fixed IP address is a larger security risk.

If you're using a modem with a dial-up connection, you will get a new IP address every time you connect to Internet, but if you have a fixed Internet connection (cable, ADSL, fixed line), your IP address will never change.

If you have a fixed IP address, you give potential Internet crackers all the time they need to search for entrances to your computer, and to store and share (with other crackers) information they might find about your unprotected private data.

Your Network Shares

Personal computers are often connected to a shared network. Personal computers in large companies are connected to large corporate networks. Personal computers in small companies are connected to a small local network, and computers in private homes often share a network between family members.

Most often networks are used to share resources like printers, files and disk storage.

When you are connected to the Internet, your shared resources can be accessed by the rest of the world.

A Common Windows Security Problem

Unfortunately, many Microsoft Windows users are unaware of a common security leak in their network settings.

This is a common setup for network computers in Microsoft Windows:

  • Client for Microsoft Networks
  • File and Printer Sharing for Microsoft Networks
  • NetBEUI Protocol
  • Internet Protocol TCP/IP

If your setup allows NetBIOS over TCP/IP, you have a security problem:

  • Your files can be shared all over the Internet
  • Your logon-name, computer-name, and workgroup-name are visible to others.

If your setup allows File and Printer Sharing over TCP/IP, you also have a problem:

  • Your files can be shared all over the Internet

Computers that are not connected to any network can also have dangerous network settings because the network settings were changed when Internet was installed.

Solving the Problem

For Windows 2000 users:

You can solve your security problem by disabling NetBIOS over TCP/IP:

  • Open Windows Explorer
  • Right-click on My Network Places
  • Select: Properties
  • Right-click on Local Area Network
  • Select: Properties
  • Select: Internet Protocol TCP/IP
  • Click on Properties
  • Click on Advanced
  • Select the WINS tab
  • Select Disable NetBIOS over TCP/IP
  • Click OK

If you get the message: "This connection has an empty......", ignore the message and click on YES to continue, and click OK to close the other setup windows.

You should restart your computer after the changes.

For Windows 95, 98, or ME users:

You can solve your security problem by disabling NetBIOS over TCP/IP:

  • Open Windows Explorer
  • Right-click on My Network Places
  • Select: Properties
  • Select: Internet Protocol TCP/IP
  • Click on Properties
  • Select the NetBIOS tab
  • Uncheck: Enable NetBIOS over TCP/IP
  • Click OK

You must also disable the TCP/IP Bindings to Client for Microsoft Networks and File and Printer Sharing:

  • Open Windows Explorer
  • Right-click on My Network Places
  • Select: Properties
  • Select: Internet Protocol TCP/IP
  • Click on Properties
  • Select the Bindings tab
  • Uncheck: Client for Microsoft Networks
  • Uncheck: File and Printer Sharing
  • Click OK

If you get a message with something like: "You must select a driver.........", ignore the message and click on YES to continue, and click OK to close the other setup windows.

If you still want to share your Files and Printer over the network, you must use the NetBEUI protocol instead of the TCP/IP protocol. Make sure you have enabled it for your local network:

  • Open Windows Explorer
  • Right-click on My Network Places
  • Select: Properties
  • Select: NetBEUI
  • Click on Properties
  • Select the Bindings tab
  • Check: Client for Microsoft Networks
  • Check: File and Printer Sharing
  • Click OK

You should restart your computer after the changes.

Test Your Shields

Can anyone crawl into your computer while you're connected to the Internet? You may be VERY surprised to find out!

Go to Sygate and click on " Quick Scan" this will give you an idea of how secure you are.

Internet Email

The Internet Email System

The email system that is currently used on the internet was not designed to curb the abuses presented by viruses and SPAM as they are occurring today. The email system today allows:

  • Anyone can set the "From" field in the email to any value they want. This means that you can send an email message and make it look like the President of the United States sent the message. There are ways to tell that this is not the case, but on the surface it will appear like the President of the United States sent the message. This is called faking the sending address.
  • If an email cannot be delivered, the email standard provides for the sender to receive a notification indicating that the message could not be delivered. Some email servers are also set up to notify the sender when a virus is found in an email they sent.

There are several things that the email system in use today does not provide for:

  • The system does not provide for positive identification of the sender.
  • There is no method to prevent a sender from sending unwanted emails.

Email Problems

Given the above conditions, several problems can occur.

  • If the sending address of the email is faked, any messages indicating the message could not be delivered will go to the person who appears to have sent the email rather than the person who actually sent it. This can cause people to receive non deliverable notifications for emails that they did not send which can be very confusing.
  • If a virus sends an email with a faked sender address, a mail server may detect the virus in the message and send a reply to the faked address notifying someone that they sent an email with a virus in it when in fact they did not. This can cause confusion and waste administrators time since users may call administrators and want their systems checked for viruses when they are not acutally infected with a virus. This is why administrators of mail servers should turn off notifications to addresses that appear to have sent a virus.
  • Someone can fake the sender of an email and send embarrassing or annoying messages and possibly jeopardize the reputation of the party they are sending the email as. They can make it appear as though a reputable party is sending smut on the internet. I do not know if there are any laws against this, but there should be. This would be called fraud along with some possible other charges such as libel and slander. There are ways to tell that the sender did not actually send the email but this could still unjustly hurt someone's reputation.
  • Recipients of virus or SPAM emails are unwilling recipients. These emails tie up their time and computer resources. When someone pays for a connection to the internet, and this connection is used to send them unwanted emails, this is the same as a denial of service attack and is essentially stealing. Everyone who connects to the internet has the right to use their connection haw they want and not how someone else wants. I will talk more about this in the section about SPAM.

E-mail Viruses

Viruses that spread through e-mail have a common method of spreading. This page will discuss how common e-mail viruses currently spread.

The Virus Lifecycle

Viruses begin their life when someone releases them on the internet. They begin to spread. At this early stage of their lifecycle, no one is aware of their presence. As the virus becomes more widely spread, someone will recognize an abnormal problem with their system and investigate. Eventually a computer expert will conclude that a virus exists and notify companies that write anti virus software. The companies will research the virus and come out with an update to their database of viruses that includes information about the new virus and has information about how to recognize it. They may also release a tool that can be used to automatically remove that virus from computer systems.

Therefore the cycle is:

  1. Release - The virus is released.
  2. Recognition - Someone recognizes the virus.
  3. Virus recognition database update - Antivirus programs will now recognize the virus.
  4. Antivirus update and removal tools

The time between step one and step three above can be significant. During this time you are vulnerable to getting the virus because your anti-virus software will not recognize it as a virus. This is why you should be careful about the e-mail attachments that you open, even if you are actively running anti-virus software.

How Viruses Work

  1. When a victim of a virus double clicks on an infected attachment, the virus will run.
  2. The virus will modify the victim's system so it will always be active when the system is turned on.
  3. The virus will scan the victim's address book in their e-mail client program such as Outlook or Outlook Express.
  4. In the past, viruses would then mail themselves to addresses found in the victim's address book. But today many viruses choose random recipients and senders from the victim's address book. This means that although the e-mail is sent from the victim's machine, the e-mail sender address is faked to appear as though someone else in the victim's address book sent the message.

What to Do

  • Always run anti-virus software and be sure it gets updated at least twice per week.
  • If you get a virus in an e-mail attachment and you are sure it is a virus, delete the e-mail message.
  • If you get an attachment from someone you know, consider whether there is enough personal information in the e-mail which a virus program would not know. If you are not sure your acquaintance sent the e-mail call them and be sure before opening the attachment. Do not count on your anti-virus software being able to stop you from getting infected if you open the e-mail attachment. Remember, viruses are not recognized right away by your anti-virus software and you could get a new unrecognized virus before your virus definition updates are released.
  • If you get an e-mail saying a message you sent was undeliverable and you did not send the message, consider whether your system is behaving abnormally. You probably do not have a virus, but if you are not sure, use your anti-virus software to perform a system scan for viruses and remove any viruses found using the procedure in the section about "Removing Viruses", then delete the e-mail.
  • If you get an e-mail saying a message you sent contained a virus, consider whether your system is behaving abnormally. You probably do not have a virus, but if you are not sure, use your anti-virus software to perform a system scan for viruses and remove any viruses found using the procedure in the section about "Removing Viruses", then delete the e-mail.

Example

Below is shown an e-mail from a virus as an example of how a virus writer will try to fool computer users.

	From: staff@yourorganization.org [mailto:staff@yourorganization.org] 
	Sent: Wednesday, March 03, 2004 4:41 AM
	To: usertofool@yourorganization.org
	Subject: Important notify about your e-mail account.
	Dear user of e-mail server "Yourorganization.org",
	
	Our antivirus software has detected a large  ammount of viruses outgoing 
	from your email account, you may use our free anti-virus tool to  clean  up your computer software.
	
	For further  details see the attach.
	
	For security reasons attached file  is password protected. The password is "22352".
	
	Cheers,
	The Yourorganization.org team  http://www.yourorganization.org
	

Of course there is an attachment. In this case the virus sent a zipped file (.zip) and instructed the user how to open it. It was encrypted in a zipped file so the anti-virus scanner could not detect it!


Spam

Spam is unsolicited junk e-mail sent to large numbers of e-mail addresses. It is used to promote some product or service and many spam e-mails are pornographic in nature.

Spam Prevention

Unfortunately there are not very many good ways of preventing spam other than keeping your e-mail address secret. It should be kept at a level of security somewhere between your phone number and your social security number. You should be careful about who you give your email address to. Many companies will sell your email address to spam lists, thus making it available to spammers.

I currently use three email accounts as follows.

  • The first account is the one I give to personal acquaintances.
  • The second account I give to companies that have a privacy policy that I am fairly certain won't sell my e-mail address.
  • The third account, I give to companies that I believe I cannot trust to sell my information. I don't worry if these companies can contact me.

I expect to change the third account pretty often, but hopefully the first two will last several years without much spam. The third account may be through a free internet email account service such as hotmail or yahoo.

Managing Spam

Besides keeping your e-mail address secret, the next best spam relief are programs that help you manage spam. Spam can be filtered at the mail server with some programs or they can be a program that plugs into your e-mail client program such as Outlook or Outlook Express. Basically these types of programs filter spam based on several characteristics such as:

  • The subject line
  • The address of the sender
  • Some programs scan the message content and consider length or wording.

Unfortunately none of these scanning methods are 100% accurate although some claim to achieve success rates into the upper 90 percentile. What most of these programs do is to create folders for "friendly" mail or "unfriendly" mail. The friendly mail is put into one folder, unfriendly mail is put into a second folder and there may be a third folder for unknown mail. Unfriendly mail is automatically deleted after some period of time. The capabilities and handling of the mail will vary from program to program. Some that I have considered using include:

  • Qurb
  • I Hate Spam
  • Spam Assassin

Spam for Webmasters

If you are a webmaster, spammers will send spam to your domain by sending it to general possible accounts such as administration@yourdomain.com. One way to prevent this is to configure your account with your hosting provider not to respond to undeliverable emails and just automatically delete them. This is called a "blackhole" setting. The only problem with this is that spammers will still use your bandwidth that you pay for to send you their junk, even though your server deletes them. As spam gets more excessive, it may increase bandwidth costs for webmasters thus discouraging some sites from operating.

Why Spam Should be Illegal

When you connect to the internet, you are paying for a specific service for your use. This service costs a specific amount of money and provides a certain connection speed to the internet. This connection speed indicates your bandwidth. The greater the connection speed, the higher the bandwidth. The higher speed connections cost more money. At this point you have paid for the privilege of surfing the internet with your web browser, sending and receiving e-mail, and other activities. The speed at which you can do this is limited by your bandwidth and how fast you can click pages or send or receive e-mail. Consider the Following diagram:

Internet Connections

Each person has a connection to the internet. If the person on the right chooses to use their connection to send e-mail or junk e-mail (spam), that is their choice. They are paying for their connection and they are willing to use it in that manner.

If the person on the left does not want to receive spam, but wants to read personal e-mail and surf the internet, they are willing to receive only personal e-mail. If someone is sending them a lot of spam, they will need to wait for the junk e-mail to be delivered before they can read much of their personal e-mail. They are an unwilling participant regarding the unsolicited e-mail they are receiving. Not only is their connection being used by someone else, but it will take them additional time to sort the mix of e-mail out to get to the mail they want to read. If the receiver had willingly stated that they were interested in receiving the advertisements, it would be another matter.

Of course the sender of the spam is not using all the spam receiver's internet connection, but the spam receiver does not get the opportunity to use their connection in the way they fully intended even though they were the one paying for it. This is the same as stealing even though the effective amount may be small. Imagine, how rich you could be if you could only steal a fraction of a cent per day or week from everyone who uses the internet. That's why spam should be illegal.

Someone may argue that spam is the same as junk mail sent through the postal service so why would it be stealing. This is not true since the sender of mail through the postal service pays for the cost of both pickup and delivery. On the internet, the sender pays for the cost of pickup and the receiver pays for the cost of delivery.

The Real and Permanent Solution to Spam and Viruses

Unfortunately a permanent and good solution will take years to implement. A new mail protocol (method of sending e-mail) must be developed by the internet community and then e-mail servers must be modified to handle that protocol. The changing of the e-mail servers will take the most time.

I believe all e-mail should be digitally signed by the sender in order to be delivered. This way the sender cannot be faked and everyone must take responsibility for their own e-mails. However to get this to work right someone must find a way to keep viruses from being able to digitally sign your e-mails for you automatically. A bug in your e-mail client may allow a virus to digitally sign your e-mails causing this type of solution to be ineffective, however, in this case, there would be no doubt as to who has the virus.

Some Proposed Solutions that Won't Work

  • Paying for each e-mail sent - This solution will not work because it forces people to pay for services that they have already paid for. Additionally it will not prevent spammers from using poorly configured servers to send spam illegally. It will most likely force victims (those who get viruses and administrators who have spammers illegally relay mail through their mail servers) to pay for the additional e-mail. On the brighter side, it may force more administrators to lock their systems down better and force computer users to be more careful about getting viruses. If this were done, I would think it would make the most sense to allow a limited amount of email to be send on a monthly basis for free.
  • Reverse address to name lookup - Some ISP's want to use a check that looks at the address the mail came from and determine the name of the server. If the name does not match the name advertised by the sending mail server, then the e-mail is assumed to be spam and dropped with no notification to the sender. Not only does this violate the rules (protocol) governing the internet for sending e-mail, it will cut down or eliminate the ability for web based programs to automatically notify users at some websites about events. For instance forum sites will notify when someone has posted an answer to a question. If the user's ISP uses reverse lookup, the user may never see the email from the forum website where they asked a question.

Removing Viruses

Removing viruses can be risky to your operating system and may cause you to need to re-install your operating system. If you do not feel comfortable with the instructions in this section, you should get a computer professional to do the job.

Virus Removal Procedure

  1. Be sure you have good backups of your data along with an emergency boot disk for your system.
  2. Determine what viruses you have on your system.
    1. Install a virus scanning program if you do not have one already installed. Use the product of your choice. It is wise to read product reviews.
    2. Be sure your virus definitions are up to date. Connect to the internet and download the latest virus definitions from the company that created your anti-virus software.
    3. Configure your virus scanner not to remove any viruses but only detect them. You do not want to remove the viruses) immediately since some viruses may infect files that your system requires to run. If these files cannot be cleaned by the anti-virus program, they may be deleted or quarantined. If this happens you may not be able to run your system again.
    4. Scan for viruses but do not remove them. Note: Some viruses will stop your virus scanner from operating. If this is the case you will probably need the help of a computer professional. If you have a virus that stops your virus scanner then you will need to either share the drive across a network and scan it from another computer or remove your hard drive and place it into another computer as a second hard drive, then scan your hard drive.
  3. Learn about the viruses you have and how to remove them. - Go to the web site of the organization that created your anti-virus software. The Symantec security response site is a good site to find information about specific viruses and they provide virus removal tools.
  4. Remove the viruses.
    1. Many viruses have a removal tool which can be used to remove the virus. If there is a removal tool, download it and use it to remove the virus.
    2. If there is no removal tool, you will need to follow the manual removal instructions. You may need to manually delete virus files and edit your system registry. The removal instructions will tell you how to do this, but some people may not feel comfortable doing this without the help of a computer professional.
    3. If the manual instructions indicate that you should let your virus scanner remove the virus, then remove all viruses that you can with virus removal tools then run the virus scanner with it configured to remove all viruses.

Making a Boot Disk

Open the Windows backup program on Windows 2000/XP by selecting Start, then Programs, then Accessories, then System Tools, then Backup. The backup utility will start as shown below.

Backup

When the Welcome tab is displayed in the Backup program, click on the "Emergency Repair Disk" button near the bottom. When the "Emergency Repair Diskette" dialog box appears select the checkbox next to "Also backup the registry to the repair diretory..." and click OK. You will need to put a blank floppy into your floppy disk drive.

Insert Floppy

Once the process is complete, you should label the floppy disk with the current date and the name of the system you are making the disk for.

If you ever get into a situation where your system will not boot, you can use this disk to help you recover your system. This is a somewhat technical process but it begins by pressing the F8 function key while the system is booting which will provide some advanced booting options, one of which will allow you to try to boot using your emergency repair disk. It is usually much easier to recover a system that has an emergency repair disk.

Successful Save

System will not boot

The basics | Something's Spinning But Nothing's On | Hardware Hang-ups | Self made Problems | Prevention Is The Best Medicine

What To Do When . . .Your PC Won't Boot

Few problems make users gasp in fear more than a PC that will not boot. No Windows screen, no Desktop, nothing. At best, your system wheezes out a few beeps as it tries to start, but to no avail. You have a dead PC: A system that, by all appearances, is flat-out broken.

You can overcome many PC problems if you can at least start the PC, whether the problem is due to a bad driver, incorrect monitor settings, flaky hardware, or a troublesome program. In these cases, you may be able to fix the problem by starting Windows in Safe Mode, or by using an emergency boot diskette. (See the article PC ER in this issue to learn how to create and use an emergency boot diskette.) But what in the world are you supposed to do if those measures won't work? It's panic time.

Don't throw your system out the window just yet. Yes, you may have a tricky problem on your hands, but then again the situation may not be as dramatic as you think. Most boot problems are hardware-related, so we'll discuss the many agents that may have contributed to your PC's apparent demise. Remember, however, that a much simpler answer may solve your boot riddle. There may be external factors that are causing your PC to misbehave that you can rectify quickly. We'll start with these first. Hopefully your PC's apparent stubbornness to boot is the result of one of these minor oversights rather than a serious hardware problem.

Back to top

The Basics.

PCs need electricity to operate, obviously, so if your system shows no signs of life whatsoever, your PC's power is being interrupted somewhere between your wall socket and your system's motherboard. Let's make sure your PC is actually getting the juice it needs before we assume your system is suffering from a more severe problem.

First, make sure your system is, in fact, securely plugged into the wall outlet, surge protector, or power strip. Naturally, you would expect your system to be plugged in, but you should check it anyway. It's possible that you, your kids, your dog, or your pet ferret may have accidentally knocked or jostled the PC or the power cord, unintentionally unplugging the system. Or perhaps the surge protector or power strip's switch was accidentally pushed to the off position. If one of these scenarios is indeed the case, breathe a big sigh of relief. Your PC should work fine once you securely plug in the system or turn on the power strip or surge protector.

Remember that the wall socket is not the only thing your PC is plugged in to. Your power supply's cable plugs into both the wall socket and the power supply, so it's entirely possible that the power supply cable is not securely connected to the power supply. Take a look at the back of your PC. The power supply cable connection should be near the top of the system. Make sure the power supply cable is firmly plugged into the power supply and try to boot your PC again.

Did you know that many PC power supplies have an on/off switch? If the power supply is set to the off position, you won't be able to boot your PC simply by pressing the Power button on the front of the system. The power supply switch must be set to the On position in order for you to power up your system.

Take a look at the back of your system, near the top where the power supply is located. If your power supply has a switch, one side of the switch will be marked with a circle, and the other with a dash. The dash position is the on position, so make sure that side of the switch is pressed in. If the circle side of the switch is pressed in, the power supply is turned off and you won't be able to turn on your PC.

While you're examining the power switch on the back of your power supply, you should also examine the power supply's voltage setting. Almost all power supplies have two voltage settings: 230 volts or 115 volts. (Look for a small red or black switch that is slightly recessed in the back of the power supply.) Note that a handful of power supplies may use settings of 220 volts and 110 volts. UK residents should have the voltage set to 230 volts (or 220 if your power supply uses that setting).

Here's another power-supply scenario that may cause your PC not to boot properly. It's possible, albeit somewhat unlikely, that the power supply is not properly connected to your motherboard. You'll have to open your PC's case to check this potential problem, but be sure to unplug your PC first (just don't forget to plug it back in before you restart the system). Remove the case's left side panel and find the main connection for your system's power supply. It should end in a white connector that has two rows of 10 pins. The location of the motherboard's power supply connection varies depending upon the manufacturer of the motherboard, but the connection is usually located near the CPU and memory slots. The motherboard's power supply connection is white and has two rows of 10-pin sockets that correspond to the power supply connection's pins. The power supply connector should be plugged into the motherboard's connection. There should be a small plastic catch on the power supply connector that catches on the lip of the motherboard connector.

Note that many power supplies have a second, smaller connection. This power supply connection ends in a white plastic block of four pins and connects to another connection on the motherboard. This connection is usually located between (or at least near) the CPU and the motherboard's rear ports. Make sure this power connection is also plugged in.

Here's a too-crazy-to-be-true-but-it-might-be scenario: Are you sure the power isn't out in your house? Maybe a circuit breaker tripped, or perhaps there's a temporary power outage in your neighbourhood. Yeah, it'd be quite a coincidence for your power to go out shortly before you try to turn on your PC, and without you noticing it, no less, but it could happen. Hey, if it's the middle of the day and you're not watching TV or listening to the radio and the power goes out, how soon would you notice? Of course, if it's night and the lights are out, you should already know that your PC is going to be out, as well.

Back to top

Something's Spinning But Nothing's On.

There are a few instances where it seems as though your PC isn't booting, although it actually is. Your hard drive is spinning and it certainly sounds like it's operating normally, yet you see nothing on your screen. This is usually the result of a monitor glitch, so let's check that first.



Make sure your PC's power supply switch is turned on, or you won't be able to power up your PC.

First, make sure your monitor is turned on. Most users leave their monitors turned on continuously and let them power down to a sleep mode when not in use. If someone shuts off your monitor without you knowing it, it may appear as though the PC is not booting up properly, when in fact all ou really need to do is push the monitor's power button. As with the PC, you should also make sure the monitor's power cable is plugged into the wall socket, surge protector, or power strip. You should also examine the back of the monitor to see if the monitor's power cable is plugged in properly at that end. Like a PC's power supply, you can usually plug in (or unplug) a monitor from both ends.

The monitor's video cable is another potential monitor trouble spot. The cable must be attached to the monitor and the PC's Video Out connector on the back of the PC's video card. Most monitor cable connectors have a pair of thumbscrews that you can screw into the Video Out port. Make sure you use them. That way, you'll know that your monitor cable is firmly connected to the Video Out port. If the connection between your monitor cable and the Video Out port is secure, take a look at the back of your monitor. The monitor cable should be connected to a port on the back of the monitor.

 

 

 

Back to top

Hardware Hang-ups.

Let's say you've followed our earlier advice and double-checked the obvious, yet often overlooked, sources of your boot-up problem, and your PC still refuses to cooperate. If this is the case, then your PC may have a hardware problem, and perhaps a serious one. Take a deep breath and remember that throwing your PC out the back door will not make it run better. You may have to replace a part or two, but in the end you will have a functioning PC.

Sometimes it's easy to spot faulty hardware. If your PC's internal hardware smokes, sparks, or catches on fire, that's a good indication it's not working properly. If this is your situation, there's a good chance the motherboard and several parts attached to it are now silicon toast. Sometimes hardware failures are not as obvious. It can be difficult to pin down precisely which hardware is behaving badly (or not at all as the case may be), but we'll help you narrow down the possibilities.

If your PC has absolutely no power whatsoever, and you've ruled out the power cord, power switch, and other overlooked power problems we've discussed above, your power supply may be malfunctioning. Ideally you'll have another power supply on hand (or one that you can borrow from a friend) that you can pop into your system to test this theory. If not, you can buy a cheap power supply from a local retailer or used computer store. Make sure that the power supply you buy is at least as powerful as the one currently installed in your PC. Most PCs use a power supply that is a minimum of 250 watts, but many computer users use a 350-watt power supply. Install the new power supply and boot the PC. If it still won't run, you can assume the old power supply is not the cause of the problem.



Use the video cable connector's thumbscrews to secure the cable to the video card.

A PC's motherboard and CPU are also likely candidates as the hardware sources for boot failures, and you should give both a careful examination if you're still having trouble pinning down your boot-up problems. You don't necessarily have to remove the entire motherboard from the case, but you should remove as many components as possible, such as PCI (Peripheral Component Interconnect) cards and memory, so you can closely examine the motherboard. Look for cracks in the motherboard or any signs of damage to the motherboard's chipset or other components. If there is no visible damage to the motherboard, remove the HSF (heatsink/fan) unit from the CPU and examine the processor. Remove the CPU from the socket and look for bent or broken pins or other physical signs of harm. It's possible that the CPU may have overheated and essentially burned up, or that the CPU's core cracked, either of which rendered it inoperable.

Of course, CPU pins and CPU cores aren't likely to break on their own, so this is a situation that most often occurs when installing a new CPU. We'll talk about boot-up problems when installing new hardware or building a new PC from scratch later on, but we still have a few other hardware hurdles to clear.

A hard drive failure is one of the more frustrating hardware failures a user can experience for several important reasons. First, you'll lose any data stored on the drive. Second, you won't be able to boot your PC. Third, you'll have to buy a new hard drive and restore all your data (assuming you've backed up your data), which is costly and time consuming. If your hard drive fails, it may make an odd noise as you try to boot your PC, or you may get an error message stating that your PC can't read the drive, or that the drive has a bad sector. But before you toss out the drive, take a look at the drive's connections. Make sure the ribbon cable and power supply cable are properly connected to the hard drive, and that the other end of the ribbon cable is connected to the motherboard. Also, if you have two hard drives, one should be set to master and the other to slave. If those troubleshooting techniques fail, then you probably have a bad hard drive. You'll have to replace the hard drive with a new one and reinstall the OS and your backed-up data.

Bad memory modules can also cause some boot-up headaches, but they're a little easier (and cheaper) to fix. If you have more than one memory module installed in your PC, remove one of them and reboot. If everything works as it should, you know that the memory module you removed is defective. If you still have boot-up troubles, replace the remaining installed memory module with the one you removed and try again. You should also install a memory module in a different memory slot on the motherboard.

If you only have one memory module, but you suspect it may be the source of your PC's boot trouble, buy or borrow a second module and try it out. Make sure the new memory module has the same characteristics as the one you're replacing, for example, a stick of PC2100 DDR SDRAM (double-data-rate synchronous dynamic RAM).



A bad memory module may be the source of boot problems.

You may not know that your PC runs on batteries, but it does. Actually, it only uses one battery, which powers the CMOS (complimentary metal-oxide semiconductor).

The CMOS is responsible for maintaining the PC's internal clock and other basic system settings, and like all batteries, the CMOS battery will eventually run out of juice. Although a dead CMOS battery shouldn't render your system completely powerless, you will likely receive an internal clock error message or a variety of other BIOS (Basic Input/Output System) or CMOS error messages because the PC can no longer store its settings when it's turned off.

 It's not too difficult to replace a CMOS battery, which is located on the motherboard. However, you will have to reset the CMOS settings and perhaps some BIOS settings.





Back to top

Build Your Own Boot Problems.

Many intrepid computer users are building their own PCs these days. When you build your own PC, you know you're getting exactly the parts you want, and aftermarket PC parts are often of better quality than the proprietary or cheap OEM (original equipment manufacturer) parts used by some PC manufacturers. There aren't many drawbacks to building your own PC, but it's not unusual for boot-up problems to occur the first time you try to power up your new rig.

Most boot-up problems that occur with a freshly built PC are hardware-related. Make sure you've installed all the hardware components properly. This includes any cards you've installed in PCI slots, the video card, memory modules, and the CPU. Also, be cautious when you install the CPU's HSF unit. If you simply jam the HSF on top of the CPU when you install it, you may crush the CPU core and you'll have to replace the CPU.

Not all users are inclined to build their own PC, but many users will upgrade at least some internal hardware components occasionally, even if it's a simple memory upgrade. As long as you install the new hardware properly, you shouldn't have any boot problems. But a boot problem can occur if you do not install the hardware correctly, or if the new hardware you've installed is defective. If you've installed new hardware, and your PC no longer boots properly, remove the new hardware (replace it with the old hardware if necessary) and start the PC again. If everything works, you know the new hardware is the source of your boot-up woes. Have the hardware replaced and reinstall it.

If you're having trouble booting a PC you've built, and all the hardware seems to be installed properly, it's possible that the case's power button cable is not connected to the correct pin on the motherboard. Motherboards have a series of pins located in the lower-right corner of the board that connect to various case cables, such as the LED (light-emitting diode) indicator, the hard drive indicator, the case's speaker (if it has one), and the power switch button. These cables (and their corresponding pins) are not always clearly labelled, so it's entirely understandable if you accidentally connect the case's power button cable to the wrong pins on the motherboard. Consult your motherboard's manual to see which pins are reserved for the power button cable.

Back to top

Prevention Is The Best Medicine.

Most hardware-related boot problems can be avoided with a little preventive care. Make sure you install new hardware correctly and that your PC is well-ventilated, as excessive heat can damage PC components. So can electrical surges, so it's a good idea to invest in a surge protector or UPS (uninterruptible power supply), which will help protect your PC. Take care of your computer, and it should take care of you.


Summary

There are several things you should do to make your system more secure, and keep it performing better.:

  • Change your file view settings on Windows systems so you will see all file extensions.
  • Always run anti-virus software and keep the virus definitions updated at least twice per week.
  • Never connect to the internet unless you are using a personal firewall or are behind an organizational firewall on a private network.
  • Never open e-mail attachments without being sure of who sent them. Keep the following in mind:
    • E-mail addresses can be faked by virus programs.
    • New viruses may not be recognized by your anti-virus software.
  • Patch your operating system regularly. This will reduce your vulnerabilities to worms and hackers. See the Applying Patches article for more information.
  • Patch your applications regularly especially Microsoft Office. Perform regular backups of your data.
  • Make an emergency boot disk to enable you to restore your system in the event of file corruption or a virus that makes it unable to boot.
  • Avoid installing unneeded applications and always be sure any free programs do not have a hidden purpose.

Basic Hardware Guide Credits

Document:
Basic Computer Tutorial Version 1.0.0
March 18, 2004
Author:
Mark Allen