Protect your PC from spam, spyware and viruses - USD 322

Protect your PC from spam, spyware and viruses
The computer security umbrella covers everything from spam to viruses. You know you need to protect
yourself, but you may not be sure how. This class for the average computer user will help you
understand which threats you need to protect your computer against—namely, spam, spyware and
viruses—and how they work against you. Also learn which tools to use to keep them off your computer
for good.
Lessons
1. An overview of spam, spyware and viruses
Spam, spyware and viruses are real problems for everyone. Some threats can
lead to identity theft; others can crash your computer or delete your files. This
lesson explores these threats in a practical and easy-to-understand manner.
2. Protect yourself with spam blockers and spyware removers
With spam clogging your email inbox and spyware watching your every mouse
click to send information about you to untrustworthy parties, it's time to take
back control. This lesson shows you how to block spam and rid your PC of
spyware.
3. Virus protection basics
Without antivirus software installed, you're open to attack from a host of threats
that can crash your computer in a heartbeat. This lesson will show you how to
protect your computer from viruses and keep the software up to date.
An overview of spam, spyware and viruses
Spam, spyware and viruses are real problems for everyone. Some threats can lead to identity theft; others can
crash your computer or delete your files. This lesson explores these threats in a practical and easy-tounderstand
manner.
Welcome to Protect your PC from spam, spyware and viruses
Welcome to Protect your PC from spam, spyware, and viruses. Security is a
big umbrella that covers everything from access controls to zero-day exploits.
An important subset of security -- probably the most important for home and
home office users -- is protecting against malicious software or malware. This
includes viruses, worms, Trojans, adware, and even spyware that tries to
monitor your every keystroke. This three-lesson course will help you
understand exactly which malware threats you need to protect your computer
from and what it takes to do it. You'll also get step-by-step instructions for
securing your computer to eliminate spam, spyware, and viruses and keeping
your PC and software up to date.
This course is geared toward individuals who want to protect their personal
computers from spam, spyware, and viruses.
Here's what to expect in the lessons:
Lesson 1: An overview of spam, spyware, and viruses explores general
security threats, and then focuses on spam, spyware, and viruses.
Lesson 2: Protect yourself with spam blockers and spyware removers shows
you how to use antispam and antispyware tools, configure Windows
Firewall, and gives you a plethora of tips on safe computing practices.
Lesson 3: Virus protection basics walks you through the basics of antivirus
software. You'll learn how to install and update antivirus software, perform a
full system scan, and keep your system in good health.
» Laptop and tablet PCs

In addition to the lessons, be sure to complete the assignments and quizzes.
When you're finished with those, visit the Message Board. It's the perfect place
to discuss course topics and swap questions and comments with other
students and your instructor.
Take a few moments to meet your instructor and fellow students on the
Message Board -- your virtual classroom -- and let them know a little about
you.
Now that you know the general layout of the course, let's get started with the
topics in Lesson 1.
Understanding security threats
How often have you had issues with your computer and called tech support,
only to be told you have a virus or that spyware has been installed on your
computer? Even people who are careful sometimes end up with malicious
software on their computers. This is due, in part, to the nature of how a
computer communicates.
There are 65,535 available ports, or points of entry, that can be accessed on a
computer and many of them have to be open by default to perform normal
Internet communications, such as Web surfing, sending e-mail, and using
various programs. Hackers can exploit this to send self-installing malware to
your computer through an open port. In addition, unscrupulous people called
"social engineers" and "phishers" use various methods to extract information,
such as passwords or personal information, from unaware users.
The bulk of this lesson covers malware -- a general term for spam, spyware,
viruses, and other malicious software. However, this first section covers some
of the other, less-obvious security threats you might face while using today's
Internet-connected technology devices, such as notebook and desktop
computers, PDAs (personal digital assistants) and smartphones.
Social engineering
Social engineering -- also called pretexting -- plays on human behavior and
how people interact with one another. It involves getting information under
false pretenses. Here are some examples of social engineering scams:
The scammer visits your office and claims to be from the IT department. He
says he needs to fix your computer, and asks for your account name and
password so he can log onto your account.
The scammer plays on your sympathy, pretending to be a new employee
who has forgotten the code to get into the secure part of the building, and
says he'll get fired unless you help him out by sharing the code.
The scammer calls, pretending to be one of the "big bosses" in the
company, and tries to intimidate you into giving information.
To protect yourself, never feel that you have to give out sensitive information to
someone you don't know. If someone asks you for these types of information,
there are several pieces of information that you should be gathering instead:
Ask for the correct spelling of the person's name.
Ask for her employee number.
Ask him to tell you your account number.
Ask her which transactions have been processed and you'll either verify or
deny the transaction.
Who does the person claim he or she is representing?
If the caller is not legitimate, asking these questions will usually let you know.
» Desktop & all-in-one PCs

Remember that social engineering plays on human behavior and willingness to
help and trust others. To protect your confidential information, you must not be
so willing and trusting.
Phishing
When this type of information gathering is done via e-mail, it's called phishing,
because basically the person is fishing for information.
Here's how it works: You receive an e-mail that appears to be from your bank
stating that the bank is having some trouble processing some automatic
payments. The e-mail explains that to clear up the problem, you need to click
the provided link and log in to the Web site using your user name and
password. If you do, you're directed to a fake Web site where your information
is captured.
You can often spot these scams by hovering your mouse pointer over the
URL (uniform resource locator) in the e-mail message. Usually, the link that
appears in a pop-up tooltip is different from the diplayed link. For example,
the displayed link shows www.xyzbank.com; however, when you hover
your mouse pointer over it, something similar to www.badguy.ru/xyzbank
appears in a tooltip. Many of these sites are on foreign servers, as
indicated by .ru (for Russia) as the top level domain.
The fake Web site, which looks exactly like your bank's real Web site, has
been set up for the sole purpose of stealing personal information.
Unsuspecting people are often fooled into entering credit card numbers, bank
account numbers, passwords, and other details. Approximately 5 percent of email
recipients respond to phishing messages, but that's enough to make it
worthwhile for the phishers because they may be able to clean out those
people's bank accounts or run up credit card bills for thousands of dollars.
You should never respond to an e-mail asking you to verify any kind of
personal information. Reputable companies don't ask their customers for
passwords or account details in an e-mail or phone call. Even if you think
the e-mail or phone call may be legitimate, don't respond. Instead, contact
the company by phone or by visiting their Web site directly. (The one you
have bookmarked; not the one sent to you via e-mail.)
Identity theft
Identity theft occurs when someone gains access to some or all of your
personal information -- name, address, Social Security number, driver's license
number, birth date, and bank or credit card account numbers -- and uses them
without your permission. A thief can clean out your account, or run up a
balance, within hours without you being aware of it until well after the crime's
been committed.
Identity theft is a serious crime that's punishable by law in most states.
However, it's up to you to minimize the threat of identity theft by keeping your
confidential information private. If you believe you're a victim of identity theft,
contact your bank or credit card company and local law enforcement office
immediately to report the crime. You can also get further assistance from your
state's identity theft Web site. Just go online and search for identity theft your
state to find the appropriate Web site and phone numbers.
Identity theft can also occur when a thief steals a device that contains personal
information. Notebook computers are easily stolen or lost, along with whatever

data is stored on them. You can -- and should -- use file encryption to protect
sensitive data stored on a notebook computer. New technologies, such as the
BitLocker feature in some editions of Windows Vista, can encrypt the entire
drive. You can also buy software that causes your stolen notebook to "phone
home" if the thief gets on the Internet without entering the correct passwords.
Today, in addition to a cell phone, many people carry a PDA or full fledged
handheld computer. A personal organizer often contains a large amount of
important personal information -- and not only your own, but also that of other
people in your address book.
Minimally, you should require a password to even access the handheld device
or PDA. Every device is different, so be sure to read your owner's manual to
find out how to password protect yours. For better security, some devices now
come with biometric security, so you must swipe your fingerprint to start the
device.
Although social engineering, identity theft, and theft of portable devices are big
problems, the most common and most publicized security threat to any
computer is malicious software, or malware, which includes viruses, worms,
Trojan horses, adware and spyware. These are covered in the next section.
The spam that clogs your inbox
Just like junk mail clogs your regular mailbox, spam clogs your e-mail inbox.
Spam is a term that refers to the sending of unsolicited commercial e-mail.
Most spam is commercial advertising, often for products such as get-rich-quick
schemes, physical enhancements, adult Web sites, and cheap medications.
Spam costs the sender very little to send because the actual costs are paid for
by the carriers rather than by the sender.
E-mail spam targets individual users with direct e-mail messages. Spammers
create their e-mail lists by scanning newsgroup postings, stealing Internet
mailing lists, or searching Web sites for e-mail addresses. Spammers use
automated tools to subscribe to as many mailing lists as possible so they can
capture the lists of addresses, or use the mailing list as a direct target for their
attacks.
You'll learn more about spam and how to keep it off your system when you get
to Lesson 2. First, read on to get an overview of spyware.
Spyware that invades your privacy
Spyware is computer software that collects personal information about a
computer user without the user's informed consent. Spyware is often installed
through "drive-by downloads" from malicious Web pages running code or along
with another legitimate program you intended to install.
Spyware may also be advertising-supported software, called adware. Adware
enables advertisers to make money from a product without directly selling it to
the users. The companies also install additional tracking software on your
computer, which continuously keeps in contact with the company over your
Internet connection. It reports data to the company, such as your surfing habits
and which Web sites you've visited.
Although adware companies state there will be no sensitive or identifying
data collected from your computer, the fact remains that you have software
on your PC that's sending information about you and your surfing habits to
» PC Learning center
» PC Accessories features
guide

a remote location.
Adware is not an illegal type of software; however, there are certain privacy
issues involved. Legitimate adware companies disclose the nature of data
that's collected and transmitted, but there's almost always no way for the user
to actually control which data is being sent. Plus, this technology is capable of
sending more than just banner statistics.
Another type of spyware is surveillance software that's designed to collect
much more than just information about what Web sites you visit. Keystroke
loggers, screen capture programs, chat loggers, and similar programs can
enable someone else to see every character you've typed or what has
appeared on your monitor. This type of spyware is used for genuine spying
purposes -- by suspicious spouses, worried parents, private detectives, and
even government agencies (with a warrant). Although these tools are perfectly
legal in most instances, if they're abused, they can violate your privacy. So
what can you do about spyware?
How do I know if my computer has spyware installed?
Here are some indications your computer may contain spyware:
The computer is slower than it used to be, especially when browsing the
Internet.
It takes a long time for the Microsoft Windows desktop to come up.
Clicking a link does nothing or goes to a different Web site than expected.
Your browser home page changes and you may not be able to reset it.
Web pages are automatically added to your Favorites list.
Now that you're well acquainted with the spyware your computer faces, take a
look at viruses, Trojan horses, and worms.
Inside viruses, Trojan horses, worms and other malware
Now that you've learned a bit about social engineering, phishing, and how to
watch out for theft, this section covers the malware that causes us so many
headaches. In this section, you'll learn about viruses, worms, and other types
of malicious software that can infect your system and affect your computing
experience.
Viruses
One of the earliest known forms of malicious code is the computer virus. The
name virus comes from the behavior of the code and its similarities to
biological viruses in the way it reproduces itself and spreads to new hosts. A
virus is a program or piece of code that's loaded on to your computer without
your knowledge. It's designed to attach itself to other code and replicate when
an infected file is executed or launched. At this point, it attaches to other files,
adding its code to the application's code and continues to spread.
Types of viruses that exist include:
Boot sector: Places a virus into the first section of the hard disk, so when the
computer boots up, the virus loads into memory. The boot sector is also
called the master boot record or master boot sector.
Program virus: Infects executable program files, such as .exe, .com, .sys,
and so on.
Multipartite: Is a hybrid virus that uses multiple techniques; for example,
combination boot and program virus.
Polymorphic: Has the ability to change form each time it's executed; hackers
developed it to avoid antivirus software detection.
» Storage feature guide

Macro: Is inserted into a Microsoft Office document and e-mailed to
unsuspecting users.
A virus doesn't execute by itself -- it has to be triggered by some type of action,
such as clicking a link or opening a file. However, since 2000, the majority of
viruses released are actually worms, which do replicate without user action.
Virus protection basics are covered in Lesson 3.
A virus hoax uses system resources and consumes users' time. Virus hoaxes
are false reports about non-existent viruses, usually sent as e-mail. Some
hoaxes are more dangerous; they advise you to delete files on your computer
to "clean out the virus," but these are actually important system files that the
computer needs to run. You should always check the validity of these types of
e-mails before you take action, or worse, forward the e-mail, which just helps
propagate the hoax.
The following companies and organizations list virus hoaxes on their Web sites
and steps to protect you against them:
Symantec
McAfee Security
Sophos
Urban Legends Reference Pages at Snopes.com
There have been a number of viruses distributed through e-mails purporting to
be from Microsoft or other vendors. As a general rule, Microsoft and other
reputable vendors don't distribute antivirus software updates or patches via email.
(They do, however, send alerts and update notifications via e-mail, if you
sign up for them at their Web sites.) If there's any doubt as to whether
something is real, check the Web site of the company in question by opening
your Web browser and entering the company's URL directly or use your
bookmarked address. Never click a link or open an attachment in a
questionable e-mail.
Trojan horses
A Trojan horse appears to be useful software, such as a screen saver, utility, or
game but there's code hidden inside that attacks your computer directly or
enables the system to be compromised by the originator of the code. File
sharing, including music, video, and text, is a common transport mechanism.
Trojan horses are often distributed over P2P (peer-to-peer) networks.
Antivirus software is designed to detect Trojan horse software programs;
therefore, the steps to protect a computer from Trojan horse programs are the
same as protecting your computer from virus code, which is discussed in
Lesson 2.
Worms
Worms are similar in function and behavior to a general virus or a Trojan horse
with the exception that worms are self-replicating without any user interaction.
A worm is built to take advantage of a security hole in an existing application or
operating system, find other computers running the same software, and
automatically replicate itself to the new host. After the worm is running on a
computer, it checks for network or Internet connectivity. If a connection exists,
the worm then tries to replicate from one system to the next. There are many
variants to each type of worm. Often, they're quite difficult to remove, so
antivirus companies have downloadable tools available to remove them.
Rootkits

A rootkit is a type of malware that hides the tracks of intruders and can be
incorporated with other malicious code to take complete control of a system.
Rootkits keep virus scanners and other detection software from finding them
and their related hacker tools. Rootkits generally don't propagate themselves to
systems like viruses and worms, but worms can install rootkits.
Buffer overflow
A buffer overflow occurs when data is sent to a computer's memory buffer
beyond a fixed length boundary, causing it to overwrite data in adjacent
memory locations. Many times, a buffer overflow is the result of a vulnerability
or program flaw in software.
Criminal hackers take advantage of these known vulnerabilities or flaws by
launching buffer overflow attacks. Buffer overflows are probably the most
common way to cause disruption of service and lost data because there's no
way to screen bad requests.
Spoofing
Spoofing refers to a program or person pretending to be another by sending
false information. Spoofing is one of the most common forms of online
concealment. Spoofing makes data appear to come from somewhere other
than where it really originated. This is accomplished by modifying the e-mail
address, IP headers or other source of information about the origins of the
data.
Hackers often use this type of attack to get additional information from
users to carry out a more aggressive plan. Spoofing and phishing often go
hand in hand.
Botnets and their zombies
A bot (short for robot) is a software application that performs automated tasks.
Hackers use bots to carry out automated attacks on networks. A botnet is a
collection of bots that run autonomously. The goal of many computer hackers
is to take over as many systems as possible to help them achieve their goals.
They assemble botnets of individual compromised computers (known as
"zombies") that they control remotely, often by using an IRC (Internet Relay
Chat) or IM (instant messaging) server. In addition to obeying whatever
commands the hacker issues, the zombies also prowl the Internet looking for
additional hosts to infect. After many computers have been infected, the
person controlling the malware uses this covert network of computers -including
yours -- as zombies to launch DDoS (distributed denial of service)
attacks against Internet servers. A DDoS attack can quickly shut down a
server.
Moving on
In this lesson, you explored some fundamental security threats, learned about
viruses, worms, and other malware, and also examined the problems of spam
and spyware. The remainder of this course discusses protection methods
against all kinds of threats. First, in Lesson 2, you'll learn how to rid your
computer of spam and spyware. Before you move on, do the assignment and
take the quiz for this lesson. In addition, be sure to visit the Message Board to
find out what your instructor and fellow students are up to.

Assignment #1
For this assignment:
1. Locate and visit your state's identity theft Web site. Go online and search for identity theft
your state to find the appropriate Web site. Read through the information, and then print a
copy of important phone numbers and resources, just in case you need them in the future.
2. Using a Web search engine, locate and read at least two sources of information on
keystroke loggers.
3. Visit the following Web site, search for hoax in the main Search text box, and then browse
the information on virus hoaxes:
Symantec
McAfee Security
Sophos
Urban Legends Reference Pages at Snopes.com
Share any questions or interesting tidbits on the Message Board.
Quiz #1
Question 1:
What's social engineering?
A) Making data appear to come from somewhere other than where it really originated
B) The sending of unsolicited commercial e-mail
C) A method of obtaining sensitive information about a person through exploitation of human nature
D) A type of information gathering done by installing surveillance software on a person's computer
Question 2:
Which of the following are types of viruses? (Check all that apply.)
A) Phishing
B) Boot sector
C) Polymorphic
D) Multipartite
Question 3:
Which of the following is a way spyware gets installed on your computer? (Check all that apply.)
A) "Drive-by downloads" from Web pages running ActiveX or Java
B) Sent in text e-mail messages
C) Along with another program you intended to install
D) Social engineering
Question 4:
Which type of virus turns your computer into a zombie and uses it to attack servers on the Internet?
A) Trojan horse
B) Polymorphic
C) Botnet worm
D) Macro virus
Protect yourself with spam blockers and spyware removers

With spam clogging your email inbox and spyware watching your every mouse click to send information about
you to untrustworthy parties, it's time to take back control. This lesson shows you how to block spam and rid
your PC of spyware.
Using tools for blocking spam
Welcome back. Lesson 1 covered a wide variety of security threats your
computer faces every day. Now it's time to learn how to prevent your computer
from being affected by threats in the first place. Let's start with spam.
Understanding antispam tools
The old cat and mouse, spam sender and spam blocker, game goes on and
on. Attempts to legislate spam out of existence haven't worked, and proposals
to completely rework the Internet's e-mail system proved to be too much to be
workable. Nevertheless, you have many capable tools at your disposal that
require neither legislation nor overhauling the Internet to do their jobs.
Server and e-mail client tools
There are two places where spam gets blocked: at the e-mail server and at the
e-mail client on your PC. To clarify, the software you use to read and send email
is called an e-mail client.
In this lesson, client refers to e-mail software and user refers to the person who
uses client software.
Obviously, finding the spammer's computers and smashing them would stop
spam too, but that's not easy or legal. Your e-mail server, run by your company
or ISP (internet service provider), provides an excellent spot to block spam with
broad strokes. ISPs and corporate administrators subscribe to services that list
domains known for spamming so they can block all messages from those Web
sites, following the black list approach.
The advantages of filtering spam at the server include:
Reduced e-mail traffic to users
Less user time spent handling spam
The disadvantage is that one spam filter doesn't work for everyone because
people define spam differently.
For this reason, you should consider server tools as nothing more than the first
line of spam control. When a server tool classifies a message as spam, it often
tags the message subject line, perhaps adding ***spam*** to each suspect
message. This makes it easy for client software to identify and separate out
suspect messages.
E-mail clients are the best place to apply finely tuned spam controls,
because each user approaches spam in his own way, with his own
tolerance level. Heuristic tools under the user's control, applied to
messages already filtered at the server, provide the best spam reduction.
Heuristic spam filtering
The main tool in the spam-filter toolbox is heuristic filtering. Special software
reads the contents of each message and compares words in that message
» Laptop and tablet PCs

against words in typical spam messages. If many of the same words from
spam message examples also occur in the message being examined, it's
marked as spam.
The software doesn't actually read to understand; instead, it makes a list of the
words in the message. Spam filtering software doesn't assign meaning to those
words; it just tracks and compares the words used to the words in its
database.
Black lists and white lists
Black lists, historically, are lists of people you don't like, don't want to hear
from, or want to go away. Such is the reasoning when calling lists of spammers
and their system addresses "black lists." You want them to go away, or at least
you want to block all the messages coming from them.
Black lists don't work with zombie PCs, however. A large amount of spam
continues to arrive from well-known companies or via service providers
who turn a blind eye toward spammers. Some filtering companies, for
example, automatically block all traffic from Romania and China -- havens
for spammers. These and other third-world countries don't outlaw the
practice of spam or don't bother to prosecute spammers.
A white list is exactly the opposite, and contains people you do want to hear
from without any type of filtering. Companies add all their business partners to
white lists at the company server level and at each individual user's computer.
Using white lists becomes important when you configure spam-filtering tools to
evaluate the contents of messages and decide whether or not content is spam.
If you want to get jokes from your friends, put their addresses in your white list.
If senders you thought were safe begin to send you spam, you can remove
them from your white list and their messages will no longer get through to your
inbox.
Microsoft Outlook refers to its white list as the Safe Senders List. The black list
is called the Blocked Senders List.
Enabling spam filtering in Outlook
To enable spam filtering in your Outlook 2003 or 2007 client, select Tools >
Options, click the Preferences tab, and then click the Junk E-mail button. The
Junk E-mail Options dialog box opens. Select the High setting, as shown in
Figure 2-1, for maximum spam filtering.

Figure 2-1: Select the High option for spam filtering.
Enlarge image
Outlook automatically places what it thinks is spam e-mail in your Junk E-mail
folder.
Setting up white and black lists in Outlook
To add senders to your black list or white list in Outlook, right-click the
message, select Junk E-mail, and then select Add Sender to Blocked Senders
List or Add Sender to Safe Senders List, respectively, as shown in Figure 2-2.
Figure 2-2: Junk E-mail lists.
Enlarge image
You can add an individual sender to either list, or you can add the sender's
entire domain (the part of the address after the @ sign) to the Safe Senders
List. You can also add the recipient to your Safe Recipients List. This is useful
if you use Outlook to read e-mail from several different e-mail addresses.
If you become overzealous in your spam filtering, you'll lose some non-spam

messages. These fall into a group called false positives, which means your
software identifies a good message as spam. Be sure to tell your e-mail
software about false positives as well as spam. Every bit of information helps
the filters identify spam more accurately and avoid false positives.
To correct a false positive in Outlook, right-click the e-mail message in the Junk
E-mail folder, and then select Junk E-mail > Mark as Not Junk from the
shortcut menu.
You should check your spam filter folders periodically, at least once per day, to
be sure you aren't missing any real messages. In addition, make sure you
browse subject lines before deleting messages to make sure you don't delete a
good message by mistake.
Using safe e-mail practices to reduce spam
Other general safety tips for e-mail clients include:
Delete unsolicited e-mail messages if you don't know the sender. Don't open
attachments, because some spam messages also contain documents with
viruses.
Don't use the preview function of your e-mail software. It may automatically
show that you read the message and that you have a valid e-mail address.
Use the bcc (blind carbon copy) feature when sending e-mail messages to
multiple people to hide their e-mail addresses. This prevents people from
seeing the other e-mail addresses and collecting them for spam purposes.
Now that you've learned some basic ways to reduce spam, read on to learn
what to do about spyware.
Using antispyware software
Bad news: No one program can catch and eliminate all the spyware on one
computer. You need a combination of tools -- some for screening and cleaning
and some for active monitoring to keep your computer spyware-free.
Many users looking for help turn to Microsoft. The company has a software
package called Windows Defender, shown in Figure 2-3, that comes with
Windows Vista or is available as a free download from the Microsoft Web site
for previous Windows versions. Windows Defender rids your computer of
spyware already installed and helps keep it free from spyware thereafter.
Figure 2-3: Windows Defender comes with Windows Vista.
Enlarge image
You can access Windows Defender from the Vista Control Panel, or through
Start > All Programs in Windows Vista or Windows XP. It's free, it works, and it
handles automatic updates.
» HP TouchSmart desktop
PCs

Other good antispyware software packages include Lavasoft Ad-Aware, Spybot
- S&D (Search & Destroy), and Webroot Spy Sweeper. You can find these and
many more spyware applications on Download.com. Most offer free 30-day
trials so you can test drive them before you commit to buying anything. Ad-
Aware and Spybot-S&D are available as freeware, which makes them
particularly attractive to security-conscious PC users on tight budgets.
Run some type of spyware removal software on a regular schedule -- once a
day for maximum protection. Scanning once or twice each week works well for
many people and offers a good balance between constantly cleaning your
computer and leaving a spyware gate open too long on your system.
Most software packages enable you to set up automated scans on a regular
schedule, as shown in Figure 2-4. In this way, you can configure the scan to
run at a time when you aren't likely to be working on your computer. In addition,
scheduling ensures the software runs regularly and not just when you happen
to remember it.
Figure 2-4: Scheduling Windows Defender to run every day or once a week.
Enlarge image
Some of the tools used to protect your system against spyware also work
against viruses, which you'll learn about in Lesson 3.
A firewall watches outgoing traffic and can help identify spyware, because it
tracks applications that transmit your personal information out over the Internet
to any third parties. You'll learn about firewalls next.
Using a firewall
Always-connected computers, typical with cable and DSL (digital subscriber
line) modems, give attackers copious amounts of time to discover and exploit
computer vulnerabilities. A firewall is a component placed on computers or
between a computer and the Internet to help eliminate undesired access by the
outside world. Hardware firewalls are dedicated appliances that run only
firewall software. Software firewalls install on a regular operating system, such
as Windows, along with other applications.
» PC Learning center

Types of firewalls
Firewalls come in two varieties: network firewalls and host-based or "personal"
firewalls. Like most other solutions, each has its strengths and weaknesses.
Personal firewalls
You install personal firewalls on individual PCs. Typically, the first time a
program tries to access the Internet, a personal firewall asks whether it should
allow the communication. Here's a list of the most commonly used personal
firewalls (those marked with an asterisk come in freeware editions):
Windows Firewall*
Sunbelt/Kerio Personal Firewall*
Comodo Personal Firewall*
McAfee Internet Security Suite
Norton Internet Security
Zone Labs ZoneAlarm*
Network firewalls
Network firewalls provide an additional outer layer of defense that can more
effectively hide connected PCs. Inexpensive routers move traffic between the
Internet and computers on home networks, which hide the IP addresses of
computers so that all outgoing traffic seems to come from the same address.
Network firewalls can be hardware or software based. They are installed at the
network edge or perimeter, directly between the Internet and your LAN (local
area network).
Even a good firewall can't protect your computer and your personal information
if you don't think before you download. A firewall is only one part of a
comprehensive security strategy. Always exercise a proper level of caution. No
system is foolproof, but the right combination of hardware, software, and good
habits will make your computing environment safer.
Using Windows Firewall
Microsoft Windows Vista and Windows XP Service Pack 2 come with a built-in
firewall called Windows Firewall. Be sure it's enabled if you aren't running a
third-party firewall package.
To enable Windows Firewall, select:
Start > Control Panel > Security > Security Center (in Windows Vista,
Category view)
Start > Control Panel > Security (in Windows XP, Category view)
In Security Center, if the Firewall setting indicates OFF, click Windows Firewall
at the bottom or the right side of the window. (In Windows Vista, click Change
settings.) In the Windows Firewall Settings dialog box, select On
(recommended), and then click OK. Figure 2-5 shows Windows Firewall
enabled.

Figure 2-5: Windows Vista Windows Firewall Settings dialog box.
The tools described in this lesson should get you well on your way to protecting
your computer from the various threats on the Internet today. Try them out and
see which ones work best for you. Next, learn how to reduce spam by working
with an ISP.
Working with an ISP to reduce spam and spyware
Your ISP doesn't want to send you spam -- it costs them bandwidth. ISPs love
to help reduce your spam load.
The most popular spam filtering application for ISPs and many companies is
called SpamAssassin. This open source software can be difficult to configure
on servers, but its programmers have improved the general user interface to
make it close-to-acceptable for any computer user.
Black holes and spam lists
Verify your ISP includes some top-level broadcasting controls, such as
SpamAssassin, and the various black lists. Some service providers force you to
actively request such service to maintain their server status.
Also ask your ISP about dictionary attack protections and how it monitors such
attacks. Smart intrusion detection software can chart the source of e-mail
streams, and you can search back up the river when necessary. You might not
be able to locate the spammer or the country of origin, but sometimes you get
lucky.
First-pass spam filtering
Setting specific spam filtering levels -- such as Low, Medium, or High protection
-- on a user's e-mail account should be left to each company or individual, not
the ISP's administrators. Server-based filtering software has rather crude
setting options that enable you to tighten or loosen the restrictions, depending
on how many "real" messages are being tagged as spam.
» PC Accessories features
guide

Enable virus filtering
Many server-based spam products include virus and spyware filtering. Check
with your ISP, and if it's available, try it. The more electronic eyes you have
watching the messages, Web pages, and files coming into your computer, the
better.
Your ISP can be a valuable ally when it comes to protecting your inbox from
spam, but there's even more you can do. Read on to learn about some of the
ways you can avoid becoming a spam and spyware target.
Going beyond spam and spyware tools
Besides using antispam and antispyware tools, there are other things you can
do to help stop spam and spyware. The following methods give you tips for
changing your computing habits and making your computing environment even
safer.
Use an alternate e-mail address
As an individual, the e-mail address provided by your ISP is your primary
address. Guard this address by giving it out carefully, and keep it hidden when
possible. Many users get a second or third e-mail address to use on
newsgroups, discussion boards, and other places where address harvesting
software patrols.
All of the free e-mail services, such as Yahoo! Mail, Hotmail, and Gmail, offer
Web-based e-mail software, so you can check your e-mail without downloading
the messages and possibly getting spyware or viruses. You can delete your
Web e-mail account when it becomes overloaded with spam.
Avoid using HTML in your e-mail client
Set your e-mail program not to open or preview e-mail in HTML (Hypertext
Markup Language) format. HTML messages can contain Web beacons, tiny
invisible images that are downloaded from the spammer's server when you
view the message, thus letting the spammer know that you opened it and that
your address is valid.
To prevent Outlook from automatically previewing e-mail, go to the Inbox and
do the following:
Outlook 2007: Select View > Current View > Messages.
Outlook 2003: Select View > Arrange By > Current View > Messages.
To read all e-mail in plain text only:
Outlook 2007: Select Tools > Trust Center, and then click E-mail Security in
the left pane. Check the Read all standard mail in plain text and Read all
digitally signed mail in plain text checkboxes, and then click OK.
Outlook 2003: Select Tools > Options, click the Preferences tab if it's not
already selected, and then click E-mail Options. Check the Read all
standard mail in plain text and Read all digitally signed mail in plain text
checkboxes, and then click OK.
If you can't live without fancy fonts in your e-mail, at least turn off the automatic
image downloading, because images can also link back to a third party. Here's
how:
» Storage feature guide

Outlook 2007: Select Tools > Trust Center, and then click Automatic
Download. Ensure the Don't download pictures automatically in HTML e-mail
messages or RSS items checkbox is checked, and then click OK.
Outlook 2003: Select Tools > Options, and then click the Security tab. Under
Download Pictures, click Change Automatic Download Settings. Check the
Don't download pictures or other content automatically in HTML e-mail
checkbox. Click OK.
Say no to e-mail offers
Always check the "No" box for future e-mail offers on every form you fill out
online, unless you specifically want a company's newsletter or other materials.
Don't click links in e-mails
Don't click links inside spam e-mail messages. That signals to the spammer
your address is valid, and they'll use it again and again. In addition, do not
believe unsolicited e-mails offering free "spyware cleaning" Web sites. These
almost always infect systems rather than clean them.
Be careful when opting out
Select the opt-out option only for well-known companies sending you e-mail.
The CAN-SPAM Act of 2003 forces companies to include an opt-out form for
users who do not wish to receive any more e-mail. You reach that form by
clicking a link inside the e-mail message, which is a bad idea on spam from
companies you don't recognize. Large, reputable American companies will
honor your request to unsubscribe to their mailing lists. Spammers, on the
other hand, will continue to send spam because you verified that your e-mail
account was active by unsubscribing to the e-mail.
Keep your computer updated
Most vendors provide patches that fix vulnerabilities or bugs in their software,
free of charge on their Web sites. After you purchase software, visit the
vendor's Web site to see if and how the vendor supplies patches. Some
vendors, such as Microsoft, let you receive patch notices via e-mail by
subscribing to mailing lists on their Web sites or through automatic updates.
Set Windows Update in Control Panel's Security Center to automatically
download and install Microsoft Critical Updates, as shown in Figure 2-6.
This is called Automatic Updates.
Figure 2-6: Set Windows Update to install critical updates automatically.

Enlarge image
Microsoft releases its critical patches the second Tuesday of each month. If
you want to get the update immediately, you must run Windows Update
manually or it may take a few days before your computer will be scheduled (by
Microsoft) to receive the update. Owing to server limitations, Microsoft can't
deliver the updates to everyone on the same day. It may take up to 7 days to
get the updates automatically.
Use Microsoft Update to get updates for Microsoft applications such as
Microsoft Office programs, as well as operating system updates.
Be careful what you download
Don't download files from any but the most trusted Web sites. You should
assume that any files found on peer-to-peer networks or adult content Web
sites will infect your system with spyware or worse. In addition, don't buy
anything from an unsolicited e-mail. This encourages the spammers to spam
more.
Use a pop-up blocker
Get a Web browser or add-in software that blocks pop-ups. Windows Internet
Explorer 7 has the built-in Pop-up Blocker tool, and the Google toolbar blocks
pop-ups for you also. Remember, active code hidden in pop-up ads spreads
spyware.
To see how well your system blocks pop-ups, visit Popup Check.com and take
the pop-up tests available there. You'll also find related software ratings there,
and a "Top 10" list as well.
Moving on
In this lesson, you learned how to eliminate spam and spyware from your
computer. In Lesson 3, you'll learn how to protect your PC from viruses. Before
you move on, complete the assignment and take the quiz for this lesson, and
then head over to the Message Board to join the discussion on spam and
spyware.
Assignment #2
As you discovered in Lesson 2, it's vital to thwart spam, use antispyware software, and have a
firewall installed and configured on your computer. This assignment has three parts pertaining to
spam filters, using Windows Defender to search for and remove spyware, and configuring Windows
Firewall to block intruders from accessing your computer.
Using a spam filter
Check your e-mail client to determine if you have a spam control feature and that it's enabled. If you
don't have spam control, visit About.com's Top 10 Free Spam Filters for Windows or Download.com
to find a spam-filtering program that's right for you. Configure the program of your choice to filter
spam for one week and see how much your spam is reduced.
When you gain the upper hand over the flood of spam you get today, you'll know the assignment was
a success.
Using Windows Defender

To use Windows Defender, perform the following steps:
1. If you run Windows XP, download Windows Defender from the Microsoft Web site, and then
install it on your computer. If you run Windows Vista, skip to step 2.
2. Open Windows Defender (select Start > All Programs > Windows Defender, or select Start,
enter Windows Defender in the Vista Start Search text box, and then select it from the list).
3. Check for new malware definitions. (Click the down-facing arrow at the right end of the
toolbar, and then select Check for updates.) Click Continue or enter administrator credentials
in Windows Vista, if prompted.
4. Conduct a quick scan of your system (click Scan on the toolbar). Did you find any malware?
5. Click Tools > Options. In the Options screen, configure Windows Defender to run every day at
a time of your choice and to check for updated definitions before scanning. Save the settings
and close Windows Defender.
Using Windows Firewall
Determine whether your computer has a third-party personal firewall installed, such as from Norton,
McAfee, Zone Labs, Sunbelt, and so on. If not, ensure that Windows Firewall is enabled by
performing the following steps:
1. Open Windows Firewall (select Start > Control Panel, find and open Security Center, and then
click Windows Firewall).
2. If the Windows Firewall is off, click Change settings. Click Continue or enter administrator
credentials in Windows Vista, if prompted.
3. Click the On (recommended) option button. If you plan to connect to unsecure networks and
want more protection, click the Block all incoming connections checkbox. However, this
prevents some of your Internet programs from working.
4. Click the Exceptions tab to note which programs are allowed through the firewall. You can add
programs here, if necessary.
5. Apply the settings, close Windows Firewall, and then close all open windows.
Stop by the Message Board and discuss which firewall you use and why. If you've learned about
settings that might help your classmates, discuss them and how they work.
Quiz #2
Question 1:
True or False: One of the most effective methods for reducing spam is through the use of antispyware software.
A) True
B) False
Question 2:
What's a black list?
A) A list of people whose messages should always be blocked before they make it to your inbox
B) A list of e-mail that's not marked Urgent
C) A list of people whose messages should always be delivered to you immediately
D) A list of security practices that are followed by every ISP
Question 3:
Which types of software tools do you need to effectively protect yourself from spyware? (Check all that apply.)
A) Firewall
B) Image scanner
C) Spyware scanning and removal tool
D) Spam blocker
Question 4:
True or False: A firewall is a component placed on computers or between a computer and the Internet to help

eliminate undesired access by the outside world.
A) True
B) False
Question 5:
What are some ways you can stop spam before it's ever sent to you? (Check all that apply.)
A) Use an alternate e-mail address
B) Subscribe to the Do Not E-mail list
C) Don't click links in spam e-mails
D) Be careful about the opt-out links you click
Virus protection basics
Without antivirus software installed, you're open to attack from a host of threats that can crash your computer in
a heartbeat. This lesson will show you how to protect your computer from viruses and keep the software up to
date.
Why you need antivirus software
As you learned in Lessons 1 and 2, there's a variety of malware that can affect
your computer. If you don't have antivirus software installed on your computer,
it's simply a matter of time before it becomes infected with a virus or worm and
possibly becomes inoperable and/or is used to infect other computers. New
viruses and vulnerabilities surface daily, so you must be prepared to keep your
computer safe.
A few times each year, a potentially devastating virus surfaces and spreads
very quickly, infecting countless computers around the world. To make matters
worse, if your computer is spreading a virus, there's the chance that your ISP
will disable your account and not grant you access until your computer is
cleaned and protected.
If you use your home desktop or notebook computer to connect to your
company's network when working from home, it's essential you install
antivirus software to prevent spreading viruses to the office network. Some
companies have their firewalls set up to check all computers that try to
connect remotely and disallow access to those that don't have updated
antivirus programs running, personal firewall software properly configured,
and the latest service packs and security updates installed.
How antivirus software works
Virus writers release a virus, it's discovered, and then an antivirus company
finds a remedy for it. Once someone has detected and analyzed a virus, it's
possible to write programs that look for specific characteristics of the virus,
such as the following:
Scanner software: Searches all files in the boot sector, in memory, and on
your hard disk for code that uniquely identifies a file as a virus. This is the
most common method of virus detection available, and is implemented in all
major antivirus software programs.
Interception software: Also called activity monitoring software, it examines
the computer for virus-like behavior, and then warns the user about the
behavior.
Heuristics: In the case of new viruses for which no remedy has been
created, scanning software uses heuristics -- a generic method of virus
detection -- that looks for unusual virus-like activity on your computer.
Integrity checker: Records integrity information about important files on your
hard disk, usually by checking for changes in a file. This method creates a
"blueprint" (called a checksum) of the contents of every file on the computer.
» Laptop and tablet PCs

Each time a file is opened, the virus scanner recomputes the checksum and
compares to the one it has stored in its database, to see if the file has
changed. This method is also called change detection.
For a virus to be successful, it must replicate its code. The key to antivirus
software is detection. Viruses also have variants or copycat viruses that
emerge after the initial outbreak, which make up the bulk of known viruses.
After the software detects infected files, you can sometimes repair them. If not,
you can quarantine them so that the viral code won't execute.
Next, learn how to select an antivirus software package.
Selecting an antivirus software program
An antivirus software program may or may not come with your home computer.
Sometimes a newly purchased computer might include a trial version or it may
include a subscription for a number of months. Here are some considerations
for evaluating antivirus programs:
Does the software automatically scan a file when you send an e-mail
attachment?
Can you configure the software to update virus signatures automatically?
How often are updates typically made available by the antivirus vendor?
Can the virus checker clean and repair a file or does it just quarantine it?
Can you check every file that your computer receives?
When selecting an antivirus application, you should evaluate or read up on the
popular programs and decide which you think would best suit your needs. The
two most popular antivirus software packages are Symantec's Norton AntiVirus
and McAfee's VirusScan, which you can purchase as standalone products or
as part of each company's protection suites. The following describes these
packages and offerings from some of the other major antivirus software
vendors:
avast!: Detects and removes known viruses, can detect the basic activities of
self-modifying viruses, and includes a script blocker, IM shield, and virus
cleaner. ALWIL Software creates avast!. A free version is available.
AVG: Provides basic antivirus protection free for home and non-commercial
use, more comprehensive antivirus, antispyware, antispam, and firewall
protection in the paid version. Grisoft created AVG and offers AVG AntiVirus
Free Edition, among other products.
F-Secure: Includes a variety of products -- antivirus, spam, and firewall
protection -- for home users, small businesses, and large enterprises. It also
provides Web site-based and wireless solutions for mobile workers against
viruses and malicious code.
McAfee: McAfee offers a family of antivirus and spyware software for
Windows and wireless protection, which includes Internet security software,
personal computer updates, hacker protection, and antivirus downloads. It
also offers evaluation versions for business or home users.
Symantec: Symantec offers a variety of software that blocks worms and
detects and removes viruses. Its features include automatic virus, worm, and
Trojan horse removal; IM attachment scanning and cleaning; and spyware
and keystroke logging program detection. The company also provides a
special version adapted for mobile devices.
Panda: Panda Security offers protection against viruses, spyware, hackers,
and other threats. It also has the ability to scan your computer on demand
any time you have Internet access.
PC-cillin: From Trend Micro, this software protects your PC and home
network against all types of viruses, worms, Trojan horses, and blended
threats. It also detects and removes spyware, filters unwanted content, and
minimizes spam.
Sophos: Protects your network, desktop, and remote notebook computers
from viruses, Trojan horses, worms, and spyware. You can use Sophos on
multiple platforms.
Virus scanning and other Internet security protection can also be performed
» HP TouchSmart desktop
PCs

y Web-based services such as Microsoft's Windows Live OneCare, which
includes performance tuning and backup and restore in addition to
antivirus, antispyware, antiphishing, and firewall protection.
After you select an antivirus software program, it's time to install and run it for
the first time. If you've never used antivirus software on your computer, you
need to take some extra steps so that the antivirus software can scan all the
files on your hard disk the first time it runs. You'll learn how to prep your
computer, and install and run antivirus software, in the next section.
Scanning and cleaning your computer for the first time
Scanning and cleaning your computer involves three main steps: installing
antivirus software, updating the software, and then scanning your computer's
drives. These are described in the following sections.
The installation
This part is easy. Just close all running programs, insert the antivirus software
CD-ROM into your computer or double-click the .exe file you downloaded from
a manufacturer's Web site, and follow the prompts.
When you install a program in Windows Vista, the UAC (User Account
Control) feature requires that you type in administrator credentials or click
Continue if you're logged on as an administrator before you can proceed
with the installation.
The software installer extracts all of the files you need and runs a wizard that
steps you through the process. When prompted, install your antivirus software
to the default location on your hard disk or select a different drive if the default
disk doesn't have enough free space. Select to run a brief pre-install system
scan if the installer software suggests it.
For demonstration purposes, this lesson uses Symantec's Norton Internet
Security 2007 software on Windows Vista.
The update
Because your software needs to be as current as possible, one of the first
processes your antivirus software may perform is to update the virus definition
file. Often, it does this automatically during installation if you have a live Internet
connection. You can also perform this procedure directly after the installation.
Upon opening your software, you can update the virus definition file by clicking
Run LiveUpdate in the lower left pane. The LiveUpdate Wizard starts, as shown
in Figure 3-1, displaying a list of components installed on your computer. Click
Next to check for updates for the components. On the Options screen, select
which updates you want to apply, and then click Next. When the software
confirms that the components are up to date, click Finish. When prompted to
restart your computer, click OK.
» PC Learning center

Figure 3-1: LiveUpdate Wizard.
The scan
Now it's time to scan your computer. To open the antivirus software, select
Start > All Programs > Norton Internet Security > Norton Internet Security. On
the Norton Internet Security screen, click Run a Scan, and then click Run Full
System Scan, as shown in Figure 3-2. The software begins scanning all your
files.
Figure 3-2: A full system scan checks all the files on your computer.
Depending on the size of your hard disk, scanning your system can take
anywhere from a few minutes to an hour or more.
After the scan is complete, if any viruses are found, the software fixes or
quarantines them. The results of the scan are displayed to you with any
attention required from you, as shown in Figure 3-3.
Figure 3-3: Results of a scan.
Enlarge image
After initial installation, the antivirus software runs continuously in the
background to help prevent any infections. However, you should run a manual
antivirus scan weekly, just to make sure nothing slipped through. In Norton

Internet Security, select Configure a Scan > Manage Custom Scans. You can
select only certain drives, folders, or files to scan, reducing the time required for
a full system scan. For best results, select Scan drives, and then select the C:
drive.
Now that you know how to install antivirus software, update it initially, and then
scan your system, read on to learn how to clean and troubleshoot an infected
computer.
Cleaning and troubleshooting an infected system
If your computer is severely infected, the antivirus software might not run. If
that's the case, there are a few options you can try.
Boot into safe mode
Safe mode disables most drivers and running programs. To boot in safe mode,
restart your computer and press the F8 key (after the initial black-and-white
screen but before the Windows splash screen) until you get to a boot menu
screen. With Windows Vista, XP, 2000, use your arrow keys to select Safe
Mode with Networking Support. After the computer boots, try to run the
antivirus software again. If the antivirus software still won't run after booting into
safe mode, try scanning your system using an online tool.
Scan your system online
Because the same antivirus software methods are in use all over the world,
virus writers attempt to defeat antivirus protection by creating viruses that
disable the software. If this happens and you're running Windows, do the
following:
1. Open Microsoft Internet Explorer, and then go to the HP Personal
computing security center Web page.
2. Click the Clean your PC link, and then click the Symantec: Security
connection link. The Symantec Your Security Resource Web page
appears. Scroll down and click the Symantec Security Check Test
button, as shown in Figure 3-4.
Figure 3-4: The Symantec Security Check Test button.
1.
2.
On the resulting Web page, click the Go button.
The Symantec Security Check Web page appears, a portion of which is
shown in Figure 3-5. Click the Virus Detection Start button.
Cleaning System Restore
Viruses can insert
themselves into your restore
directory in Windows XP or
Windows Vista. When you
restore the computer, the
virus is restored as well. If
your computer has been
infected with a virus, after it's
removed it's a good idea to
open System Restore and
delete restore points with
dates that occurred while the
virus was active. This
prevents the computer from
becoming reinfected when
you use System Restore. To
open System Restore, select
Start > All Programs >
Accessories > System Tools
> System Restore. Follow the
prompts to delete specific
System Restore dates.
» PC Accessories features
guide

Figure 3-5: Symantec Security Check Web page.
Enlarge image
1.
Accept the end-user license agreement, click Next, and then download
and install ActiveX controls if they're not already present.
The service scans your hard disk(s) to detect and fix any viruses you may have
on your computer.
Alternately, you can use McAfee FreeScan or Trend Micro HouseCall Free
Scan, which are free online virus scanning tools that support many versions
of Windows.
Use a virus removal tool to clean your computer
If the preceding steps indicate your computer is infected, using a downloadable
virus removal tool is sometimes more effective than relying on the antivirus
software installed on your PC. This is because a virus or worm sometimes adds
key to your registry, the database that holds valuable information about your
computer. Even after you quarantine or delete a virus, the virus restarts itself
each time the computer is started because of the registry key. Every time you
run a virus scan, the software continues to find the virus. This ends up in a
vicious cycle. To remove a virus from your computer, you can use a free virus
removal tool such as those listed on the Symantec Removal Tools Web page.
You can also use the Symantec Spyware & Virus Removal service, for a fee. A
qualified technician performs a system scan and removes any malware from
your computer as part of an online service.
Perform manual updates
If your antivirus software has become partially unusable because of an
infection, you can manually download the virus definition update. This file can
be found on the manufacturer's Web site. Figure 3-6 shows a portion of
Symantec's download virus definitions Web page.

Figure 3-6: You can manually download virus definitions from the vendor's Web
site.
After your computer is virus-free, you should create a new System Restore
Point. (See the "Cleaning System Restore" sidebar for more information.) And
then you're well on your way to a safer, more secure computing experience.
Now it's time to discuss how to keep your computer in this condition.
Ensuring ongoing virus prevention
After you've installed antivirus software, you need to keep it updated. This is
because as new viruses are released, new file definitions have to be created to
fix the damage that these viruses cause. If you don't update your virus
software, you leave your computer vulnerable to all newer virus threats.
Enable autoupdate
Antivirus software vendors update their virus lists regularly. Make sure you
enable the autoupdate feature in your antivirus software to install updates for
you on a regular basis. This feature is called LiveUpdate in Norton Internet
Security 2007. It checks for updates daily when your computer is on. You can
run LiveUpdate at any time by clicking Run LiveUpdate under Quick Tasks in
the left pane of the console.
Schedule regular updates
Some antivirus software packages enable you to schedule the day and time
that the update runs. If you use a dial-up modem to access the Internet, set it
for a day and time when you know you'll be online. If you use a DSL (digital
subscriber line) or cable modem -- an always-on broadband connection -- set it
for a time when you're not using the computer. Most updates take only a few
minutes to download and install.
Schedule regular system scans
As mentioned previously, most antivirus software packages run in the
background and constantly monitor your computer for problems. However, you
can schedule automatic system scans -- once a day or each week, for example
-- for even better coverage. In Norton Internet Security, select Configure a Scan
» Storage feature guide

Schedule Full System Scans. You can select only certain drives, folders, or
files to The Norton Internet Security Schedule screen is shown in Figure 3-7.
Figure 3-7: You can schedule automatic scans.
Even with antivirus protection set up, you still need to develop safe computing
habits to ensure an even safer online experience. Find out how to start using
these best practices in the next section.
Practicing safe computing
Most current antivirus software is quite effective, but only if it's kept updated
and the user practices safe computing habits such as not opening unfamiliar
attachments in the form of documents or programs. Remember that antivirus
software can't always protect against brand-new viruses, and users often don't
take necessary precautions.
In addition, antivirus software can interfere with programs currently installed on
the computer, especially gaming software. Often, users disable the virus
software because a game won't run correctly. Sometimes users disable the
antivirus software because a screen keeps appearing (referred to as a "nag
screen") saying that the software needs to be updated. Disabling the antivirus
software leaves your computer at risk.
Here are some safe computing practices that you should follow:
Purchase software from a local store you're familiar with or a national chain
with an established reputation.
If you purchase programs over the Web, make sure they're from a reputable
company.
Make a boot disk and keep it handy in case a virus infects your computer so
badly that it won't even boot. Review your PC's documentation for details on
how to do this for your system.
Use RTF instead of DOC extensions for your Word files. Be cautious about
accepting any Word .doc or Excel .xls files from anyone.
Be extremely cautious about opening attachments. Don't accept, run, or
open any unsolicited attachments to e-mail.
Keep up with the latest security patches for all the programs you use. If you
run Windows XP or Vista, use the Automatic Updates feature in Security
Center to schedule regular updates. You can also select Tools > Windows
Update in Internet Explorer to manually update your computer.
Understand Microsoft
Internet Explorer Protected
Mode
In Windows Vista, Internet
Explorer 7 runs in Protected
Mode, which enforces
restricted privileges in
Internet Explorer to help
protect your computer from a
variety of attacks. Protected
Mode prevents many attacks
to write, alter, or destroy data
on the user's computer or to
install malicious code.
» Laptop and tablet PCs

Make frequent backups of your data files and keep them on removable
media, such as CDs, DVDs, or USB (universal serial bus) drives, in the
event that a virus renders your computer completely useless. You can also
use an online storage service, such as MediaMax, Box.net, or Carbonite.
If your computer is used by more than one person, be sure that the other
users know the dangers of unsafe computing.
Your antivirus software program prevents some of the problems caused by
downloading programs, opening e-mail attachments, and unsafe computing.
However, you need to remember that there's a lag between recognizing a virus
and when your computer or virus vendor knows about it. The safer you make
your computing experience, the more joy you'll get from using your computer.
Moving on
In this lesson, you explored how viruses work, and learned about using
antivirus software and how to keep it up to date. You also explored some ways
to practice safe computing. Before you move on, do the assignment and take
the quiz for this lesson. After that, head over to the Message Board to discuss
malware and protection solutions with your instructor and fellow students.
Good luck in keeping your computer in good running condition, and have a safe
and happy computing experience.
Assignment #3
Perform the following steps to discover whether your computer has antivirus software installed:
1. In Windows Vista or Windows XP, select Start, and then click Control Panel.
2. Double-click Security Center (in Classic view), or double-click Security > Security Center
(in Category view).
3. Note whether any programs other than Windows Firewall are listed.
4. Check your taskbar icons. Most antivirus programs put an icon in the right section
(notification area) of the taskbar.
5. Select Start > All Programs, and then check the list of programs installed on your
computer. Common antivirus programs include: Symantec/Norton, McAfee, Panda,
Trend Micro PC-cillin, AVG, and avast!.
6. If no antivirus software is installed, download and install an antivirus program of your
choice.
7. Update the software to ensure it's using the latest virus definitions. For example, in
Norton Internet Security 2007, run LiveUpdate.
8. Configure your antivirus program to update definitions daily, at a time when the computer
and Internet connection will be on and you're usually not using the computer.
Share any new tips you uncover or problems you run into with your classmates on the Message
Board.
Quiz #3
Question 1:
If your computer is severely infected, the antivirus software program might not run. Which of the following can
you do to resolve this problem? (Check all that apply.)
A) Nothing, take the computer in for repair.
B) Attempt to do an online scan to detect and fix viruses, worms, or Trojan horses that you may have on
your computer.
C) Boot into safe mode and try to run your antivirus software program.
D) Disable your antivirus program and work without it.
Question 2:
Which of the following are types of antivirus detection methods? (Check all that apply.)

A) Quarantine
B) Heuristic detection
C) Integrity checking
D) Interception
Question 3:
True or False: Even if you quarantine or delete a virus on your computer, it can still restart if it has stored a key
in your system's registry.
A) True
B) False
Question 4:
Which of the following items are considered a part of safe computing? (Check all that apply.)
A) Keep up with the latest security patches for all the programs you use.
B) Purchase software from a local store that you're familiar with or a national chain with an established
reputation.
C) Make a boot disk and keep it handy in case a virus infects the machine so badly that it won't even boot.
D) Purchase software programs on the Internet from any company that clearly states it specializes in
antivirus software.
Question 5:
True or False: If a virus inserts itself into your restore directory in Windows XP or Windows Vista, when you
restore the computer using System Restore, the virus is automatically removed.
A) True
B) False
© 2003 - 2010 Powered, Inc.