Windows 7 : Navigating the Computer Security Maze

3/1/2011 11:35:03 AM
It seems like every time Microsoft or other software providers find a better way to protect your computer, hackers and malicious individuals find new ways to exploit computer vulnerabilities. In this section, we’ll introduce the various techniques being used to attack computers and discuss the software programs used to prevent these types of attacks.

1. Introducing Malware

Many people spend a lot of time on the Internet browsing websites, downloading data, and never thinking of the potential problems of malicious software (malware) creeping onto their computers. Some such software simply reports your surfing habits, and other software tries to take control of your computer. Malware consists of programs that are suspicious in nature and have the malicious intent of infiltrating your computer without your consent. The industry also defines malware as software with a legitimate purpose that contains harmful bugs that ravage a computer.

Before the proliferation of broadband Internet connections, most malware was kept in check by the limited bandwidth of dial-up Internet connections. When you dialed into your service provider, you didn’t really have the bandwidth to allow your computer to be compromised without your knowledge and most computers were not left online all the time for people to try to connect to and harm. However, because broadband connections are fast and always on, many people today simply leave their computers connected to the Internet all the time. This works against the computer owner, especially if she connects directly to a cable or DSL modem. With a direct connection to the Internet, you have left your computer open to numerous attacks. This is where malware comes into play. Malicious individuals have the opportunity to fingerprint your computer in an attempt to find vulnerabilities, and eventually your computer succumbs to an attack, which allows someone to load software on your computer without your consent.

When you are troubleshooting a problem with your ISP, you may be asked to disconnect your computer temporarily from your router and connect directly to the cable or DSL modem. Before you do this, you should be sure that you have the latest updates to Windows and that your antivirus and antimalware software is up to date. Many of the attackers are actually automated scripts that sweep large chunks of IP addresses at a time, so it is only a matter of time before your computer is probed by one of these scripts.

At the time of this writing, the SANS Internet Storm Center reported that an unpatched Windows system would be likely to survive for no more than 70 minutes upon being connected to the Internet without protection. For more information and precautions you can take, see

Another way for malicious software to get onto your computer is via your own use of the Internet. You may recall a time when you visited a website and were faced with numerous pop-ups asking you to vote for a website or install specific add-ons in order to see the content of a website. More than likely, you either purposefully clicked, allowing the malicious program to load, or you were misled into clicking the wrong button and the software loaded by itself. Many of these websites load harmful software to take advantage of your computer without your consent. Some even load dialers onto your computer to use your modem to make phone calls that are then charged to you.

Other malicious programs get loaded onto a computer without the owner knowing they are there because they are able to mask their running processes. The industry calls this particularly heinous type of software a rootkit. Rootkits conceal their running processes and files, and sometimes they even morph process names and files to conceal their true nature. Most of the time rootkits disguise themselves as drivers, parts of the operating system, or kernel modules.

Kernel-level rootkits replace portions of code programmed into the computer kernel. The modified code added by the rootkit usually hides an additional program, allowing remote users to use the infected computer. Usually kernel-level rootkits replace a computer driver, device driver, or additional module to accomplish their goal. If the rootkit has bugs in the code, it may compromise the integrity of the computer from a stability standpoint, in addition to introducing the security implications of infection. These types of rootkits are extremely difficult to identify and clean, which makes them extremely dangerous.

Other common types of rootkits include library-level kits and application-level rootkits. A library-level kit will replace a computer call with modified code to mask the information about the hijacked module. Application-level rootkits replace common applications with modified code or a Trojan. These applications mimic the behavior of the previous application and mask their modification of the computer. Sometimes application-level rootkits replace patches loaded onto a computer for security purposes.

Virtualized rootkits modify the boot sequence of a computer to load their content instead of the intended operating system. Once they have introduced their payload, they load the operating system as a virtual computer, which enables them to gain control of all calls to the hardware by the guest operating system. Although no virtualized rootkits exist in the wild, they do exist in controlled environments. For example, Microsoft and the University of Michigan jointly developed a virtual rootkit, which they termed Virtual Machine Based Rootkit, or VMBR.

Rootkits also serve as a tool to abuse an infected computer using a program called a backdoor. Backdoors also fall into the category of malware. Backdoors are programs that allow attackers to use a computer for their personal use or profit. Backdoors allow the attacker to manipulate the compromised computer to perform single or even strategic attacks against other people’s computers. In addition to allowing remote connectivity to the computer, backdoors may also allow an attacker to run software at an elevated level usually reserved for administrators of the compromised computer.

Additional malware programs include key loggers and denial-of-service attack tools. Key loggers usually log or directly send keystrokes from the compromised computer to another user on a remote computer. Denial-of-service attack tools are loaded by an attacker or rootkit and allow the compromised computer to be used against web servers, denying users the ability to connect to the web server.

Denial-of-service tools accomplish their task by overloading the server with requests until the computer under attack runs out of available resources to honor the overwhelming number of requests for a particular resource. Although a standard denial-of-service attack uses a single computer to try to accomplish this goal, a distributed denial-of-service attack uses any number of compromised computers, making it even more difficult to stop the attack by blocking requests from a single IP address.

Whatever the flavor of malware, most of it provides no value to the computer on which it exists. Malware has many impractical purposes, including malicious use of the infected computer. It may also allow the use of personal information housed on the infected computer for profiteering, or identity theft. Malware makes up a very large portion of the problems inherent to the Internet in its current state, and it poses a great threat to private information housed on private networks. The worst part of malware seems to be computer users’ lack of knowledge of how to remove and prevent these types of programs from infecting their computers. This includes home users and corporate IT professionals alike. Malware may arguably be the worst threat against computers to date.

2. Understanding Antimalware Programs

Recently more companies have realized the potential harm of malware programs, and they have tried to take steps to begin removing malware from their environments. With the onset of the Sarbanes-Oxley and HIPAA acts, compliance is on the rise and many people have started to realize how vulnerable their private data has become to outside entities. Armed with this knowledge, security practices have become increasingly important for many organizations, and everyone feels the pain as we struggle to maintain a balance between user-friendly computing and secure computing. To combat the problem with malware, many vendors now offer tools that will remove even the toughest malware out there. The industry refers to these programs as antimalware tools.

Antimalware tools scan and remove malware from infected computers. If you type “antimalware” in a search engine, you will discover some of the more than 6 million web pages on the topic. The reason for this relates directly to the inexhaustible amount of malware floating around on the Internet. As discussed previously, most users have become aware of the problem with this type of software only in the last few years. Some people were aware of the problem early and tried to explain to others how difficult it may become, especially in the corporate world, but mostly it was ignored. Now antimalware has taken the lead in the battle for securing your data.

Antimalware programs work similarly to antivirus scanners—identifying malicious programs on the suspect computer, whether in RAM, on the hard drive, or on network shares connected to the computer. Once the antimalware program has identified the threat, it will either alert the user for further instructions on how to handle the problem, or it will delete the program and eliminate any registry entries associated with the rogue program.

As with antivirus engines, multiple malware scanners are your best bet for eliminating malware programs from suspect computers. You can find these types of programs online, and using them will eliminate the vast majority of malware on an infected computer. For the purposes of malware removal, Windows 7 offers Windows Defender, arguably the largest and most powerful antimalware engine available.

Antimalware programs can identify and remove many of the unwanted programs on your computer, including unwanted browser help objects, startup programs, registry settings, toolbar buttons, Winsock hijackers, Internet Explorer plug-ins, ActiveX controls, DNS hacks, and anonymous proxy rerouters. Each type of unwanted program relates to methods that malware writers employ to get their malicious code onto your computer. Some of the methods employ deceptive tactics to make you believe you are loading a beneficial program onto your computer while manipulating data on your computer so that it can be accessed on remote servers. These programs leave you vulnerable to the less than savory strategy of the malware writer.

Currently many antivirus companies are beginning to enter the world of malware removal by either using third-party applications or purchasing the engines of antimalware programs and integrating them into their own products for malware identification and removal. Although malware may seem similar to a virus, it is indeed a separate category of malicious code. Viruses replicate themselves from computer to computer; malware is a silent threat that users usually unknowingly install.

Also, note that you may have to hand-edit the registry to remove some types of malware. If you require this type of intervention, take great care when editing your computer’s registry. Editing the registry can render a computer unusable and require the intervention of a recovery service or large amounts of time to correct. If you are not comfortable editing the registry, consult a computer service or repair shop to remove these types of malicious programs. Most computer service companies can remove these programs within a short period and require only a small fee to clean your computer. This can help immensely when the programs are embedded into the computer or have metamorphic qualities.

3. Understanding Computer Viruses

The industry defines a computer virus as a program that spreads by inserting itself into executable code, documents, or programs, and then self-replicates to other documents, users, or computers when the compromised file is shared. We refer to a computer with a virus as infected, and we try to inoculate the computer against future infections. Viruses are usually malicious and sometimes harbor backdoors or Trojans.

Viruses were extremely prevalent in the earlier days of personal computing and they had a devastating effect on computers. Viruses come in all shapes and sizes, as well as varying strengths of maliciousness. Some of the methods viruses used to execute included time bombs that would go off at a predetermined time, and logic bombs that a user triggered by completing some predefined action on the computer.

Another very nasty virus included the stealth boot virus, which attacked the boot sector of the host computer or floppy disk. This virus would not allow the computer to boot, and it required considerable work to remove. This type of virus was more common due to the lack of networks available. Most files were moved from computer to computer via floppy disks. Once the infected floppy was inserted into the receiving computer, the virus code executed, infecting the new computer.

Viruses are terrible in the sense that they can replicate themselves at an inexhaustible rate. Luckily, because more people use virus protection, they are not as widespread as before. However, now that we have the ability to transmit data at gigabit speeds and process data in the gigahertz range, viruses pose an even greater threat than previously known. This brings us to the subject of worms.

Computer worms have taken on the traditional bogeyman role of the computer virus, though viruses continue to present a real threat. A worm is defined as a piece of software using a computer network to copy itself and generate new hosts by compromising security flaws in applications or the host operating system. Once a worm makes it onto a network, it begins to scan for other computers with a similar or identical flaw used to infect the first host. The more hosts the worm can find to replicate itself, the greater the impact it has on the host computer and network. Some worms have generated so much traffic that they have literally brought the Internet to its knees.

The first worm was created at the Xerox PARC laboratory in Palo Alto, California. One of the computer scientists at the lab created a worm to use on the different host computers in the facility to process data for a centralized program. This was in the early days of the PC. Before this, all users connected to a CPU. To garner the processing power of the individual PCs in the facility as a single unit, the scientist broke his data into chunks for each PC to process. Once the PCs finished their work, they transmitted the results back to the controlling node. At one point, the worm began using more and more resources of the host’s computers, until it failed to give the user computer availability. This required the creator to find a way to disarm the worm, which in turn gave the user use of the infected computer and the network it flooded with traffic. Although this worm had no malicious intent against the host computer, some of the more recent incarnations of this type of program have caused considerable damage to entire networks. Some worms have rendered entire networks unusable for days, weeks, and even months, due to their inherent capability to replicate themselves.

The most recent embodiment in the computer virus family comes in the form of email viruses. Recent years have given us some particularly nasty specimens, including (but not limited to) the ILOVEYOU, MELISSA, and, of course, Mydoom viruses. Each of these email viruses had a devastating effect on computers, causing many providers to turn off their email computers to prevent the virus from taking over and spreading. Most email viruses use the address book of the user executing an email program to spread themselves to other users, who in turn execute the program, allowing their address books to be manipulated by the virus and spread even farther.

Almost all viruses execute with the use of another program, replicate themselves, and continue their path of destruction. Some replace executable files on the computer they infect, which the operating system executes, releasing the virus to spread to other computers. All types of computers are susceptible to viruses. Additionally, all operating systems have vulnerabilities allowing the execution of virus-ridden code, so no one vendor offers a completely safe product.

Although some viruses try to inundate a network to eliminate its use, others are malicious and want to destroy data on a computer. Viruses can be embedded in all types of files, including video, audio, document, and image files. Some of the newer viruses are embedded into JPEG images for execution. This is especially dangerous because the browser has the intrinsic capability to execute and display images. Browsers make up the largest group of applications in use on computers today. With this fact evident, the propagation of viruses could become even greater in the future than in the past.

As with malware, viruses that take the place of programs used by the operating system may cause instability of the host computer. This can cause crashes, hangs, and intermittent lock-ups. Trojans fall into this category as well, but they work slightly differently than viruses. Trojans follow true to their name. Trojans are also referred to as Trojan horses, relating to the famous story told by Homer in The Iliad of the great battle between the Greeks and the Trojans over Princess Helen. To get a Trojan on your computer, you must invite the program onto your computer. Usually you do this by loading a utility or other program that has a purported valid use on the computer. Unbeknownst to you, the program includes a Trojan, which gives an external user the ability to use the computer remotely. The remote user can then cause great harm to the data on the computer or expose its use for personal gain.

The Trojan may lie dormant on the computer until you open the program, and then it may require the use of a specific program to open a predefined network port. Once you meet the criteria for the Trojan to work, it allows a remote user to manipulate the infected computer for his purposes. These purposes usually fall in line with malicious uses including profiteering, denial-of-service attacks, distributed denial-of-service attacks, key logging, and identity theft.

As you can see, the lines between malware and viruses are very blurry in terms of the devastation they can wreak on a computer. The difference lies in the way the program comes to reside on the infected host computer. Malware makes its way onto the computer without your knowledge and allows remote control of the computer. Malware does not necessarily replicate itself to gain the use of other computers. Viruses always replicate themselves. Sometimes viruses employ the same method of installation on the infected host computer, but they always replicate themselves to other computers. They act in very much the same way as a virus acts in the human body, which is how they received their name. The good news is that since the popularity of the Internet, many viruses have been permanently eradicated from the industry, due to the capability to transfer code to eliminate the viruses from infected computers.

4. Introducing Antivirus Programs

The intent of an antivirus program is to identify, inoculate, disinfect, or clean a virus or other malware program from a computer. Antivirus programs usually work in two different ways. Most scan a computer in its entirety, looking for known viruses based on their databases of virus listings, and then they delete, inoculate, remove, or quarantine the infected file. Other antivirus programs watch file behavior on the computer. If the program detects unusual behavior, it will usually capture the file, scan it, and then either ask the user for input on how to handle the issue or quarantine the file for further inspection and possible deletion.

Most current commercial antivirus programs use both of these methods to detect and eradicate viruses from infected computers. This helps eliminate the threat of infection by watching the most consistent way viruses try to infiltrate computers. The most common elements of virus removal involve repair of the file itself. This consists of the antivirus program trying to remove the offending code from the infected file. If the removal process does not work, the antivirus program usually will quarantine the file discovered and prompt you for further instructions on how to handle the problem with the infected file. When you log on to the computer after the quarantine process, you must decide whether to try to repair the file again or delete the infected file.

It should be noted that you should always attempt to use multiple antivirus programs to repair either files of a sensitive nature or those used by the operating system before deleting the files. If you have a virus in a file you want to keep, you should try to use multiple antivirus engines to repair the file. This also holds true for operating system files. Operating system files infected with viruses may render the infected computer incapable of operating correctly, sometimes to the point where the infected computer will not boot into the operating system. Infections of this type sometimes require a boot disk with an antivirus program to remove the virus from the computer.

Antivirus programs detect viruses via dictionary scans, behavior analysis, and other methods. Each detection technique follows a specific type of logic in order to find, repair, remove, or delete an infected file. Each approach is unique. Most antivirus engines employ at least two of these types of analysis in order to identify viruses. The third category is usually used only when specific types of viruses are encountered. Each approach helps us to identify the methods virus writers employ to launch their code so that we can begin the process of eradicating viruses from our environment:

Dictionary scanning

This approach uses a database of known antivirus types. When the antivirus program scans the computer in question, it looks for specific code listed in the files it scans. If it discovers suspect code, it will try to identify the virus strain, report the infection, and complete whatever predefined options the user has defined in case of corruption. Usually a dictionary-based antivirus program scans the files when the operating system opens the files for use. This includes files, programs, email, and other known methods of attack.

Not all virus writers allow their code to remain static. That means the code may be able to change or “morph” into something different to eliminate the effectiveness of dictionary scanning. These types of viruses fall into the polymorphic and metamorphic categories. They modify themselves to prevent detection, and even employ encryption to help hide portions of themselves from antivirus programs.

Polymorphic code changes into different forms while keeping the original algorithm intact, allowing the same action to occur when executed but letting the code slip past dictionary analysis. This helps the code hide its presence from antivirus programs trying to detect and rid infected computers of viruses. Malicious-virus programmers use this type of mechanism to keep their code “in the wild,” allowing the virus to propagate freely without detection.

Metamorphic code literally reprograms itself by translating itself into a similar representation, and then back into the original form. Metamorphic code can also use different operating systems affected by the virus. That means a single virus could employ different methods of infecting Windows, Linux, and BSD in the same code. This method allows the virus to slip through detection of dictionary analysis by antivirus programs. Programmers go to great lengths to see that their viruses do maximum damage by eliminating the simplest of detection efforts by the public.

Checking for suspicious behavior

This is a different approach to virus identification. This approach does not employ dictionary databases to find and eradicate viruses. Instead, it monitors a program’s behavior on the computer. When the antivirus program sees a program attempt to write data into an executable program, the antivirus program will identify the behavior, flag it as a potential problem, and ask the user what to do with the offending file.

Metamorphic viruses that reprogram themselves create brand-new types of viruses. Because the new virus does not have a signature to match in a database, the behavior analysis method allows the antivirus program to capture and begin to identify the new offending virus. However, if the user accepts the behavior of the offending virus, this allows the virus to propagate, eliminating the effectiveness of the antivirus program. This type of analysis also lends itself to lots of false positives, making it a less effective technique than other methods of virus identification and eradication.

Other approaches

Other approaches to identify, capture, and eliminate viruses include heuristic analysis and sandboxes. Each method employs different processes to identify and capture viruses in an effort to eradicate their capability to propagate. Heuristic analysis may emulate the beginning lines of code executed by a program to identify the program’s behavior as self-modifying, or it may use a similar technique to discover that a program is looking for other executable files. In either case, the antivirus program may flag the file as a virus. Heuristic filters employ replicable methods to study, ascertain, or identify viruses through their perceived behavior.

Sandboxes emulate an operating system and allow code to run in a simulated environment. When the code runs, the antivirus program analyzes the emulated operating system for changes that are perceived as a virus. These types of analysis require sophisticated programs and use large amounts of computer resources to run. These features lend themselves to finding new viruses and keeping them out of the user environment, but they do not lend themselves to real-time analysis, requiring the antivirus program to run either as a managed background process or during off-peak usage times.

Each process lends itself to different types of virus identification and removal processes. Not all antivirus programs use the same methods of identification and no one antivirus program can identify and eliminate all viruses. Because of this, you may want to supplement scans of your installed virus software with online scans using a different virus engine. Take the time to research the different antivirus programs available, including free scanners online, to help identify and eliminate viral code from your computer.

5. Understanding Spyware

Spyware falls into a broad category of software designed to gain control of a computer without the user’s consent. As the name suggests, the program loaded onto the computer spies on the user, and the industry has come to realize that spyware also allows a remote user to control how the computer operates. Sometimes spyware only offers the data housed on the computer for use in spying on a user’s habits. Some companies use this data for targeted advertising or to manipulate content based on the user’s browsing habits.

Spyware watches what you do on your computer and sends the data over the Internet to a collection point for future use. Sometimes these collection points are data warehouse computers that let marketing groups purchase browsing habits to begin an advertising campaign based on the way you and other people browse the Web, thereby allowing them greater financial gain. Some types of spyware will attempt to record your keystrokes in the hopes of getting personal information for monetary gain. These programs try to intercept any usernames, passwords, or credit card information you use while online, and they are the most dangerous type of spyware.

Other spyware programs monitor the use of websites on the compromised computer. They then attack you with a barrage of pop-up windows. Some simply begin popping up advertisements of competitor websites in the hopes of gaining advertising dollars through your clicking on the advertisements. Most of these types of programs fall into a category called adware. Not all pop-up windows are associated with programs loaded on the computer; some simply are generated by the code on a website. With this in mind, if you see pop-ups on a regular basis whenever you use your browser, you probably need to look into cleaning spyware off your computer. If you visit a website and get the same pop-up or a similar pop-up every time, it is probably due to the code on the website. For example, the Barnes & Noble website ( used to display a pop-up with the latest advertisement whenever you visited the home page. This type of pop-up is not the result of adware or spyware. However, if you visited the Barnes & Noble website and got pop-ups for competing or unrelated sites, this was probably the result of adware or spyware.

Most spyware capitalizes on the integration of the Internet Explorer browser into the Windows operating system. This integration allowed individuals to write code to get information from the browser and the operating system, and it allows companies to pull information from unsuspecting users when they visit a website using ActiveX controls and other applications loaded onto your computer.

An example of a program that integrates the Internet Explorer browser into the Windows operating system is the Alexa toolbar. The Alexa toolbar is an application defined as a browser helper object that includes some useful tools, such as a pop-up blocker, a search engine, and a link to and The toolbar also reports the website usage of the local computer to a collection point at Alexa. Some dispute the Alexa toolbar spyware classification, because the user has to agree to an end-user license agreement (EULA).

One of the most prolific spyware programs was Gator. This program offered to house your personal passwords for applications and websites. Although the program held on to your personal data, it also spied on the browsing habits of users and sent the information back to Claria Corporation. Another prolific spyware program was called Bargain Buddy. Bargain Buddy loaded onto the computer in a not-so-above-the-board manner. Exact Advertising then paid the installing website money for loading the software, and the program began popping up advertisements to the user.

Some of the more recent applications of spyware include software advertised as a spyware removal tool. Though these tools advertise removal of spyware on infected computers, they actually cause damage to the computer on which they are installed. Some argue against the use of the term spyware for these programs because they actually require the user to install them on the computer, and some include a EULA, which flies in the initial definition of spyware.

Another prolific installation path for spyware programs includes the offer of a usable program for peer-to-peer file transfers or other uses that then piggyback the spyware onto the computer when the user installs the program. Kazaa worked in this manner by tricking the user into installing the program, and then allowing the spyware to work in the background without the user’s knowledge. After its prolific use on the Internet, someone noticed the problem with the application and made it publicly known that the software was pilfering data from the computer on which it was installed. Kazaa then proceeded to create a new, “lite” version of the product without the spyware attached. Of course, most of these programs have fallen under attack by the Recording Industry Association of America (RIAA) in the battle against music theft and user rights, and they do not have the same user base as they once did.

Not all spyware comes packaged in the cloak-and-dagger style. Another prolific spyware program, named BonziBUDDY, advertised itself as a companion for children while they surf the Web. It even claimed to allow product price comparisons for the user. What the user did not understand when he or she loaded the program was that it was spying on the usage of the computer. It goes to show that you need to take the time to research the programs asking for your approval before you install them on your computer.

You are the main line of defense against spyware and other malicious programs targeting your computer. Take the time to consider what you are installing, and block your children’s ability to install programs onto computers. Some spyware applications come packed with freeware utilities or even games. This makes children a prime target for the installation of programs that may undermine the stability of the computer or that may allow someone to steal your private data.

6. Introducing Antispyware Programs

Antispyware falls into the same category as antimalware does. Before the proliferation of this type of code across the Internet, a distinction was made between the two types of programs. However, in recent years, these antispyware and antimalware programs have morphed into the same program. Usually you can eliminate spyware using freeware antimalware tools or antivirus scanners. Some specialty tools list themselves as spyware removal tools, but they also help eradicate malware.

It may be more accurate to call spyware adware or nuisance software. Although some of these offending programs do actually send user data across the Web, they usually do not have a malicious intent against the user. They typically use the data to advertise goods or services to the user by scanning the user’s computer for patterns of behavior on browser use. Windows Defender, which is included with Windows 7, will find most types of spyware programs on your computer.

For many in the industry, spyware programs were both a wake-up call and the proverbial straw that broke the camel’s back. Many companies in the security business underestimated the threat posed by spyware and were not ready to combat the unique problems it created. This left many people running McAfee, Norton, and other security products without real protection against spyware, until recently. Not only did this leave many longtime users of these security products outraged, but it also created a backlash that was heard throughout the security industry. Why did this occur? Well, most of the security products—even those sold as total security shields—protected your computer from viruses, hackers, abuse, and sometimes even spam, but they did not protect your computer from spyware. In fact, only the 2007 and later editions of the McAfee and Norton security products truly protect you from spyware as well as all the other bad things out there on the Internet.

The backlash created by consumer outrage did have some positive effects, though. As ISPs noticed that people were increasingly canceling their memberships because their computers simply could not be made safe on the Internet, many began offering free security solutions. At the time of this writing, two of the largest ISPs in the United States—Comcast and AOL—provide McAfee security products free to subscribers. Comcast subscribers get a free subscription to McAfee VirusScan, Personal Firewall Plus, Privacy Service, and SpamKiller. AOL included McAfee VirusScan and Personal Firewall Plus in the AOL Safety and Security Center, and also offers spyware protection, phishing protection, and spam protection.

You should note that not all antispyware programs work as advertised. Some of these programs disguise themselves as removal tools, but in fact they install and advertise themselves for use to remote users for malicious intent, or they install advertisement programs onto the computers themselves. Take the time to research any product before you install it on your computer. All reputable programs have websites explaining the use and purpose of their programs, and should have reviews on reputable websites and publications.

Most of the tools available require you to go online to update their databases of known spyware to aid in the removal of these programs. As with any tool you use to remove unwanted programs, take the time to either update it regularly or allow it to connect and retrieve its updates automatically. Most of these programs have a mechanism built in to allow this type of automation and allow the user to go on without the effort to check them as frequently. This does not mean you should set it and forget it. You still need to take the time to verify that they are updating correctly, because from time to time they may not work as advertised.

As with malware, you may occasionally have to hand-edit the registry to remove some types of spyware. If you require this type of intervention, please take great care when editing your computer’s registry. Editing the registry can render a computer unusable and require the intervention of a recovery service or large amounts of time to correct. If you are not comfortable editing the registry, consult a computer service or repair shop to remove these types of malicious programs. Most computer service companies can remove such programs within a short period and require only a small fee to clean your computer. This can help immensely when the programs are embedded into the computer or have metamorphic qualities.

  •  Windows 7 : Troubleshooting Common Problems on Small Networks
  •  Windows 7 : Advanced Networking Concepts
  •  Windows 7 : Networking with TCP/IP (part 2) - Understanding IPv6 & Configuring IPv4, IPv6, and Other Protocols
  •  Windows 7 : Networking with TCP/IP (part 1) - Understanding IPv4 & Using Private IPv4 Addresses and Networking Protocols
  •  Windows 7 : Mapping Your Networking Infrastructure (part 2) - Viewing the Network Map & Viewing and Managing Your Network Connections
  •  Windows 7 : Mapping Your Networking Infrastructure (part 1) - Using the Network and Sharing Center
  •  Windows 7 : Understanding Home and Small-Business Networks
  •  Troubleshooting Windows 7 Programs and Features
  •  Windows 7 : Getting Help and Giving Others Assistance
  •  Windows 7 : Recovering After a Crash or Other Problem (part 3)
    Video tutorials
    - How To Install Windows 8

    - How To Install Windows Server 2012

    - How To Install Windows Server 2012 On VirtualBox

    - How To Disable Windows 8 Metro UI

    - How To Install Windows Store Apps From Windows 8 Classic Desktop

    - How To Disable Windows Update in Windows 8

    - How To Disable Windows 8 Metro UI

    - How To Add Widgets To Windows 8 Lock Screen

    - How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010
    programming4us programming4us