Computer viruses for dummies phần 2

Chapter 1: Understanding Virus Risks 15
I don’t want you to feel bad if you’re among (what I suspect
is) the majority of computer users — those who have never
installed security patches. Had I chosen a different career
path without much chance to get familiar with computers,
the thought of installing security patches would seem about
as intimidating as working on my home’s electrical wiring or
working on a late-model automobile with all its complex wiring
and safety systems. But that’s what this book is for: to help get
you past the reluctance.
How many people use
the computer?
Are you the only person who uses your computer? Or are sev-
eral colleagues, family members, or (gasp!) total strangers
using your computer, like so many people sharing a germ-
infested bathroom water cup?
The greater the number of people using a computer, the
greater the chances are that something bad will happen. How
do I know this? When several people share a complex machine
like a PC, the inconsistencies in the ways that the people use
the computer, and the accumulation of every user’s bad habits
and mistakes, can make the computer’s condition deteriorate
over time.
How is your computer connected
to the Internet?
While there are many ways to connect to the Internet, I’m con-
cerned with just one factor: Is your computer “always on and
connected” through any sort of a broadband (high-speed) con-
nection like DSL, a cable modem, ISDN, or satellite? Or do you
use a dial-up (phone-line) connection to connect your com-
puter to the Internet, get your e-mail, do a little surfing, and
then disconnect?
It boils down to this: Is your computer always on and always
connected to the Internet? If so, then your computer is far
more likely to be targeted by Internet worms. Some hackers
like to scan for — and find — new always-on computers.
16 Part I: Evaluating Your Virus Situation
They’re looking for recruits — to see whether they can add
your system to their legion of slave computers.
Let me explain this high-speed, always-on thing a little more. If
your computer is connected to the Internet using a high-speed
connection, then your computer is statistically more likely to
be found by a scan than it would be if it were connected, say,
only one or two hours per day. Statistically speaking, an
always-on computer is ten times more likely to be scanned,
because it’s connected ten times as many hours per day. But
more than that, if your computer is always on and always con-
nected, then hackers would consider your computer more
dependable. And because the connection is higher speed than
dial-up, they can get more performance out of your computer
for their own evil purposes.
Do you have a firewall?
A firewall, as I explain more fully in Chapter 10, is something
that is designed to block the probing scans that are often asso-
ciated with viruses, worms, and Trojan horses. Those people
who have installed either a software firewall or a hardware fire-
wall have far better protection than people who have neither.
A software firewall is a program that runs on your computer,
invisibly (in the background), much like an antivirus program.
The software firewall program carefully watches all communi-
cation coming into your computer and leaving your computer.
Each network message — or packet — is examined to ascertain
its type, origin, and destination. These properties are then
compared to a list of rules to determine whether each packet
should be allowed to pass through or not. Should the message
be allowed to pass, the firewall lets it move along towards its
destination. But should the message be blocked, then the fire-
wall will not permit it to pass — and it will fail to reach its des-
tination, like a postal letter that is intercepted in transit and
simply thrown away.
A hardware firewall is an electronic appliance that is installed
on a network. Its internal function is essentially similar to the
software firewall, except that its protection is more central-
ized: All the computers on the network are protected by the
hardware firewall, so none of the bad traffic on the Internet is
permitted to reach any of the computers on the network.
Chapter 1: Understanding Virus Risks 17
The legion of zombies
Many of the viruses, worms, and practical purposes, be “off the air”
Trojan horses that have been for as long as the attack continued.
released in recent years have a
This is no pipe dream or theoretical
single, diabolical purpose — to iden-
missive. Such attacks are common-
tify and “take over” those so-called
place. Major corporations, organiza-
always-on and always-connected
tions, and governments, such as
computers that are typically con-
Microsoft, SCO, Yahoo!, E-Trade, the
nected to the Internet using high-
U.S. Whitehouse, and some coun-
speed DSL, cable modem, ISDN, or
tries’ government or news sites, have
satellite connections.
been victims of DDoS attacks lasting
A recent study estimates that fully hours or days. And unless that cor-
one-third of all such computers have poration is both clever and resource-
backdoors (programs that allow ful, the corporation’s Web site is
hackers to bypass all security) essentially unreachable for all legiti-
installed on them and are used for a mate use until the attack ceases.
variety of purposes — generally for
Home users — even those who are
transmitting spam (unwanted junk)
IT professionals by day — would
e-mail or for participating in massive
likely have no reason to suspect that
distributed denial of service (DDoS)
their home PCs have been taken over.
attacks.
Generally speaking, hackers have
A distributed denial of service (DDoS) designed their backdoors to minimize
attack is one where a hacker, after the likelihood of being detected. They
enlisting hundreds or thousands of use a measured, limited portion of
computers with his backdoor pro- your computer’s resources so you
gram, sends a command to “his” can continue to use your computer
(your) computer, instructing it (and for whatever you do with it. At the
many, many others) to begin flooding same time, however, your computer
some particular Web site with as would also be used to relay and
many network messages as possible. transmit spam to hundreds or thou-
The victim’s Web site would then be sands of other unsuspecting people
receiving millions of network mes- (and many of those spam messages
sages from hundreds or thousands of may contain their own viruses,
computers located all over the world worms, or Trojan horses to enlist
and be nearly powerless to stop it even more unsuspecting and poorly-
(because of the vast number of protected computers). Your computer
sources of the attack). As a result, could be the modern version of the
the victim’s Web site would, for all zombies in Night of the Living Dead.
18 Part I: Evaluating Your Virus Situation
A firewall is like a security guard at the entrance of an office
building. He (or she) scrutinizes each person coming and
going. He may want to look at each person’s identification by
examining their employee badge or other credential. If the
person coming or going is carrying anything, he may ask ques-
tions about it. If the person is a guest, the guard may request
that the user sign their name into a visitor’s log.
The guard has a list of rules that he uses to determine whether
each person coming and going will be permitted to pass
through. Occasionally he will need to turn someone away,
for one reason or another. He will detail each such denial
so his boss can later view who was denied access and why.
Occasionally, the guard will need to call his boss and ask if a
visitor is permitted to pass through (in a firewall software pro-
gram, this takes the form of a pop-up window that asks if a par-
ticular program should be permitted to communicate or not).
High-risk activities
The types of activities performed on your PC also contribute
to your risk, whether high or low. Each of these activities is
related to how social you permit your computer to be. Do you
often take it out in public where it can exchange information
with other computers? In the analogy between biological
viruses and computer viruses, a high degree of socialization
(mingling with others) increases risk. The following sections
look at some examples.
Wireless “Hot Spots”
Hoping to attract well-to-do customers, many public establish-
ments — such as coffee houses, restaurants, and other busi-
nesses — have installed so-called Internet hot spots. These hot
spots are Internet connections that a customer can use to
connect to the Internet with a laptop computer, provided it’s
equipped with a wireless networking (also called Wi-Fi or
802.11) capability. Some establishments charge a fee for the
use of their hot spots; others permit use free of charge.
People who own laptops equipped with those Wi-Fi connec-
tions can visit any of the hundreds of thousands (or perhaps
millions) of Wi-Fi–equipped establishments and access the
Internet to retrieve e-mail, visit Web sites, or whatever they do
Chapter 1: Understanding Virus Risks 19
on the Internet. At a coffeehouse, for instance, you would pur-
chase your tall double-shot vanilla low-fat latte and then sit
down at one of the tables, turn on your laptop, and catch up
on e-mail while quaffing your favorite coffee drink.
But here’s the problem: These hot-spot connections have
many of the same risks that are associated with always-on
high-speed connections. Hackers and worms frequently scan
the wireless networks in these establishments, hoping to find
new victims — like, f’rinstance, your computer. Computers
lacking adequate antivirus protection fall victim to the worm
and become one of those zombie computers, awaiting the
commands from their fiendish master.
Downloading and file sharing
If you or someone with access to your computer is doing a lot
of file and program downloading and file sharing with others,
chances are that sooner or later one of the files you download
will be infected with a virus.
Because many viruses travel from computer to computer by
hiding inside of software program files, it makes sense that the
more program files you bring into your system, the more likely
it will be that one of them will have a virus. Also, program files
that have been copied from other computers (rather than
coming directly from the manufacturer) have a much greater
chance of being infected with a virus.
Instant messaging
If you are an Instant Messaging (IM) user, you are increasing
your chances of catching a virus (or, of course a worm, Trojan,
or other ill fate). As the popularity of IM rises, so too does this
get the attention of virus writers looking for new ways to get
viruses from one computer to another. Already, there have
been a number of worms that have propagated themselves
using IM. Every day, minute by minute, you can be sure that
there will have been more such incidents.
Add-on programs
If you are the type who can’t resist an online or computer
store bargain, sooner or later something you pick up will have
a little extra feature. While it doesn’t happen often, viruses
have been known to sneak onto the gold (or final) version of a
software manufacturer’s CD-ROM or online download area.
20 Part I: Evaluating Your Virus Situation
How many viruses are there?
Tens of thousands of viruses, worms, In the first half of 2003 alone, 3,855 new
and Trojan horses have been devel- viruses were introduced. That is over
oped and released onto the Internet 21 new viruses each and every day.
over the past two decades. On the
Nearly all new viruses are targeted
day that I am writing this section, my
at Microsoft products, including
own PC’s antivirus program shows
Windows, Outlook, and Office.
over 66,000 known viruses in its list.
And remember — virus writers like to get their viruses to
propagate in large numbers. That means, some spend consid-
erable time trying to get their wares into programs that will be
mass-marketed or mass-distributed.
Sharing your e-mail address with too
many other people and organizations
Persons who have a habit of signing up for things on the
Internet are far more likely to end up on one or more spam-
mers’ lists. Or if you are the type of person whose e-mail
address is “in circulation” — meaning your e-mail address
appears online in Web sites, chat rooms, mailing lists, news-
groups, and so forth — then the chances improve that your
e-mail address will be picked up and wind up in the hands of
one or more mass marketers. As soon as this happens, one
or more of the spammers who like to send large volumes
(we’re talking millions) of virus-laden e-mail messages will
take advantage of the target you’ve given them.
This is not unlike giving out your phone number to lots of dif-
ferent people and organizations, only to discover that you are
beginning to receive far more unwanted phone calls than
before. So it is with e-mail. It’s the fastest possible way to
infest your once-pristine inbox with more unwanted mail than
legitimate mail.
In my case, about three-fourths of all the e-mail I receive is
spam. My e-mail address appears in my online column in
Chapter 1: Understanding Virus Risks 21
ComputerWorld. Of course, the address I use there is different
from any I use anywhere else — and it isn’t hard to see why:
Soon after I started writing my column, I began to receive
additional spam, much of it sent to that unique address. This
occurs because some spammers have spider programs that
run all over the Web in search of e-mail addresses to harvest
from Web sites.
Deciding How Much
Security Is Enough
Without getting too scientific about it, the best way to think
about “how much security is enough” is to compare the value
of the possession you are trying to protect against the level of
effort you’re willing to expend to protect it.
Let me illustrate with a simple example. Would you protect
a $1,000 automobile with a $2,000 alarm system? Not likely,
because it isn’t proportional.
Like shoes and bathing suits, one size does not fit all people
and all needs. And so it is with computers. Depending on what
you do with your computer, you will need to spend a particular
level of effort in order to protect the information on your com-
puter and the ability to continue performing whatever activities
you use it for.
For example, a casual user sends and receives e-mail and
surfs the Internet. But someone else uses their computer to
make their living: Perhaps they use their computer to build
Web sites, do financial accounting for small businesses, or
write For Dummies books. The latter user has a lot more to
lose if something goes wrong with his or her computer, than
does the casual user, who is merely inconvenienced.
Take a look at three somewhat arbitrary levels of security
in Table 1-1. Each one also represents a level of value, and I
include examples of how often particular security activities
should take place.
22 Part I: Evaluating Your Virus Situation
Table 1-1 Levels of Security
Typical Low Medium High
Uses
Casual e-mail, Family or business Small business
computer correspondence, accounting,
games, Web- online bill payment writer of For
surfing Dummies books
Virus Monthly Weekly Daily
scans
Virus Weekly Daily Hourly
updates
Risk High Medium Low
tolerance
Backups Infrequent Weekly Daily
You can see in these examples that the higher-value systems
deserve more elaborate protection. If you think about it, a
high-value system is helping its owner to derive income or
some other economic value, or pursue some other form of
value that the user feels personally invested in. Given the risks
associated with online computing, it makes sense to protect
systems associated with economic (or other) value more than
systems that were little more than hobbyist-level systems.
Chapter 2
Does My Computer
Have a Virus?
In This Chapter

Looking at common virus symptoms

Finding and fixing a virus

Developing good habits

Finding out more about viruses
D oes your computer have a virus? Or are you just afraid
that your computer has a virus? Either way, you’ve come
to the right place. If your computer has started to act funny —
if it just doesn’t feel right — then it’s possible (but not cer-
tain) that your computer has a virus.
This chapter gives you the information necessary to help you
determine whether your computer has a virus, and then points
you in the right direction to find out what to do next. Just
remember this: Nobody deserves to get a computer virus.
If you do have a virus, batten down the hatches and brace for
a fight — viruses are a pain in the neck at best, and they can
be much worse. Armed with this book, however, you’re in a
much better position to come out victorious in a scrape with
a virus (and to avoid being infected in the future).
24 Part I: Evaluating Your Virus Situation
Looking at Common
Virus Symptoms
Stalking the wild computer virus starts with observation: There
are a lot of ways that a computer can begin to act strangely for
no apparent reason. These changes in behavior may be the
result of a virus, but there are other possible explanations as
well.
This section describes some typical virus-induced symptoms,
as well as some ways to determine whether a virus is respon-
sible for your computer’s symptoms.
Computer too slow
The first thing to check when your computer is slow is to
make sure that your computer isn’t in a school zone. Seriously,
a slowing in your computer can be the result of a number of
circumstances — and a virus is definitely among them. The
following list provides some considerations for making an
educated guess as to why your computer is slowing down:
 Have you made any changes to your computer lately?
For instance, have you upgraded to Windows 2000 or
Windows XP? These newer operating systems require a
lot more memory than their predecessors.
 Have you upgraded a program? Like Windows 2000 and
Windows XP, newer versions of many other programs like
Microsoft Office and Microsoft Works require a lot more
memory than earlier versions.
 Have you or a loved one downloaded a lot of “nature”
pictures or other information? Pictures and music take
up space. If your hard drive is almost full, your computer
will definitely run slower.
If you’re sure you haven’t made any changes, then you may
have a virus. You’ll have to check your computer’s behavior
and run a number of simple tests before you can be sure.
Chapter 2: Does My Computer Have a Virus? 25
Unexplained activity
Does your hard-drive or network-activity light flicker for no
apparent reason? While there may be a legitimate reason for
it, this could also be a sign that a virus or a hacker’s back-door
program (a devious little program that allows secret access
without your permission) is running on your computer. You
might be donating some of your computer resources to a
hacker and be largely unaware of it. Here are some examples
of what could be going on if a hacker has gotten control of
your computer:
 The hacker could be using your computer to send thou-
sands, even millions, of those annoying spam messages
to people all over the Internet.
 The hacker could be using your computer to launch
attacks on corporate computing networks. In a DDoS
(distributed denial of service) attack, for example, a
hacker instructs thousands of “zombie” computers (like
yours, perhaps) to send lots of messages to a particular
corporate Web site, glutting its communications and
knocking it off the Internet.
 The hacker could be using your computer to scan other
networks, hunting for vulnerable ports (communication
channels for particular computer processes) that can
mean more potential-victim computers.
 The hacker may have installed spyware that reports
back to the bad guys without the victim’s (your) knowl-
edge. One example is a key logger — a small program
that records every key press and mouse movement in an
attempt to learn your bank-account numbers, credit-card
numbers, and other sensitive information that you proba-
bly don’t want strangers to know about. (For more about
this insidious stuff, see “Blocking spyware,” later in this
chapter.)
Crashes or hangs
Does your computer crash often? Does it just stop respond-
ing? Do you often get the Blue Screen of Death™? Again, there
are many possible explanations. No cop-out, just reality. (Hey,
if I had a crystal ball, I’d quit writing, buy office space on
Bourbon Street in New Orleans, and make my fortune, right?)
26 Part I: Evaluating Your Virus Situation
Crashing, hanging, and blue screens may be virus-induced,
but they’re probably not. These maladies are more likely the
result of new software, new drivers, or even a hardware com-
ponent that’s beginning to fail. Check out those possibilities
first.
Will not boot
Boot used to be a noun — the leather thing you put on your
foot to protect it from rough terrain. These days boot is a verb
just as often; it’s the process that your computer performs to
start itself when you turn it on or press Ctrl+Alt+Del (the
“three-finger salute”).
You guessed it — just because your computer won’t boot,
it doesn’t necessarily mean that your computer has a virus.
Maybe yes, maybe no. There are several other likely explana-
tions — for example, a corrupted master boot record (the
part of the hard drive that your computer uses to start up),
or damage to an important file that your computer uses to
start up.
If either of these was the case, you’d probably have to
rebuild your computer’s operating system and file system
from scratch — not fun, even for the experts — and recover-
ing any lost data could get dicey in a hurry. But you know,
if you’re running Windows and have to reinstall your com-
puter’s operating system, here are a couple of basic improve-
ments to consider:
 What better time to upgrade to Windows 2000 or
Windows XP (unless you’re already running one of
those)?
 What better excuse to curl up with a good book — say,
whichever Windows For Dummies book covers your
newly installed version? This could be the perfect oppor-
tunity to read up on Windows while you’re waiting for the
install to finish.
Strange computer behavior
Okay, computers sometimes behave inscrutably, but their
behavior should be predictable. Same deal for viruses —
which means they can’t completely conceal their activities.
Chapter 2: Does My Computer Have a Virus? 27
You can look for the devil in the details. Perhaps the signs are
obvious (the colors go all weird, the computer puts words
on-screen by itself, or it makes strange noises) or relatively
subtle (your screen borders pinch inward for an instant just
before you send e-mail). Time to observe closely and take
notes. For openers, consider some “obvious” symptoms:
 Files are not where you left them, and can’t be found on
your computer. If your computer has become a Bermuda
Triangle that is eating your files, even some of your soft-
ware, you might have a virus.
 You can find the file, but its size or date stamp is suspi-
ciously different. Viruses that infect program files may
make the files bigger or smaller than they should be, or
change their date stamps. Date stamps don’t ordinarily
change on program files — ever — unless an official soft-
ware patch changes them. Uh-oh.
 On-screen text starts to change by itself. In the old days
of the DOS command prompt, one virus made the letters
in on-screen text seem to move around “by themselves.”
Sometimes they changed colors, or started consuming
each other like Pac-Man. Bad sign. But you knew that.
 An out-of-context message appears on-screen. Some
viruses announce their presence by taunting the user. If
you are greeted with a message such as Your computer
is now Stoned!, you probably have a virus. Consider
whether the message is out of context — for example,
does it look like someone’s trying to cap a practical joke
with a punch line? Not funny at all.
These are just a few examples of the weird things a virus can
do to your computer. Those virus writers are pretty creative
(in an ugly sort of way).
Too many pop-up windows
While I can’t prove it, I’d suspect that in some cases, Web sites
that flood you with pop-up windows could also be attempting
to download some malicious program(s) into your computer.
Web sites that pump pop-ups into people’s computers are
notorious for attempting to change the configuration of your
Web browser and other parts of your computer — by remote
control, without your knowledge or permission.
28 Part I: Evaluating Your Virus Situation
Finding and Fixing a Virus
There are some tools and procedures that can tell with 99.44
percent accuracy whether your computer has a virus. Here
are the actions to take:
 Find out whether your computer has antivirus software:
Use Chapter 3 to help you find that out. If the steps in
Chapter 3 lead you to believe that your computer does
not have antivirus software, use Chapter 4 to help you
obtain and install some.
 Find out whether your antivirus software is up to date:
If you already have antivirus software installed on your
computer, Chapter 9 can help you figure out whether it’s
up to date and working properly.
 Scan your computer for viruses: When you know that
your computer has antivirus software — and that it’s up to
date — you can use it to scan your computer for viruses.
Chapter 6 describes what to expect from this scan.
If you have an Internet connection, you might think that
you can take a shortcut and try one of those online virus-
scanning tools — but don’t do that at this point! The risks
of connecting to the Internet without antivirus software
and a firewall are greater than the benefit you’d get from
knowing whether you have a virus — and you could end
up with a virus if you use the ’Net unprotected. (It’s like
drinking unboiled water from a polluted river — think
Montezuma’s Revenge here.)
For some really good reasons not to use an online scan-
ning tool as a first resort, go to Chapters 6 through 10,
where I explain local scanning, online scanning, and fire-
walls. (Chapter 10 goes into detail about firewalls.)
Suffice to say: Make sure you’re protected before you
venture out.
 Remove the virus: If your virus-scanning tool finds a
virus on your computer, Chapter 7 explains how to get
rid of the ugly thing. There are two basic outcomes:
• Automatic removal: Chances are your virus-
scanning tool will be able to fix your computer
by removing the virus. Most of the time this is
Chapter 2: Does My Computer Have a Virus? 29
the case. Newer virus tools will, in effect, tell you,
“Hey you, I found a virus on your computer. Do you
want me to clean it up or not?” I really cannot imag-
ine why you would want to say no.
Personally I think you should just get rid of the virus
right away and deal with the consequences, however
mild or severe, afterward.
• Manual removal — and more work: If, however,
your virus-scanning tool tells you that it cannot get
rid of the virus, a little more work is in order. For
instance, you may need to download a special virus-
removal tool from your antivirus software vendor;
such tools are sometimes built for specific, hard-
to-remove viruses. (I also explain these sometimes-
necessary extra steps in Chapter 8.)
When you get rid of viruses, you’ve made a good start. (Done?
Who said anything about done?) Review the ways you use your
computer: Did something you do regularly get you into virus
trouble in the first place? By identifying the things you do that
expose you to threats like viruses, you can reduce your expo-
sure by doing some things differently. Preventive actions —
the cyber equivalent of washing your hands before handling
food — take a little time, but they can save a lot of misery later.
Developing Good Habits
People remember their firsts — the first time driving a car,
first kiss, first surgery, first computer virus. (Well, okay, some
firsts are better than others — but most are memorable.) In
the case of this first, here’s something to keep in mind. . . .
If you got a computer virus, human error was probably a
factor. Somebody probably wasn’t doing something right.
That, or you were extremely unlucky.
Nobody’s exempt from human error (well, maybe chim-
panzees). You may have opened an infected attachment by
mistake, or missed out on the latest antivirus update. Or your
friend who helped set up your computer may have skipped a
step or left the wrong default in place. However it happened,
you need to discover where the error came from. If you’re like
30 Part I: Evaluating Your Virus Situation
most people, you may be able to safeguard your computer by
changing some habits. Those changes take two forms:
 Stopping virus-prone habits that put you at risk
 Starting some virus-savvy habits that make you less of a
target
Having good, up-to-date antivirus software is essential. But
there are some other good defensive tools such as firewalls and
antispyware. In addition to these nice defensive tools, you may
still have some old habits to break and new habits to take up.
The first good thing you did was buy this book. Now if you
read carefully and take my advice to heart, you’ll be much
safer in the long run. (And don’t forget to eat your vegetables.)
Keeping antivirus software
up to date
Antivirus software is of little value if it’s not kept up to date.
One of those big-ego computer scientists once said that out-
of-date antivirus software is as bad as having none at all. (Hey,
sometimes the scientists are right.) The best antivirus pro-
gram is next to useless if it’s not kept up to date.
I show you how to keep your antivirus software current in
Chapter 8. This is required reading, unless you want to catch
more viruses in the future (hey, the virus writers would love
you, but trust me, they won’t respect you in the morning).
Scan for viruses periodically
Although rare, some viruses can sneak onto a computer with-
out being detected at the time of their arrival. It’s a very good
idea to scan your entire computer for viruses from time to
time — say, once a week. Read Chapter 6 to see how to set
this up; chances are your antivirus program can do this auto-
matically for you.
Install security patches
Security patches are fixes that software companies make to
protect the computer programs they make from the villains
Chapter 2: Does My Computer Have a Virus? 31
who try to harm your computer. (Yes, Virginia, there really are
people in the world who want to hurt other people and their
property. But you knew that.)
Some patches fix malfunctions that sometimes crop up as a
result of flaws in the product. If the flaws make your system
vulnerable to hackers, the software maker creates patches
that fix those specific vulnerabilities. Chapter 9 tells you more
about security patches and why they’re important. (For now,
think about infestation, fumigation, and why malfunctions in
computer programs are called “bugs.”)
Working on good computer
hygiene
In so many ways, it’s a grubby Internet out there. You don’t
want to interact with it without protection. Fortunately, there’s
a wealth of good habits you can discover and adopt. They can
be as effective (and simple) as washing your hands after using
the bathroom. Used consistently, they can help keep you and
your computer safe; I explain ’em in Chapter 12.
Blocking malicious network
traffic with a firewall
In Chapter 10, I tell you a lot about firewalls. For now, consider
this: You need one. Everybody needs one. Trust me on this.
Like antivirus software, firewalls protect your computer. Their
function is to deflect the incoming bad things — viruses,
worms, and Trojan horses — that antivirus software can’t
always stop. Having a firewall can help — a lot.
Blocking spyware
If you’re like many of us, it isn’t hard to get into the mood to
give your computer a thorough cleaning — and I don’t mean
with spray disinfectant. Rather, I mean that it’s time to go
cloak-and-dagger and check for spyware on your computer.
32 Part I: Evaluating Your Virus Situation
Spyware can be a lot of things. In general, it’s software that
some Web sites and viruses install on your computer without
your knowledge so some person or company can track your
online movements, or even record your keystrokes with a key
logger (also mentioned earlier in this chapter under “Strange
computer behavior”). If it doesn’t bother you that someone
you don’t know has knowledge about where you go on the
Internet, then you don’t need to know any more about spy-
ware. But we’re not talking Santa Claus here.
Many people in the United States and Europe find it repulsive
to think that some total stranger knows about their Internet
surfing habits. They don’t have to have anything to hide —
and most of the time, they don’t. They just figure it’s nobody
else’s business. I’m with them all the way.
Naturally, you can (and should) decide for yourself. But read
Chapter 10 and see whether you want to better protect your-
self with a spyware-detection tool.
Do you have a PDA?
If you have a Palm Pilot, a Pocket PC, or any of the other PDAs
that are available, you should consider adopting some safe
practices. It’s a small computer, after all, and deserves to be
kept as safe as your main computer. More about this in
Chapter 11.
Finding Out More about Viruses
To look into the dark world of the viruses themselves, go
to Chapters 13, 14, and 15. Here you can find out about the
deranged people who write viruses and why they do it. I also
explain more about how viruses and their cousins (worms
and Trojan horses) cause damage and spread from computer
to computer.
It makes sense (beyond my personal opinion) that knowing
more about how viruses work will help you avoid them. The
same goes for biological viruses: When you know how they
spread, you can think before you act, and avoid them — maybe
not every time, but much of the time. Enough of the time.
Chapter 3
Does Your Computer
Have Antivirus
Software?
In This Chapter

Figuring out what antivirus software is

Searching high and low for antivirus icons

Asking the folks who sold you your computer

Determining whether your antivirus software is working correctly
T o know whether your computer is protected against
viruses and other threats, you need to know for certain
whether you have antivirus software installed on your com-
puter. That’s because antivirus software is your best defense
against viruses. Period.
Not only do you need to know whether you have antivirus
software, but you need to know whether your antivirus soft-
ware is actually working properly — which means (among
other things) that it had better be up to date.
This chapter helps you figure out for sure whether or not you
have antivirus software and whether it’s functioning properly.
This knowledge serves as a starting point toward identifying
and getting rid of a virus that’s already on your system and
protecting your computer from future viruses.
34 Part I: Evaluating Your Virus Situation
Understanding Antivirus
Software
Before I explain what antivirus software is, it’s worth review-
ing the nature of software in general. Understanding software
doesn’t mean you have to write computer programs or wear a
hat with a propeller on top. The fact is that the word software
is at the heart of viruses and the defenses against them.
Knowing some basics about software will help you to under-
stand viruses and how to stop them in their tracks.
These days, the term software is roughly synonymous with
computer program. A program used to be a set of instructions
individually written for every task a computer did. Software
began as a package of programs designed to handle a range
of specific tasks consistently. These days it’s a packaged
product that tells the computer what to do — consistently.
There’s the rub: A computer is, after all, a machine that’s no
smarter than its creators; software is still a set of instructions
that makes the computer do everything. If a hacker can figure
out how it does that, then the computer is ripe for a sneaky
takeover.
Yep, viruses are software: Nasty, illicit software. As such, they
can only be effectively fought with (you guessed it). . . .
Antivirus software is specifically designed to rid your
computer of viruses and to keep them at bay, usually by
three methods:
 By identifying viruses and arresting them when they try
to invade
 By identifying viruses already present in the computer
 By removing viruses and making simple repairs to the
computer
So your mission, should you choose to accept it, is to figure
out whether you already have antivirus software on your com-
puter and, if so, whether it’s working.