EOHSI Home


ENS Home

Computing @ EOHSI

Online Workorder

Multimedia

ENS Staff

 
ENS Logo


Virus Information 

If you think you may have a virus contact ENS immediately. As a rule do not open ANY file attachments that come from someone you do not know. If you receive a file attachment from someone you know and it is not expected, call and ask them if they sent it to you. Many viruses can send themselves out from an infected machine using the email address book.

To update McAfee Virus Scan

If you have a version of McAfee lower than version 4.5.1 contact ENS to be upgraded. To check your version of McAfee, select Help, About from the menu bar. If you are using the current version of McAfee your system automatically updates its DAT files from McAfee once a week. When a particularly dangerous virus comes out McAfee may update the dat files more frequently. You can update your system at any time as follows:
  • Make sure you are connected to he internet
  • Go to Start, Programs Files, VirusScan, VirusScan Console
    • or Double click on the magnify glass on lower right hand side of the desktop
  • Double click on Auto Update
  • Click on Update Now in the lower right

To run McAfee Virus Scan

  • Go to Start, Program Files, VirusScan, VirusScan
  • Select All Files
  • Click on Scan Now
or
  • Double click on the magnify glass on lower right hand side of the desktop
  • Double click on Scan Drive C
  • Under Configure choose All Files and click OK
  • Click on Run Now

If you have any problems please fill out an Online Workorder.


Safe Computing Tips

"An ounce of prevention is worth a pound of cure" The first thing to know about a computer virus is that you do not want one. These are a few virus prevention habits that any computer user should practice:

  1. Do not open any files attached to an email from an unknown, suspicious or untrustworthy source.
  2. Do not open any files attached to an email unless you know what it is, even if it appears to come from a someone you know. Some viruses can replicate themselves and spread through email. Better be safe than sorry and confirm that they really sent it.
  3. Do not open any files attached to an email if the subject line is questionable or unexpected. If the need to do so is there always save the file to your hard drive and scan it before opening.
  4. Delete chain emails and junk email. Do not forward or reply to any to them. These types of email are considered spam, which is unsolicited, intrusive mail that clogs up the network.
  5. Only copy files from the original distribution disks.  Don't use illegal software! If the software has been obtained illegally, how can you assume that it doesn't contain a virus.
  6. Back up your files on a regular basis. If a virus destroys your files, at least you can replace them with your back-up copy. You should store your backup copy in a separate location from your work files, one that is preferably not on your computer. Always keep at least one set of back-up copies of all original disks. (This won't prevent a virus infection, but it will help in the recovery process if an infection occurs.)
  7. Do not loan out program disks. They may be infected when they are returned. If you must loan a disk, always check it for viruses or format it before using the disk on your computer system.
  8. Exercise caution when downloading files from the Internet. Ensure that the source is a legitimate and reputable one. Verify that an anti-virus program checks the files on the download site. If you're uncertain, don't download the file at all or download the file to a floppy and test it with your own anti-virus software.
  9. Update your anti-virus software regularly. Over 500 viruses are discovered each month, so you'll want to be protected. These updates should be at the least the products virus signature files. You may also need to update the product's scanning engine as well.
  10. When in doubt, always err on the side of caution and do not open, download, or execute any files or email attachments. Not executing is the more important of these caveats. If you are in doubt about any potential virus related situation you find yourself in contact ENS x5-4159.

 

Symptoms  of a virus

Preventive measures, obviously, does not guarantee that a computer user will not get a virus. So how do you know you have a virus? Here are a few tips:

  • Observe whether your computer system is slower than usual
  • Watch for files that disappear.
  • Watch whether the loading of programs takes longer than usual.
  • Keep a lookout for decreases in the main memory or reduction of disk space.
  • Watch for unusually large sizes on program files.
  • Watch for recent creation dates on old program files.
  • Watch for unusual displays on the computer screen.

(http://jaring.nmhu.edu/notes\security.htm#VIRUS April 28, 00)

Top Ten Questions

1. What is a Computer Virus?
A computer virus is a small computer program that makes copies of itself on computer disks. Viruses may (directly or indirectly) (infect) (copy to and spread from), executable program files, or programs in disk sectors, and even some non-executable files which use macros. This parasitic nature that virus programs have is neither an accident, nor a computer glitch. In fact, all viruses are  created by people who know how to write computer programs.

     2. Why are they called Viruses?
     Experimental self-replicating programs were first produced in the 1960s, confirming theories  dating back to 1949. The term virus is more recent, and was first used in 1984 by Professor Fred  Cohen to describe self-replicating programs. The earliest PC viruses came a bit later, in 1986-7.  The name is appropriate, because like a biological virus, a computer virus is small, makes copies of itself, and cannot exist without a host. (It's also a catchier name than Parasitic Self-Replicating Program.)

     3. Are all Viruses harmful?
     All computer viruses at least take up disk space, and many of them are able to remain in the computer's memory, so as to take control over some computer functions. In addition, some viruses are poorly written, and may cause the computer to halt, or damage files. Many viruses  make the computer's memory unstable, or cause programs to run improperly. Then there are viruses created in recent years that have been deliberately designed to destroy data on the disk.

     4. What About Destructive Viruses?
     The most feared viruses are those that deliberately damage or delete files, or even destroy  all data on a disk. The vandals who produce these are concerned only about themselves, not  innocent people who will be harmed. These vandals hope to impress their friends, and sometimes compete with them. Some join groups that create new viruses every day.

     5. Who writes Viruses - and why?
     Viruses can be written by anyone, anywhere in the world, who has enough programming  skill. A few have been developed by researchers for demonstration purposes, and some  others are jokes, written by pranksters. Other viruses are written by people learning  programming, who think writing a virus is accomplishing something. In many cases, these viruses get passed around, and later are altered by other people.

     6. What are Virus symptoms?
     It's true that some viruses cause strange things to happen. These can include: slower  operation, decreased memory, or a disk drive LED lighting up for no apparent reason.  However, legitimate software can also cause these effects. And while some viruses are very obvious, displaying messages, or even playing musical tunes, many give no sign of their presence. So it's important not to assume your computer is infected, just because strange things happen.

7. How are Viruses spread?
     While the risk is relatively small, it is growing daily. Viruses circulate from one computer to another, often via diskettes. If you're lucky, you'll never encounter a virus, but one could  be concealed in the next file you download, or on the next diskette you receive. Diskettes  borrowed from friends, school, or work are common sources, even shrink-wrapped diskettes  purchased at stores, or through mail-order. Downloaded programs can be infected, and  viruses can travel among networked PCs.

     8. Should you get anti-virus software?
     If you're concerned about the virus threat, the time to obtain anti-virus software is before  you get a virus. It's much better to prevent a virus infection than to have to deal with one. If your system is virus-free, anti-virus software can help keep it that way, providing you keep the program updated, and check all newly-obtained software and disks before using them the  first time.

     9. How can you protect your data?
     Viruses are a threat, but data loss can also occur from other factors. If you have files you  can't afford to lose, make sure you have more than one copy of  them. The best way to do that  is to copy hard disk files to disk/tape, with a reliable backup utility program. You should create  an Emergency Boot Disk, and keep it with your backup disks/tapes in a safe place, with  write-protect tabs secured.

     10. How can I create an Emergency Boot Disk?
     To make an emergency bootable floppy disk, if using DOS, run the  FORMAT A: /S command with a disk in A> drive which is the proper density for the drive. If using Windows or Win95, use the option to make a System Disk in File Manager or Explorer,  as appropriate. I'd suggest you also COPY these commands to it, from C:\DOS or the Win95  system directory: ATTRIB, CHKDSK (or SCANDISK if you have it), FDISK, FORMAT,  SYS, and BACKUP and RESTORE (or whatever backup program you use, if it will fit).  They may come in handy if you can't access the hard disk, or it won't boot up.
 

(http://pages.prodigy.net/henri_delger/topten.htm April 28, 00)

Three Culprits

Viruses, e-mail, and the Internet

     What about e-mail and viruses?
     Should you worry about reading your e-mail? Not ordinarily, because reading a simple  e-mail message (in ASCII plain text format) won't spread a virus to your computer.  Although some hoaxes claim otherwise, viruses don't spread from such ordinary plain text  messages, because viruses cannot infect plain text files.      The true risk is from opening files attached to the e-mail message, especially executable  files, because those could spread a virus. In addition, other types of file attachments can pose  a risk, such as MS-Word documents, Excel spreadsheets, and similar files used by applications  that use macros, because these files can be infected with a macro virus.      While the risk may be small, it is not zero, so all attached files should be scanned before  being used or opened. If there's any doubt (especially if the file was sent by a stranger),  deleting unsolicited messages with suspicious attached files would be the safest thing to do.  Don't expose your data to unnecessary risk by opening a file an unknown person has sent you.

     Special Notes:

     ccMAIL:
     If an e-mail program (such as Lotus ccMAIL) is configured to run MS-Word  automatically to read (open) attached MS-Word documents, that could infect MS-Word with  a macro virus. The risk is smaller, but also applies to MS-Excel spreadsheets. Disable that feature,  and check suspicious files before opening them.

     Communicator and Outlook:
     Some versions of Netscape's Communicator and Microsoft's Outlook have a security  loophole that makes it possible for someone to use a deliberately contrived MIME name tag  in the e-mail message for the attached file. When read by the e-mail program, the name tag  could be followed by instructions designed to crash the e-mail program, take control of the PC,  and instantly perform ANY task (including, but not limited to, running the attached file). Further information can be found in a FAQ at C.I.A.C. and at the Microsoft and Netscape Web sites.

     Can you infect your computer while Surfing the 'Net?
     Merely being connected over a telephone line canNOT transfer viruses, so you can't infect  your computer simply by being on the Internet. Files that you download from Web sites can't  spread a virus to a PC during the downloading process. However, since a downloaded file could be infected, be sure to scan for viruses after downloading files, before using them. Be especially wary about  downloading files from Internet Newsgroups, where anyone can upload anything, including viruses  and Trojan horses. Finally, keep a backup of your hard disk's files; that's always a prudent thing to do.

(http://pages.prodigy.net/henri_delger/hoaxes.htm April 28,00)  


"The Love Letter Virus"

The "Love Letter Virus" is a new email worm that was first reported in Hong Kong and spread gradually west Thursday morning. It is currently infecting many computers at RU and UMD in addition to government and bussiness computers. It is a Visual Basic Script virus being spread through email and it results in the destruction of certain files by overwriting them with its own code. The virus uses Microsoft Outlook (if installed) to propagate itself, by remailing itself from the infected machine to each entry within the address book. Since we are using Netscape Mail (not Outlook) we will not be spreading the virus, although we are still susceptible to it. The virus first copies itself to two critical system directories and adds triggers in the Windows registry. This ensures that it's running every time the computer reboots. The virus then starts affecting data files. Files associated with Web development, including ".js" and ".css" files and multimedia files, JPEGs and MP3s, will be overwritten by a VisualBasic file with a similar name.

Since the virus code is easily found and manipulated copycat viruses are predicted. Already three have been identified. The first has "FW: JOKE" in the subject line and contains an attachment called "Very Funny.vbs." Another variant appeared with the subject line "Susitikim shi vakara kavas puodukui...," which is Lithuanian for "Let's meet this evening for coffee....". The third has "Mothers Day Order Confirmation" in the subject and the body states: "We have proceeded to charge your credit card for the amount of $326.92 for the mothers day diamond special. We have attached a detailed invoice to this email. Please print out the attachment and keep it in a safe place. Thanks Again and Have a Happy Mothers Day!". If you receive an email with any of these, or "I Love You" in the subject do not open it and do not execute the attachment. Simply delete the message. If you think that your computer is infected please call ENS (x4159) asap. For more info on the "Love Letter Virus" check out the following websites:
http://www.datafellows.fi/v-descs/love.htm
http://www.cnn.com/2000/TECH/computing/05/04/iloveyou.02/index.html


 

Common Footer
Visit UMDNJ.edu Visit UMDNJ.edu Visit Rutgers.edu

Environmental and Occupational Health Sciences Institute, 170 Frelinghuysen Road, Piscataway, NJ 08854
Phone: 732-445-0200 For additional information contact webmaster@eohsi.rutgers.edu

Updated on Tuesday, January 19, 2010