Lions Clubs International - MD 105 an Explanation of Computer Viruses

You cannot get away from viruses on the Internet. Depending on the virus, the effect can range from amusing to devastating. When it comes to dealing with the hazards posed by viruses, prevention is much easier than a cure. The following advice should safeguard your computer.

1. Be very cautious of unexpected or unsolicited email attachments

Email is probably the most common way viruses are spread. A basic plain text email client (program) is unable to transmit most viruses. It is the attachment to the email that contains poses the greatest danger. If the attachment is unexpected or unsolicited and from an unknown sender, the wisest course of action would be to delete the email immediately, without opening it. If the email is from a known and trusted source, but you did not expect an attachment from that source, you may want to contact the sender and confirm that it is legitimate.

2. Use a good anti-virus (AV) program to regularly scan your hard disk drive

Even when you are careful, you may still be infected by a virus. An anti-virus program can be set up to regularly check your computer or your incoming email attachments for viruses. This kind of program should even be able to constantly run in the background as you go about your work. Because viruses are being constantly created or changed, it is important to use a program that provides regular updates.

3. Use an anti-virus program to scan 'all' incoming email attachments and all files or programs that came from someone else's computer

The other person may not be a clued up as you are, and may not be taking precaution against viruses. By scanning all incoming files and programs, you may uncover a virus that the other person may not know about or have overlooked.

4. Update your anti-virus definitions regularly

New and more problematic viruses are being constantly released on the Internet. It is vital to update your anti-virus software so that it contains the latest virus definitions.

5. Back up your data on a regular basis

A virus may corrupt or destroy data on one or more files. Regular backups will allow you to recover more easily in the event that a virus damages your files.

6. Avoid forwarding email attachments unless you first scan the attachment for viruses

If you have an anti-virus program that scans all incoming email attachments, or if you scan the attachment after it arrives, then it is probably safe to forward the attachment. Otherwise, do not forward the attachment.

7. Look for an unexpected file extension on any attachment

If the subject line or the body of an email states that the attachment is a certain type of file or if the file icon implies a certain type of file and the file extension does not match, delete the file. If you trust the sender, contact that person to determine what you were supposed to have received.

8. Are some files safe?

No file type should be considered safe. There was a time when data files (txt, mp3, gif etc) were considered to be unable to contain a virus. There should be no reliance on the file extension in identifying the document type - documents are identified by their 'signature' which is stored internally within the document. A document type .txt can contain an element of binary information within it.

A steganographic utility has been developed which allows for a user to embed a file within another file - e.g. a Word Document could be inserted into an image file, without corrupting the contents of the image file.

Analyses of recently blocked spam emails designed to drop copies of the W32/Sadhound Trojan have revealed a new 'feature' of Outlook Express that can be used to fool a user into believing that an attachment is harmless when in fact it is a dropper executable. Once clicked on, a backdoor Trojan is installed and the PC is then effectively exposed to remote control by a attacker. A very precisely constructed attachment file name, of the form "readme.txt.exe.txt", will have the following properties under Outlook Express. The first extension will be visible to the user e.g. "readme.txt". In this example, the "txt " is padded with a large number of trailing spaces. The third extension will determine the icon displayed by Outlook Express. Unfortunately, the second (".exe") will not be readily apparent to the user, but, if crafted with precision, will be used to decide how the file is opened/launched. Any combination of benign-suspect-benign extension triplets can be used.

9. Write protect floppy disks that will be used in a read only mode

If you are sharing data that resides on disks or other portable storage media, use the write-protect tab to prevent an accidental contamination by a virus.

And for Heaven Sake...!

Don't help the spread of virus hoaxes.

A virus hoax is a report of a fictional virus. These are often sent out as emails requesting that you forward them on to as many people as possible to stop the spread of the fictional virus. These virus hoaxes create lots of unwanted email messages for the people who receive them and also may serve spread rumors about companies products and services.

Don't delete any files from your computer on the advice of an email without checking the legitamacy of the warning first - YOU HAVE BEEN WARNED!!!

Help stop the spread of virus hoaxes by checking the legitimacy of the emails before passing them on. Passing on these hoaxes only helps to spread incorrect information.

Where can you find a list of virus hoaxes and more information about hoaxes? Symantec maintains a list of virus hoaxes on their website. Information about these hoaxes is also contained there. Please use it as a reference before passing on emails about viruses.

It can be found at: http://www.symantec.com/avcenter/vinfodb.html