Green Apple maintains a list of specific viruses we have seen among our users. The list is available at:
    www.greenapple.com/support/security/pc-sentry
 

Six simple guidelines to help avoid getting a virus.

1. Don't open email attachments unless you are expecting them.

Email is the most common means used for spreading viruses. Most viruses have to be opened/executed to run. Viruses of this type spread in email as attachments. Often a virus attachment is sent unwittingly by someone you know. If you weren't expecting an attachment, don't open it.

2. Don't use the Preview Pane.

The Preview Pane in Outlook Express is the section which displays the contents of an email as you scroll through your message list. The Preview Pane does a full read of an email; so a viruses which is capable of infecting merely by reading has an opportunity to infect your machine. A safer way to read email is with the Preview Pane off and explicitly choosing the email to read by double clicking on it from the message list, which will open the email in a separate window. In Outlook Express, perhaps the most popular email program, to disable the Preview Pane, select View >> Layout >> remove the checkmark from 'Show preview pane' (applies to version 6 of Outlook Express).

3. Install and use a good virus detecting application and keep it up-to-date.

Norton (Symantec) and McAfee manufacture the most popular anti-virus software. Dr Solomon runs behind these two, but manufactures good anti-virus software as well. Buy a copy of anti-virus software from one of these companies (all three have shareware versions you can download and test drive). Understand, install and use it. Check with the manufacturers' website periodically. Keep your program up-to-date by downloading the latest anti-virus datasets (.dat files) and engines from the manufacturers. You can expect to have to purchase a new copy of software every couple of years as viruses will emerge which are outside the scope of protection aging anti-virus software can provide.

Along with keeping virus software up-to-date by downloading the latest datasets and engines, keep the recovery diskettes up-to-date. Recovery diskettes are bootable diskettes used to recover from a virus infection when a scan from Windows is unable to repair an infection. All virus manufactures recommend that you create recovery diskettes and keep them current. Get into a routine of building recovery diskettes.

4. Don't run open shared hard drives (file sharing) in Windows.

Many viruses scan the network (and the Internet) and attempt to copy themselves onto to open shared hard drives of other computers. Often people are running with their hard drive shared inadvertently. If you must run a shared hard drive, run it in read-only mode or using a password. For information on disabling hard drive sharing in Windows, click here.

5. Keep backups of all your important files.

Should you get a catastrophic hit from a virus which your anti-virus software cannot recover from (a combination which is, fortunately, pretty rare), be ready to recover afresh. Make it a practice to periodically identify and backup your key files (such as Word documents, Excel spreadsheets, important emails, Quickbook backups). Build a backup rotation schedule so that you have at least two sets of backups you could use to recover with, such as a weekly backup set and a monthly backup set. Having a good backup routine is an important part of an anti-virus regime (It is an even more important part of the regime you use to enable recovery from a catastrophic hardware failure!)

6. Use common sense.

This is a catch all. As you should take a cautious approach handling email attachments, be equally cautious with files you get through other means such as newsgroups, ftp, instant messaging and diskettes. Don't install anti-virus software and then disable it. All recent virus detecting software can be scheduled to do a complete hard drive scan at night. Schedule your machine for this, but make it a point to run a complete hard drive scan periodically yourself to see if the software is performing properly.

Back to Table Of Contents
 

What is a computer virus?

A computer virus is malicious computer software, written with intent to impair a person's use of their computer by causing nuisance, damage or loss of security.

Back to Table Of Contents
 

What kinds of computer viruses are there?

Backdoor: A virus which aims to compromise the machine for some type of intrusion attack or to capture and send out proprietary information, such as user names and passwords, contained on it. See also 'Trojan Horse'.

Boot Virus: A type of virus that infects PC boot sectors or the Master Boot Record. This type of virus is usually contained on a floppy and can only infect the PC when the machine is booted with the floppy inserted. These are some the earliest types of viruses since older machines used floppies to a great extent.

Bug: A software error. The consequence of a bug often resembles a virus; bugs can cause the machine to crash, lock-up, report unusual error messages, and more. Unlike a virus, a bug represents a mistake, not a deliberate attempt to cause computer problems.

Hoax: A hoax is just that. Hoaxes tend to spread through chain emails. A hoax will claim everything from the existence of a new and destructive virus, to the desperate plea for help for some poor fellow. Hoaxes which have been around for a while move into the the category of Urban Legends.

Macro: Microsoft Word Macro files which can run executables, destroy data or just plain mess up your documents. These viruses take advantage of the integration of email and Microsoft Word.

Trojan Horse: A Trojan Horse is a virus which masquerades as a harmless or common program in order to get the user to provide it with information or to run it. Trojan Horses often set up Backdoors, or secret entry points, into a program or machine and can conceivably allow outside access.

Spam: Unsolicited and annoying email.

VBS: VBS, Visual Basic Scripting, is the scripting facility provided by Microsoft across the spectrum of their applications. VBS scripts are small programs. Generally, they can be identified by having a '.vbs' extension. VBS scripts have access to many of the facilities of the operating system, including the ability to open, copy, delete and rename files. Many a virus nowadays is written in VBS and sent as an attachment which is activated when a user opens it.

Virus: In a general sense, the term 'virus' encompasses all malicious and deviant programs which aim to limit or disable a person's use and enjoyment of their computer. In a more specific sense, a virus is a piece of code which attaches, appears to attach, or overwrites itself onto another piece of code (generally a standard Windows file) to carry out its malicious purpose.

Worm: A worm is a type of virus which carries within itself an ability to promote its own propagation. Common means of this propagation are through automatic email using the addresses in a user's address book and through 'write shares' of Network Neighborhood. Most viruses which spread over the Internet are worms.

Back to Table Of Contents
 

What is the lifetime of a virus?

The level of danger posed by a virus will vary over time. Generally a virus is most dangerous when first released. Such viruses are considered "in the wild", meaning they pose a real danger to infect and harm your computer. While there are hundreds of viruses in the wild at any given time, most are simple variations upon a much smaller set of viruses. Over time, as virus manufacturers introduce anti-infection data sets and software manufacturers patch the program holes exploited by viruses, a given strain of virus will pose less and less of a threat.

The most destructive threats are not usually viruses, per se, but worms, trojan horses, and security compromises of specific operating systems and software features.

Back to Table Of Contents


It looks like my machine has been infected. Now what?

If you get a virus on your machine, do not panic. Most viruses are fairly innocuous and, frankly, if your machine has been infected, the worst is already over. The question now is how to proceed. Here are some guidelines:

1. Confirm that your machine has really been infected.

Part of the job of an anti-virus program is to scan for a virus installer (e.g., an infected attachment) and alert you about it  before the installer actually infects your machine. Are you being alerted to the presence of an installer or has your machine actually been infected?

2. The other job of an anti-virus program is to fix an infected computer. Can your program remove the virus?

3. Delete the attachment which contains the virus. If you've received the virus through an email delete it. Also be careful using your email program when connected to the Internet: the virus may try to send itself out to the people in your address book.

4. If your anti-virus program cannot remove the software, check with the anti-virus manufacturer. Do they have posted a virus description which matches what you are seeing on your machine? What steps do they recommend to remove the virus? Often manufactures can outline manual removal procedures before they have software implementations available. If you think the virus is associated with a specific program (such as an email program), you might check the maker of that software for information.

5. Take your computer to someone who can fix it. Sometimes getting rid of a virus can be difficult and involve things such as editing the registry and working in DOS. When removing a tricky virus, if it is not carefully done, the cure can be worse than the disease. If you are not comfortable removing a virus yourself, you are more than welcome to give us a call, we'd be glad to help. For complete information on contacting us and our hours, click here.

Back to Table Of Contents
 

Other Resources

For further information on computer health and security, visit a few of the resources provided below. Many of these WWW sites maintain databases of thousands of known computer viruses and exposed hoaxes, and offer software to keep your computer running trouble free.

• Green Apple's PC Sentry: An up-to-late list of viruses, worms, trojan horses, hoaxes and myths reported to us by our users.
• Network Associates: Makers of the the virus scanner Mcafee.
• Symantec: Makers of the virus scanner Norton Antivirus.
• Symantec AntiVirus Research Center: SARC is committed to providing swift, global responses to computer virus threats, proactively researching and developing technologies that eliminate such threats and educating the public on safe computing practices.
• DrSolomon: Makers of the virus scanner Dr.Solomon Anti-Virus Toolkit.
• F-Secure Corp: Makers of the virus scanner F-Prot and F-Secure
• Central Command: Makers of the virus scanner Anti Viral Toolkit Pro
• The Computer Virus Myths Home Page: Maintained by Rob Rosenberger, an internationally recognized expert on computer virus myths & hoaxes. Mr. Rosenberger has consulted on virus/security books written by Janet Endrijonas, Pamela Kane, and Richard B. Levin, and also serves as a consultant on computer virus issues to PC Magazine technical editor Neil Rubenking.

Back to Table Of Contents
 

If I delete the email attachment named xxxxx, will I be safe?

For the most part, yes. Most viruses spread through attachments of one sort of the other (attachments used here in the sense of a file which must be executed for the virus to infect the machine), and, for standalone PCs, email long ago passed by diskette as the most common means of transport. When a computer viruses is at it most rampant stage, such as with the 'I Love You' virus, it is generally replicating a single, successful variant. A positive aspect to this is that the variant will usually have a subject line or attached file which quickly becomes well known. Deleting email having the subject line or attachment is a smart preventive measure.

Some complicating factors are those viruses which can be spread through reading an email alone (e.g. KAK), viruses which can spread over a local network (a LAN) through Network Neighborhood and the tendency of programming deviants to propagate variants of a virus by renaming the subject line or the attachment or some other like modifications. For these, use common sense, don't open attachments unless you are expecting them, install and use a good virus detecting application and keep it up-to-date, and keep backups of all your important files.

Back to Table Of Contents
 

This file must be safe because my friends would never give me an infected program.

Maybe not expressly, but you don't know where they got the file to begin with. Also many viruses use the 'Address Book' feature of email programs to spread themselves.

Back to Table Of Contents
 

Viruses are most common in shareware.

Actually, to the contrary, shareware is very rarely infected. The shareware industry polices itself very effectively and there have been only a few isolated incidents of virus infected shareware being distributed to a vast number of people.

Back to Table Of Contents
 

I heard the xxxxx virus will destroy my yyyyy.

Not physically, not in the sense that you'll have to throw any components into the trash can. Viruses can only wreak havoc on data. There is no virus that has ever crumpled disks, melted processors, caused a monitor to spontaneously combust, put Nair in your shampoo or Rogaine in your Nair. Programs cannot do this; viruses are programs.

Back to Table Of Contents


Making my files read-only protects them from viruses.

File attributes can be by executable programs. Anything an attribute utility can do, a virus can undo.

Back to Table Of Contents


CD-ROMs and write protected floppy disks are safe.

True, so long as the virus wasn't already on the floppy before it was write protected or the master CD before it was duplicated. There have been a few cases of viruses making it onto the burn of a major software release, but only a few. One imagines that most software manufactures are religious about seeing that their distributions are virus free.

Back to Table Of Contents


I heard you get viruses from email.

You sure can. Email propagation is easily the number one means viruses are transported to standalone computers. Most emails viruses come in the form a file attachment which must be opened/run for the virus to install itself. So never run an attachment unless you were expecting it. A much smaller set of viruses can spread simply by reading an email. To the best of this author's knowledge, the set is limited to KAK and its variants. This virus used a 'feature' of Outlook and Outlook Express which enabled an email to make Visual Basic scripting calls. This 'feature' was disabled in later versions (versions released after 03-01-00 or so).

Back to Table Of Contents


I run on a Mac. All my PC friends are talking about this virus. Can I get it?

Most likely not. Viruses are programs. As such they will be written to run on a specific platform (or platform family as is the case with Windows). Macintosh computers are not compatible at the program level with PCs running Windows. Theoretically, a virus could be written in some high-level feature common to the implementation of an application on both Windows and Mac (template scripting in Microsoft Word comes to mind), but in practice, PC viruses are not seen on Macs; and Mac viruses, on PCs.

Back to Table Of Contents
 

I heard that there is a virus in Microsoft Word.

Templates were a feature introduced with the release of Word 6.0 to automatically perform editing functions on all your documents. Malicious Word templates (commonly called "macro viruses") are templates attached to Word documents that alter your other documents without your knowledge once installed. The changes these templates perform are trivial - such as changing all your verbs from active to passive tense or signing all your documents 'Caligula' - but their effects can add up to hundreds of man hours in lost work. These type of templates are considered "viruses" because they spread like viruses, attaching themselves to data documents on the infected host, even though they're not "viruses" in the traditional sense. Since many PC vendors preinstall Microsoft Office on new computers, and many people use Microsoft Word to compose and spell/grammar check their email, Word macro viruses are very common today.

Back to Table Of Contents


I've gotten an unexpected attachment and, I am real curious about it.

With few exceptions a virus received in email will only become activated if you open/execute the installer containing the virus. If you've received an unexpected attachment and are really tempted to open it, don't. But if you absolutely cannot resist, check the file extension of the attachment. Be cautious about files ending with '.vbs', '.exe', '.bat', or '.com' extensions. Those are file types which could be the installer for the virus. If the attachment ends in one of those extensions, don't open it. If not and you've had your virus detection program scan the attachment and it checks out, you are probably going to be okay.

Back to Table Of Contents

Disabling hard drive sharing in Windows.

Many viruses scan the network (and the Internet) for computers with open hard drive shares. An open hard share is a computer whose hard drive(s) is open for writing to by other machines and is not password protected. When a virus finds an open share, it copies itself to that hard drive, typically doing so by overwriting an existing file on the hard file, so that when the file is run, the virus can be activated on the machine. Often people run with their hard drive shared inadvertently. If you must run a shared hard drive, run it in read-only mode or using a password. To disable hard drive sharing altogether

Windows 95/98/ME
1. Right click on the 'Network Neighborhood' (or 'My Network Places') icon on the desktop.
2. Left click on 'Properties'.
3. Hit 'File and Print Sharing..'.
4. Remove checkmark from
    [  ] I want to be able to give others access to my files.
    [  ] I want to be able to allow others to print to my printer(s).
5. Hit OK. Hit OK.

Windows NT/2000
1. Double click the 'My Computer' icon on the desktop.
2. Right click on 'C:' and select 'Sharing'.
3. Click the drop down box for Share name.
4. If the drive is shared with a name other than "C$:", select 'Do not share this folder'.

Windows XP
1. Double click on 'My Computer' or select 'Start >> My Computer'.
2. Right click drive 'C' .
3. Left click 'Sharing and Security...'.
4. If you see the link "If you understand the risk but still want to share the root of the drive click here", click it.
5. Click on 'Sharing' tab.
6. In the "Network Sharing and Security" section, uncheck
    [  ] Share this folder on the network
7. Hit OK.

Back to Table Of Contents
 

 
This document is copyright Green Apple, Inc, 1995-2007.  Permission is granted for the free distribution of it provided that its contents, including this notice, are not in any way altered. Green Apple disclaims all responsibility of fitness and suitability of this document. User is responsible for any software they download or install. It is incumbent upon User to read and obey copyright and licensing notices of all the software they use.
 

Home / Access / Development / Support / Hosting / Local Links / Computers
 Contact Us / Green Apple News / Jobs / Site Map / Link To Us / Policy

Lancaster-Fairfield County Chamber of Commerce, 2000 Small Business of the Year
www.greenapple.com · tel. (740) 653-9890 · toll free. (866) 653-9890
Copyright © 1995 - 2007, Green Apple, Inc.