Protecting Against Viruses

The best way to keep your Windows Vista system virus-free is by taking adequate preventative measures to reduce your risk of infection. Certainly installing antivirus software is a good first step, but it's equally important to ensure that you keep that software properly updated with all of the latest virus definitions-if you install antivirus software but neglect to update it regularly, your computer will still be exposed to all of the newest viruses, which are usually the ones that pose the greatest risk.

Although running updated antivirus software is probably the single best way to minimize the risk of a virus infection, using Windows Vista and Internet tools (such as e-mail) wisely are arguably just as important. With this in mind, essential tasks and concepts for keeping your Windows Vista system virus-free include:

• Installing antivirus software

• Keeping virus definition files updated

• Configuring virus scanning settings and options

• Scanning for viruses regularly

• Avoiding viruses by using common sense and best practices

Each of these tasks and concepts are explored in more detail in the following sections.

Installing Antivirus Software

The first step toward maintaining a virus-free Windows Vista system is to install an antivirus program. There are many different antivirus programs available for Windows Vista, but some of the most popular include:

• Norton AntiVirus, available from http://www.symantec.com.

• McAfee VirusScan, available from http://www.mcafee.com.

• Sophos Anti-Virus, available from http://www.sophos.com.

• Panda Titanium Antivirus, available from http://www.pandasoftware.com.

• AVG Anti-Virus, available from http://www.grisoft.com.

The antivirus program that will work best for you is largely a matter of personal preference as well as your budget. Many users seek out an antivirus program that is packed with different features to address specific needs; others simply use the antivirus program that shipped with their computer, whereas others seek out free alternatives. Some of the more common features found in the popular antivirus programs include:

• Real-time virus protection

• Scheduled virus scanning

• Automatic virus definition updates

• Inbound and outbound e-mail message scanning

Additionally, some antivirus programs include extended capabilities such as scanning files sent and received over instant message chats in real-time, and detecting and removing spyware. Some packages even go as far as to bundle multiple security tools together, as is the case with AVG Plus Firewall. This particular program groups antivirus, antispyware, and firewall capabilities into a single security suite.

Windows Security Center can be used to determine the status of virus protection on your computer. Specifically, the Virus Protection section will let you know whether you have antivirus software installed, and whether its virus definition files are up-to-date. When antivirus software is not installed (or your virus definition files are out of date), Windows Security Center also alerts you through an icon and notification balloon on your Windows taskbar.

Follow these steps to determine the current status of virus protection on your Windows Vista system:

1. Click Start → Control Panel → Security Center.

2. In the Windows Security Center window, review the Malware Protection section as shown in Figure 9-1. If the status message displays anything other than ON, read the message provided to determine which steps you need to complete to protect your computer from viruses, such as installing antivirus software, or updating an installed program's virus definition files.

   
   Figure 9-1: Reviewing the status of Malware protection in Windows Security Center.

Follow these steps to install AVG Free Edition on your Windows Vista system:

1. Click Start → Internet Explorer, or open your preferred web browser. Head to http://www.free.grisoft.com and download the latest version of AVG Free Edition. After the download is complete, double-click the file to begin the installation process.

2. When the Security Warning dialog box appears, click Run. When the User Account Control dialog box appears, click Continue.

3. At the Welcome screen, click Next. Follow the steps until the Installation Complete screen appears, and then click OK.

4. When the AVG First Run window appears, click Next. Various scanning operations can be completed using the First Run wizard, but for the sake of brevity you can also click Next through all of these screens.

5. Click Continue to complete the First Run wizard. The AVG Free Edition Test Center screen appears, as shown in Figure 9-2. This is the primary working environment to initiate virus scans or check for updated virus definitions with AVG Free Edition.

   
   Figure 9-2: The AVG Free Edition Test Center window.

You will learn more about scanning for viruses and updating definition files in the following sections of this chapter.

Updating Virus Definitions

After you install antivirus software on your Windows Vista system, it's important to keep it updated with the most recent virus definition files. If you neglect to download and install these updates as they're released (which is typically anywhere from once a day to once a week), your computer will be vulnerable to all of the latest viruses.

Thankfully, almost all antivirus programs include a feature that enables you to check for (and then download and install) new updates automatically, according to a schedule that you define. Many antivirus programs will configure a virus definition update schedule automatically, whereas others require you to enable the feature and configure a schedule manually.

Follow these steps to update virus definition for AVG Free Edition:

1. Right-click the AVG Free Edition icon on the notification area of the taskbar and select Check For Updates.

2. At the Update window, select the Do Not Ask For The Update Source Next Time check box, and then click Internet.

3. The AVG Update File Download window appears, followed by the Update selection screen (if new updates are available) as shown in Figure 9-3. Click the Update button. When the update process is complete, click OK.

   
   Figure 9-3: Downloading virus definition files with AVG Free Edition.

4. AVG Free Edition automatically checks for updates every day at 8:30 A.M. To change this schedule, right-click the AVG Free Edition icon on your taskbar and select Launch AVG Control Center. Then, right-click Scheduler and select Scheduled Tasks. To change the time at which updates are checked, click Update Plan In Basic Mode (see Figure 9-4), and then click Edit Schedule to select a new update time.

   
   Figure 9-4: Reviewing scheduled tasks in AVG Free Edition.

Configuring Virus Scanning Options

Every antivirus program implements slightly different default virus scanning settings, so it's important to be sure that your Windows Vista system is being protected to an appropriate degree. For example, some antivirus programs scan every file that you attempt to open by default, but do not scan e-mail messages unless you configure them to do so. Similarly, some antivirus programs automatically scan the contents of any disk (floppy, CD, DVD, and so forth) that you insert into a drive, whereas others scan disks only if you explicitly enable the option to do so. Never assume that your Windows Vista system is being completely and thoroughly protected if you haven't taken the time to confirm its virus scanning settings and options.

Follow these steps to configure scanning options with AVG Free Edition:

1. Right-click the AVG Free Edition icon on the notification area of the taskbar and select Launch AVG Control Center.

2. Right-click AVG Resident Shield and select Properties.

3. In the AVG Resident Shield window, select the check boxes in the Scan Details and Advanced Settings sections according to your scanning preferences. AVG Free Edition scans files that can be infected by default (but can also be configured to scan all files), as shown in Figure 9-5.

   
   Figure 9-5: Configuring virus-scanning options with AVG Free Edition.

   Note

   Heuristic analysis (often called heuristic scanning) is a technique by which antivirus programs attempt to detect virus-like activities even when a file is not infected with any known virus. Heuristic scanning watches for suspicious behavior by files or programs, and when these are found, alerts you in a manner similar to any other virus. As a general rule, leave heuristic options in your antivirus software enabled-they might just catch the latest viruses making the rounds on the Internet before your antivirus vendor releases an update to address it.

4. Click OK to enable your new scanning options.

In addition to ensuring that scanning options are configured in a manner that meets your needs, it's equally important to periodically test your antivirus program to ensure that it's functioning correctly. Now, you probably shouldn't download a virus-infected file from the Internet for the purpose of testing whether your antivirus program will detect and quarantine it, but it's never a bad idea to ensure that features like e-mail message scanning are enabled and functioning correctly. When an inbound or outbound e-mail message is scanned for viruses, a certification note to that effect (including details on the product used) is typically added to the footer of all e-mail messages.

Follow these steps to configure and test the inbound and outbound e-mail scanning capabilities of AVG Free Edition:

1. Right-click the AVG Free Edition icon on the notification area of the taskbar and select Launch AVG Control Center.

2. Right-click E-mail Scanner and select Properties.

3. On the Plugins tab, click Configure. By default, AVG Free Edition scans all incoming and outgoing messages (see Figure 9-6). Use this tab to configure additional e-mail scan settings, such as automatically removing certain types of e-mail attachments if necessary.

   
   Figure 9-6: Reviewing e-mail message scanning options in AVG Free Edition.

4. Click the Details button. The E-mail Scanning Details window enables you to configure certification messages to be added to both incoming and outgoing messages, as shown in Figure 9-7. You can change the default message to your own custom message, or leave the default messages intact. Click OK.

   
   Figure 9-7: Configuring virus certification messages.

5. Open your preferred e-mail client program (Microsoft Outlook or Windows Mail, for example).

6. Compose a new message and send it to yourself. When the message is received, open it to view the message contents. The certification messages stating that the file was checked for viruses when it was sent and received are displayed.

Scanning for Viruses

When you have antivirus software installed, its real-time protection feature typically scans all files that you attempt to access or open to ensure they're virus-free. However, it's possible that a virus found its way onto your system before the software was installed, and that other files that haven't been opened in a while may be infected. For this reason, it's important to perform complete virus scans of your hard drive and other disks frequently-at least each week.

Much like antivirus programs usually check for new virus definition file updates automatically, most also schedule a complete scan of your system for viruses either daily or once per week. As with all security-related tasks, it's never a bad idea to err on the side of caution when it comes to scanning for viruses. Although running a full virus scan once a day may seem excessive, the process generally takes less than a half hour to complete (depending on the size of your drives and the number of files to be scanned), and it's always better to be safe than sorry.

Of course, antivirus programs also enable you to initiate virus scans manually if you'd rather have more control over how and when these scans occur. For example, you might choose to start a complete scan just before you head out to run errands, or scan certain drives only (such as C:) more frequently. All of the major antivirus programs provide a high degree of flexibility when it comes to configuring virus scan settings, both through a schedule and manually.

Follow these steps to complete a full virus scan:

1. Right-click the AVG Free Edition icon on the notification area of the taskbar and select Launch AVG Test Center.

2. To complete a full scan of all drives on your computer, click the Scan Computer button. To scan only the drives you specify, click Scan Selected Areas instead, and you'll be prompted to select the drives to scan, as shown in Figure 9-8.

   
   Figure 9-8: Antivirus programs usually provide options to scan your entire computer or only selected areas.

3. Check the drives and locations that you want to scan for viruses, and then click Scan Selected Areas.

4. After the scanning process is complete (remember, this may take half an hour or more), the Finished window appears (see Figure 9-9). Review and take action on any viruses that were found (if applicable), and then click Close.

   
   Figure 9-9: Results of a virus scan.

Beyond Antivirus Software

Running antivirus software with updated virus definition files and real-time protection features enabled is perhaps the best way to keep your system protected from virus threats. However, even the best-protected system can succumb to a new virus threat because there's generally a small lag between the time when a new virus (or a new variant of an existing virus) is discovered and a vendor's virus definition files are updated to address the threat. Some new viruses spread so rapidly that literally tens of thousands of systems are infected within hours, a situation that can typically be avoided by ensuring that you adhere to some basic guidelines and best practices to minimize your chances of acquiring an infection.

Use the following best practices to help ensure that your system remains free and clear of viruses to the greatest degree possible:

• Always run antivirus software and keep it updated. Never disable it when connected to the Internet.

• Use antivirus software that includes both inbound and outbound e-mail message filtering. Besides removing infected e-mail attachments, these programs usually warn you when you attempt to open file types commonly used to transmit viruses.

• Never assume that e-mail attachments received from friends, family, and colleagues are virus-free. (Remember, many worms are designed to infect one user's system, and then use that user's e-mail address and contact list to send infectious e-mail attachments to others.) If your antivirus program doesn't scan e-mail messages as they're received, save attached files to disk and then scan them for viruses prior to opening them.

• Be very careful with files that you download from the Internet, especially those found in Usenet newsgroups, on file-sharing services, and FTP servers. Internet downloads are a notorious source for virus-infected files, so take the time to complete virus scans on every file that you download prior to opening it.

• Always keep your Windows Vista system up-to-date with the latest security updates and patches. Many viruses, worms, and Trojan horse programs take advantage of operating system flaws to infect systems. The easiest way to keep your system protected from threats that try to exploit those flaws is to enable the Windows Vista Automatic Updates feature. If you choose to download and install updates manually, do so regularly.

• Ensure that you have firewall software installed-preferably one that offers both inbound and outbound packet-filtering capabilities. If all inbound ports are blocking connections, outside users cannot connect to your PC if a remote control program or Trojan horse infects it. Outbound filtering is also important, helping to stop viruses and other threats from connecting to the Internet to send off sensitive personal information or launch hacking attacks against other computers.

• Always think before you click, and never assume any file to be virus-free.