Internet Tips: How Do I Know When a Virus Hits My Computer?

In my garage, I have carefully stored not one, but two IBM Selectric II typewriters. While we may conquer viruses, worms, spyware, and other malicious code someday, I'm keeping both of them as backups just in case the situation continues its current downward spiral. Who knows, I may need it to bang out my Selectric Tips column someday.

Okay, so maybe I'm overreacting. But even if you follow every online safety measure, there's no guarantee you won't get nailed by the next Internet worm. When that day comes, here's the very first thing you should do: Relax.

Then calmly get to work eradicating the invader. Relatively few viruses start destroying your data right away, and most don't damage anything. In fact, the virus may not do anything at all.

How will you know if you've got a virus or worm that your antivirus software doesn't detect? Start by looking for unusual activity on your PC, such as unexplained hard-disk activity (listen for disk sounds or watch the PC's disk access LED) or network access. (Note that unexplained hard-disk activity and network communications are usually harmless; see this month's Windows Tips column for more on this subject.)

To put an icon in your Windows XP system tray that shows when programs are using your network connection, choose Start, Control Panel, Network Connections, right-click the network connection you want to monitor, choose Properties, check Show icon in notification area when connected, and click OK (see FIGURE 1

FIGURE 1: Monitor your network activity by enabling the tray icon for Net connection.
).

Be sure to configure your antivirus software to update automatically, and schedule daily virus scans of your PC. Some vendors issue multiple updates in a single day to counter new threats. If you think you may have been hit, don't hesitate to update your software and scan for viruses manually. Remember: If your software is set to perform scans and to download updates, but your computer is generally in standby mode or powered off at that time, you have a problem.

If you suspect that your PC has a virus or worm, but your antivirus software has not detected or stopped it, take these steps to prevent it from spreading.

Pull the plug: Physically disconnect phone lines, network cables, and wireless cards (or turn built-in wireless units off). This will instantly stop viruses and Trojan horses on your PC from connecting to or infecting other computers, and will keep your PC safe from some worms.

Now pull the other plug: Don't open, close, or save anything (unless not saving would cause important work to be lost). And don't shut down Windows. Turn the PC off instead. This blocks viruses from creating or modifying any more files on your hard disk as part of Windows' normal shutdown process, which is when many of these modifications occur.

Use a recovery disk: The best antivirus programs let you create a bootable rescue or recovery floppy or CD (see FIGURE 2

FIGURE 2: You should create an antivirus recovery disk before malware strikes.
) so you can restart your computer without activating viruses lurking on the PC's hard disk. Check your program's online help or manual for the steps required to create a recovery disk, and then test the disk to make sure your PC is configured to boot from removable media.

Subscribe to the Security Watch Newsletter

Comments