When Windows crashes with a BSOD it can be configured to write-out a minidump file. This file contains information on the crash event which occurred that caused the BSOD. For the benefit of other users, you can enable the creation of a minidump by going to the “Start” menu > “Control Panel” and open the “System” control panel (you may need to first select the “Performance and Maintenance” control panel category). In the System control panel, click the “Advanced” tab and under the “Startup and Recovery” heading click the “Settings” button. Under the “Write debugging information” heading make sure that “Small memory dump (64 KB)” is selected. The small dump directory should automatically populate with a value. Write down this value as it defines the location to which the minidump will be saved (this is usually the C:\WINDOWS\Minidump directory, also written as %SystemRoot%\Minidump which simply means the system root drive and directory and then Minidump sub-directory).

Now that the minidumps have been configured we will move onto reading a minidump file following a BSOD episode. You may be getting the “Access Denied” message because you have not been using the correct utility to read the minidump files, so we will proceed to install the utility which can read these files. If the problem continues then there are some other methods we can use to resolve the “Access Denied” error.

First, you need to download the debugger utility to read the minidump files. This is a free download from the Microsoft website at www.microsoft.com/whdc/devtools/debugging/default.mspx . Click the link to download “Install Debugging Tools for Windows 32-bit Version”. This will take you to another page allowing you to download the latest version of the tools. You will notice that the latest version of the Debugging Tools is included in the Windows Driver Kit (WDK) so you will need to download the WDK which will also install the Debugging Tools. Once this has been installed, there will be a new program group on your Start Menu named “Debugging Tools for Windows” which contains all the newly installed tools. We wish to start the WinDbg tool which will allow us to open and view the minidump files. Go to the “Start” menu > “All Programs” > “Debugging Tools for Windows” and open “WinDbg”.

If you opened a minidump file now you will not get much useful information. Instead, you will likely receive a message saying “Symbols cannot be loaded because symbol path is not initialized”. This is because you have not loaded the symbol tables into WinDbg. To understand why you need to install these symbol tables we need to take a quick detour and explore how programs are translated from their original source (programming code), which a programmer or software engineer writes, into executable machine code. As you may be aware, programmers generally write software in a high-level language (such as Visual Basic, C#, Objective-C, etc). This is human-readable and understandable. As part of the code which the progammer writes, they use identifiers. These identifiers include program variables, names of functions, names of modules, etc. The identifiers are written in human-understandable language as this provides a degree of intrinsic documentation in the code. For example, the programmer may write a function called “calculateAreaOfRectangle(width As Integer, height As Integer)”. This function obviously calculates the area of a rectangle given a particular width and height. As such, whenever the programmer calls this function within the program it is pretty obvious what the function will do, thus we are using intrinsic documentation. However, when the program is compiled this high-level language is translated into low-level machine code (binary) so that the program can be executed on any computer which understands that machine code. These identifiers are not required for the program to execute – all the executing program cares about are the memory addresses where all these identifiers are stored, as the executing program thinks in terms of memory addresses rather than identifier names. As these identifiers are not required, they are removed from the compiled program (so that the size of the executable file is reduced). However, thought was given that these symbols may be useful if we wish to debug the program later, as without these symbol files we would only see the memory address of errors. It would be much better to see the identifier for an error.

Using our previous example, if there was a crash in calculateAreaOfRectangle then without symbol files we would only see the hex address of the memory which calculateAreaOfRectangle occupied (e.g. 0x 20000120) rather than the actual identifier name (i.e. calculateAreaOfRectangle) which would be much more useful.

Therefore, for debugging purposes some software manufacturers provide the symbol files for download. In this case, we can download the symbol tables for Windows as this will provide us with all the identifier names for our BSOD so that we can see more useful information about the cause of the crash. Be aware, not all software manufacturers provide symbol tables. The reason that Microsoft provides these tables for Windows is because people develop software and hardware using Windows and they may need to debug their own software, so the symbol files are useful. Furthermore, the BSOD crash is a crash in Windows itself, so the Windows symbol tables will be relevant for debugging the source of the crash.

Now that we understand the need for the symbol files we need to load the symbol files into WinDbg. These can be downloaded on-demand from Microsoft so you just need to tell WinDbg the location of the symbol files. Open WinDbg and go to the “File” menu > “Symbol File Path”. In the window that appears type the following location: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols . This will download the symbol files from the Microsoft website and store them locally in the c:\symbols directory.

Next, we will try to open a crash dump file using WinDbg. Go to the “File” menu > “Open Crash Dump”. Navigate to the directory holding the minidump files (usually C:\WINDOWS\Minidump) and open the relevant minidump file. WinDbg will get rather busy at this point in time, as it needs to load all the relevant symbols and also any binaries related to the minidump file (as the minidump file is, well, mini it does not contain any of the executable files contents within the dump file itself, so it needs to find the executable file and load that in separately).

If you receive an error message informing “ERROR: Symbol file could not be found. Defaulted to export symbols for…” then something has gone wrong with the symbol file download, generally either because the symbol address was mistyped in the “File” menu > “Symbol File Path”, your internet connection is not working, or a firewall has blocked the download. In the last case, if you disable the firewall this generally won’t fix the problem as it has already corrupted the download. If the problem was firewall related then the best solution is to delete the symbols cache directory on your computer (i.e. c:\symbols) and then reopen WinDbg and a dump file so that will trigger the symbols to download again.

You may also see a warning such as “ERROR: Module load completed but symbols could not be loaded for…”. This means that the minidump file contains a driver which is faulty, and the debugger has detected this driver. However, no symbol information is available for that driver. This is alright, as the drivers generally do not contain symbol information. The main thing is that the faulty driver has been identified – we do not care about what inside the driver caused the problem (as there is nothing we can do to fix that problem). We mainly just wanted to know which driver is problematic so that we can take remedial action.

Finally, we are now ready to analyse the dump file and see what is the problem. You should be presented with a prompt allowing you to input a command into the debugger. At the prompt type: !analyze –v . This will provide a bug check based upon the minidump file that has been provided. Look through the bug check until you find the heading “Debugging Details”. This provides all the debugging information in that minidump file, in a somewhat analysed format making it easier to understand. You are most interested in the following items:
• DEFAULT_BUCKET_ID: This provides a general category of fault. For example, if this is defined as DRIVER_FAULT then you have a fault with some kind of driver on the computer.
• IMAGE_NAME: This provides the actual module (in the case of a DRIVER_FAULT, the actual driver file name) which is causing the problem.

Once you have the IMAGE_NAME you have narrowed down the problem to a particular module. Completing a search online (using Google or like) may yield results about how to fix this problem, which may involve a patch or updated version of the drivers. So, this provides you with a very good starting point for resolving the issue as you now know exactly what module is causing the problem.

Finally, we should deal with the situation arising where you receive “Access Denied” messages when attempting to open the minidump files. If you still receive this message when opening the files from within WinDbg then there is definitely something wrong. In the first instance, try copying the minidump file to a different location (such as the Windows desktop). To do this, right-click on the minidump file that you wish to copy and select “Copy”. Then, go to the destination location and right-click in any empty space and select “Paste”. Try opening that copied version of the minidump file using WinDbg.

The next possible cause is a permissions problem with the folder containing the minidump files, or a permissions problem with the minidump files themselves. I am not comfortable with manually modifying the permissions on the minidump folder and files, since there should be no need to undertake that procedure. Therefore, at this stage, it seems the most likely possibility is something wrong with the security descriptors on the folder and/or files, which is the actual entity that stores the permissions entries. The best way to check and resolve such issues is to run the ChkDsk utility. Be aware, this will take quite a long time to run. Additionally, as a matter of course, because it is changing data on your drive and repairing problems you should backup all important data before running this utility in case something goes horribly awry and the computer drive becomes unbootable and unusable. Once you have backed-up all important data and wish to proceed, go to the “Start” menu > “Run” and type “cmd” (without the quotes) and click OK. In the command prompt window that appears, type the following “ChkDsk /r” (without the quotes) and press ENTER. Be aware that ChkDsk may start running but then report you need to restart the computer because files are in use. Should this be the case, restart the computer and ChkDsk will automatically recommence operation upon reboot. As I said, this could take a while so don’t start this procedure should you need to use the computer within the following few hours.

It is good that you have been regularly scanning your computer for malware as these kind of rogue files can significantly slow down your computer. However, from your question, it seems that the computer has been generally running slowly in recent times. This is a common side-effect of having a Windows computer in operation for a long period of time. Over time there is a build-up of files on the computer as a result of the installation and removal of software, which can significantly reduce the performance of the computer. This is colloquially known as “bit rot” (see en.wikipedia.org/wiki/Bit_rot for more details). Many people have asked how unused or orphaned data (such as the remnants of old software which has subsequently been uninstalled) can affect the performance of a computer, since it is simply data which has been stored on the computer and may no longer be used. It is correct to say that unused data itself does not slow down the computer, but it is the effect of this unused data when the computer attempts to complete certain operations which is the problem. For example, when Windows is loading it needs to evaluate certain entries in the Windows registry to determine particular Windows settings. If there is a lot of build-up in the registry then the process of parsing and enumerating all the registry keys can significantly be slowed, resulting in performance hit. Unused data on the computer can result in other side-effects such as a greater degree of disk fragmentation (which makes it slower to access required files and data on the hard drive) and also slows down the ability to search for data on the drive (which may be required by some programs to locate particular pieces of data on the drive).

There are a plethora of utilities available on the internet which claim to boost performance of your computer. If you search for “speed up windows” in Google you will see a large list of results and also advertisements for utilities which appear to speed-up the computer. However, I would take all these utilities with great scepticism. While I have not used all such utilities, I have used a large number of these so-called optimization utilities. Results have varied from doing almost nothing through to causing a major system corruption, necessitating the need to reinstall Windows. Most of these utilities perform their operations by removing temporary files from the computer (which can safely be done any way using standard Windows utilities such as the Disk Cleanup utility) but then delve into the Windows registry and remove registry entries which the utility deems to be redundant and unnecessary. Unfortunately, on many occasions the utility is a bit too careless and removes registry entries which are actually needed, resulting in major system problems. Therefore, as a rule of thumb I never use any such system optimization utilities as in my experience they generally cause more harm than good, and given that you need to purchase most of these utilities it is not particularly cost-effective if they don’t perform the desired function.

Therefore, my recommendation is to backup all data that you wish to keep and then reinstall Windows from scratch. I understand that this is not your optimal course of action, but I recommend that this is the best solution to your problem. In fact, generally I recommend that users do a clean reinstallation of Windows every two years (at the maximum) so that the performance on their computer does not degrade to the point of being unusable. While this is a major operation there are ways to make it easier in the future, should you wish to regularly rebuild the computer. The best way to make this process more efficient in the future is to reinstall Windows and all the applications you wish to use on the computer (such as Office, etc.), then configure the machine as suits you, and take an image/snapshot of the computer at that time. This means next time you wish to reinstall Windows instead of having to reinstall Windows and all the applications, together with configuring the settings on the computer, you can just restore that image/snapshot on the computer. This will be much quicker than a manual reinstallation and will also be a lot easier for you. There are several programs which can complete this task, but one of the better programs is Acronis True Image Home (www.acronis.com.au/homecomputing/products/trueimage). This software costs $69.99 and is well worth the cost, as it can do both the disk based imaging together with general file backup.

You will notice that in the above procedure before taking the image/snapshot of the computer I suggested that you only install the operating system, any programs which you need, and also undertake general configuration of the computer. I have said to copy all your backed-up data into the computer. The reason is that if you copy the backed-up data and then take the image/snapshot that image/snapshot will contain all your data at that point in time. This is probably not desirable, as your data will be constantly changing. Therefore, I suggest that you keep your data off the image/snapshot and instead copy the data back after the image/snapshot has been restored onto the computer. You should also be able to use Acronis True Image for this purpose, as it can also complete file backup in addition to the image capability.

The final question which should be raised is where to store the image/snapshot of your computer, together with any backed-up data. It is unlikely that a CD or DVD will have the capacity to store the data, and spanning across multiple CDs and DVDs is very inconvenient and will be slow to restore. My suggestion would be to store all this data on an external USB hard drive and then back it up again onto a second USB drive. These USB drives are very cheap nowadays and are very fast, convenient and USB 2.0 support, together with the large drive capacity, allow a lot of data to be stored and retrieved quickly. While hard drives are not invincible (as they are subject to mechanical faults, as are all devices with moving parts) since the image/snapshot backups are not absolutely critical (in the sense that you can make these again if necessary) and the data backup presumably is just a backup copy in case the main computer fails, the trade-off between data security, convenience and price by using an external hard drive appears to be acceptable. That said, I would suggest that you make a secondary backup copy of all important data when you are restoring the computer using the image, as it would be unwise to rely on just one backup copy of the data (on your primary portable hard drive) in case that drive fails during the computer rebuild process (as Murphy’s law would dictate) after you have wiped all the data off your computer, but before you have restored the data from backup.

These emails are actually being addressed to you, but you cannot see your email address in the message header. You mentioned that the message is addressed to a different person in the “To” field. This is the primary addressee of the email message. However, your email address would have been included in the “BCC” field of the email message. BCC stands for Blind Carbon Copy which allows the sender to address the email to additional people, but any email addresses placed into the BCC field are not visible to the recipients of the email message (thus the term blind carbon copy – it copies the message onto additional people, blindly). An example is best in this situation. Say that I address an email in the “To” field to silicon.kid@isp.com. In the BCC field I then enter the additional email address frank@isp.com. Both people (silicon.kid and frank) will receive the email message, but we both will only be able to see that the email address was sent to silicon.kid (as his email address is in the To field). I won’t know that the email was sent to frank@isp.com as that email address does not appear in the email header, as it has been removed since the address was placed in the BCC field. Likewise, you only know for certain that the email was sent to silicon.kid (as that is in the To field) and frank (as you received the message). There could be other email addresses in the BCC field of which we are unaware, as we cannot see the contents of that field.

Returning to your specific scenario, the spam email message has been primarily addressed to the person in the “To” field but also BCCed onto other people, including yourself. The selection of the primary addressee of the email message is entirely random, so if you have received other spam messages which have been addressed directly to you then it is likely that other people also received that message but were BCCed onto the message, so you have been unaware that other people also received that spam message.

There is really nothing that you can do to stop these messages from being received, as someone has got hold of your email address and can basically send what they like to the address. You could setup a filter or rule in your email client which deletes (or moves) any emails which are not specifically addressed to you, but I would recommend against this solution since there are many instances where a legitimate message may not be specifically addressed to you (such as if you are subscribed to a mailing list). If you are not receiving a huge volume of such messages then I would suggest that you continue to manually delete the messages. If they do become problematic then you may wish to investigate a spam filtering software package to help detect and remove spam messages or change your email address.

As an aside, the BCC field is very good when sending a group message and you do not wish to expose the email address of all the recipients to everyone who receives the email. When sending a group email it is good practice to put your own email address in the “To” field and then all the recipients in the “BCC” field. This means that you receive a confirmation copy of the message which you sent, but none of the recipients can see the email address of the other recipients. Additionally, this also prevents someone from pressing the Reply All button and sending an email back to all the people who received that message (which you probably do not wish to occur).

The lack of any Remove or Change buttons in the Add/Remove Programs control panel could be caused by a variety of different factors. In the first instance, make sure that you are logged into the computer as an administrator since if you are only logged on under a limited user account then this could limit the number of programs which you are able to change or uninstall. To check whether your account is a computer administrator account, attempt to open the “User Accounts” control panel. If you are able to open this control panel that is a good indication in itself that you are a computer administrator. However, as a double-check, once you have opened the control panel you should see a listing of the accounts on your computer. Ensure that the account you are currently using is denoted as a “Computer Administrator” or “Administrator” account. If not, then you should logon to the computer using an administrator account and either remove your programs under that account or promote your user account to be a computer administrator and then log back on using your account to remove the programs.

Assuming that you are logged into the computer as an administrator, the next possible reason for this problem relates to some settings in the registry. There are certain registry settings that can be enabled to remove the Change and Remove buttons within the Add or Remove Programs control panel. These are designed more for enterprise environments where the network administrator wishes to implement policies preventing users from changing the programs installed on their computers. Even though such settings are designed for larger environments, it is still possible to implement them on home computers which may have happened in this case. So we will need to check some settings in the registry. Only proceed with the following instructions if you are confident in editing the Windows registry, as incorrectly changing any values could result in unpredictable consequences. Proceed at your own risk.

Assuming that you would like to continue, go to the “Start” menu > “Run” and type “regedit” (without the quotes) and click OK. In the Registry Editor window that appears, navigate to the following registry key (folder): HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall. For future reference, a registry key is essentially a “folder” within the Windows registry that contains several values (analogous to files) which set the particular settings which concern us. The Uninstall key is the location where policies related to uninstalling programs reside. Within the Uninstall key, in the right-hand pane of the Registry Editor window look for a value named “NoRemovePage”. This prevents the user from changing or removing the installed programs through removing the Change and Remove buttons. If this registry value is present, right-click on the value and select “Delete”. Close the registry editor and then log-off the computer and log back on to make the changes effective. Check the Add or Remove Programs control panel to see whether the problem has been fixed.

However, should the problem continue then we need to check some other configuration settings in the registry. If the “NoRemovePage” setting was enabled then this should disable the removal and changing facilities for all programs, not just selective applications. As you mention in your question that “most of the programs which are listed do not have a Remove or Change button” this then indicates the problem may not affect all the programs on your computer, but only selected programs. It is possible for the Remove and Change buttons to be disabled for specific applications. In the Registry Editor go to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall. registry key. Please note that this is different to the previous registry key, as this key falls under the HKEY_LOCAL_MACHINE branch of the registry, as opposed to the previous procedure which used the HKEY_CURRENT_USER branch.

Under this registry key you should see several sub-keys, each representing one of the programs listed in the Add or Remove Programs control panel. The name of the key should provide a clue as to the name of the program to which that key relates, but if the key is only a series of letters and numbers (e.g. ABCD-1234-EFGH…) then select the key and look at the DisplayName value in the right-hand pane to determine the name of the program. Find and select the registry key for one of the programs which does not have the Change or Remove buttons visible. Then, check whether the values NoRemove or NoModify exist in the registry key for that program. If either of these keys exist and their values are set to 1 then respectively the Remove or Change buttons will not be displayed. To re-enable the Remove and Change buttons, right-click on the NoRemove and/or NoModify values and select “Delete”. Again, you will need to log-off and then log back onto your computer to make the changes effective.

It is highly likely that one of the above procedures will fix the problem, so I will not continue to explore other resolutions. However, it is worthwhile noting that you should consider what triggered this problem to occur. Other users have reported that such problems occur after using system cleaning or optimizing utilities (which I am very wary about, and would generally recommend against using). That said, if you did use such a utility before the problem occurred then at least you know the cause and can ensure that you do not use the same utility and cause the same problem again. However, if you did not consciously do something to cause this problem then the worry is that some kind of virus or malware has installed on your computer, since such nasties have also been known to cause similar problems. Accordingly, I would strongly recommend that you complete a full antivirus scan on the computer to ensure that no viruses are resident. I would also suggest that you download and scan your computer using Ad-Aware Free (www.lavasoft.com), Spybot Search & Destroy (www.safer-networking.org), and Windows Defender (www.microsoft.com/downloads) to ensure that your computer is clean of such threats. This will also help ensure that once you have fixed the issue it does not reoccur.

Regarding your second query about the MSXML security vulnerability, you could try uninstalling MSXML 4.0 but there could be some software on your computer which requires version 4.0 of MSXML to be installed and uninstalling this version will cause problems with functionality of that software. Of course, you could try uninstalling MSXML 4.0 and see what happens and then reinstall the package if you find that something stops working and it actually is required. If you do need to reinstall the MSXML 4.0 package, or decide to keep this installed anyway, then make sure you visit Windows Update to download any security updates which may be available for that package. Assuming that your Windows installation is up-to-date, if you continue to receive the advisory from Kaspersky Internet Security about a potential vulnerability, yet all the relevant patches have been applied, then it would seem that Kaspersky is mis-detecting the fact that the package is still vulnerable. In this situation you should be able to ignore this advisory without adverse consequences, once you have ensured that your installation of Windows is completely up-to-date through Windows Update.

Even though opening and closing the CD drive drawer every 20 seconds would be an effective method to get the attention of the user to backup their files, I doubt that this is a feature of Norton 360. While I have not seen this behaviour before, such random events are generally related to either a program running on the computer which has gone partially haywire, or a virus or other malware being resident on your computer. As a starting point we will deal with the scenario of a program or process running in the background causing this behaviour. To try and narrow down this problem we will close all non-essential processes running in the background to see whether the problem stops. Press CTRL-ALT-DEL to show the Windows Task Manager window. In the window click the “Processes” tab. This will display all processes which are running on your computer (which are essentially programs running in the background). Click the “User Name” column heading to sort the processes by user name. If this heading is not visible then you may need to go to the “View” menu > “Columns” and tick “User Name”. Now all the processes should be grouped by user name. Select a process running under your user name and click “End Task”. Then, wait and see whether the problem ceases. If not, repeat the same procedure for another process and check again. Once you close a process and the problem stops you know that the most recently closed process is the one causing the problem. Write down the name of that process.

Having named the problematic process I suggest that you do some research on Google to determine the nature of that process and whether any other users are experiencing a similar problem. Of course, you are always welcome to send me the details of the process as I can also help provide advice on the best way to resolve the problem. However, if your research yields the result that the process is not critical and can be disabled then the simplest resolution would be to disable that process from loading on startup. This will stop the process from automatically loading when the computer boots. Go to the “Start” menu > “Run” and type “msconfig” (without the quotes) and click OK. In the System Configuration Utility window that appears click the “Startup” tab. This will list all the programs and processes which load on Windows startup. Untick the entry for the problematic process and click the OK button. Restart the computer and now that process should no longer load on startup. Be aware, you may receive a warning that the computer is running in Selective Startup mode. This simply means that not all processes are loading on startup (thus you are selectively starting up the computer) as you have disabled a process from loading on startup. You can safely tick the box to not display the message again and click the OK button.

However, should you find that closing all processes running under your user name does not fix the problem then I would be suspicious that there is a virus or some kind of malware installed on your computer which is causing the problem. In this situation I suggest that you update your antivirus scanner and complete a full virus scan, followed by downloading and scanning your computer with Ad-Aware Free (www.lavasoft.com), Spybot Search & Destroy (www.safer-networking.org), and Windows Defender (www.microsoft.com/downloads). That said, you did comment that your computer is running slow and you would like a clean-out of the machine. In this situation I would recommend that the best solution to both problems is to backup any data that you wish to keep and complete a clean reinstallation of Windows on the computer. This should fix the sluggish performance while also clearing any threats which have worked their way into the Windows system, assuming that any infected files are not copied across (unlikely if you only backup documents and non-program files). If you are not confident in doing this yourself then I would recommend you take the computer to a computer shop to have this done, just to make sure that you don’t lose any data accidentally during the process.

It is rare that Microsoft would recommend a third-party product, particularly when we are concerned with a security related product, and I fear that X-Cleaner Anti-Spyware is no exception. While I have never used this product, I have been unable to find a Microsoft recommendation for this software. Additionally, the software itself does not appear to be free. Nevertheless, looking at the website for the manufacturer (www.xblock.com) they state that “XBlock no longer supports or maintains the X-Cleaner product. If you are a current X-Cleaner user you should have received an email notifying you of this change, and offering you a free year’s subscription to Sunbelt Software’s VIPRE Antivirus + Antispyware software for your desktop antivirus and antispyware security needs”. So it seems that the X-Cleaner software is quite old and no longer supported.

In any case, the reason that I doubt Microsoft would have recommended this product is because the advice provided, regarding running this software on a public computer before usage, does not make much sense. This is because most public computers would, most likely, not have a floppy drive to run the software from a floppy disk. Additionally, the actual computer (e.g. tower) component of most public computers are hidden away to specifically prevent users from using removable media of any kind, such as CDs or USBs, thus preventing you from loading any scanning software. In addition, to effectively use antivirus and anti-malware utilities you generally require administrator rights to the computer. Most public computers do not grant users administrator rights, but instead only limited user rights. This prevents users from changing system critical settings or installing/uninstalling programs. The antivirus and antimalware utilities require the administrator level of access, as often computer infections are in locations where system files reside and to edit or modify such locations (e.g. to remove the infected files) requires administrative access. A final argument against running such a scan on a public computer is that the scan will likely take quite a long time (perhaps over an hour) so it is not time effective.

Unfortunately there is no real foolproof way to protect your privacy when using a public computer. There is every likelihood that some malware (such as a keylogger) has been installed on the computer, transmitting your keystrokes (including credit card numbers, login details, etc) back to someone who then intends to use these details for malicious purposes. Be aware, some operators of public computers (such as internet cafes) are very good and maintain their machines well, taking all required precautions, but others are not so proactive. As a rule of thumb I never use a public computer to do anything except casual surfing which does not require me to enter any personal or sensitive information. An alternative is to carry a laptop computer when travelling.