Latest Information on Virus Threats
NAI Security Advisories
The most common forms of electronic infection are:
- Viruses - A virus is a small piece of software that piggybacks on real programs. A virus can attach itself to a program like a text editor program (like MS Word). Each time the program runs, the virus runs as well, gaining the opportunity to reproduce (by attaching to other applications like Excel or Outlook) and then wreak havoc.
- An 'email virus' travels within email messages, and replicates itself by automatically self-mailing to dozens of people in the YOUR email address book.
- A 'worm' is a small piece of software that uses computer networks and security holes to replicate itself. The worm scans the network for another machine that has a specific security hole. It copies itself to the new machine using the security hole, and replicates from there. The beginning of the Fall 2003 semester demonstrated the power of the worm as many students on campus with infected computers could testify.
- A 'Trojan horse' is an average computer program. It claims to do one thing (e.g. - it claims to be a game, or a calendar, or a weather monitor) but instead does damage when you run it (e.g. - it erases your hard disk, or more likely, runs spy-ware). Trojan horses have no way to replicate automatically.
To avoid viruses:
- Use a Virus Protection program (like Norton, AVG, Panda or McAfee).
- Set it to scan all incoming email and do regular system scans when your machine will be idle.
- Update your virus definitions regularly - even if your program does it automatically on a schedule.
- Do not open email attachments from people whom you don't know.
- Be careful what you download and where you download it from.
- Viruses sometimes come on CDs or other media. If you are not absolutely certain of the source, scan them with your virus program first!
- A little paranoia each day will help keep the virus at bay.
How to tell if you have a virus:
Here are some common symptoms that could indicate your system's been infected:
- Unusual messages or displays on your monitor
- Unusual sounds or music played at random times
- Your system has less available memory than it should
- A disk or volume name has been changed
- Programs or files are suddenly missing
- Unknown programs or files have been created
- Some of your files become corrupted or suddenly don't work properly
There are several programs (called virus protection software, anti-virus software, or virus checks) that will check your system for known viruses, scan incoming files, and warn you before any infected files are let in. An important fact about these programs is that they are only as good as their database of known viruses. Since new and different viruses are being introduced all the time, anti-virus databases need to be updated often.
ICSA certifies virus protection software and maintains a list of approved software. This is a good site to check regularly, as the organization monitors the progress of computer viruses and offers a wealth of virus information.
If you have a system that is not currently running virus protection software, the first thing you should do is install one of these programs and have it scan your hard drive. It will identify any files that have been infected by any virus it recognizes and offer you the option to repair the file if it can. In some cases infected files can be "cleaned" by your virus protection software; in others, the files will have to be discarded.
Once you have determined that all the files in your system are virus-free, this would be a good time to do a complete backup of your system. If you get infected in the future, you will really appreciate having clean copies of your files.
Another method you can use to detect viruses is to monitor the byte size of the programs installed on your hard drive, particularly .exe and .com files. If you notice any unexplained change in file sizes, this is a good indication that your system has become infected. This can be a difficult and tedious method of checking your system, however, and installing antivirus software is a better alternative.