How to handle a Virus

Viruses & Virus myths are rampant these days, especially with everyone on email and cruising the web from their workstations. And today, Viruses don't just come from infected floppies, they can come on innocent looking email, or directly thru your browser from an infected website. There are some things you can do however.

Most importantly, get a good Anti-Virus scanner, install it and update it frequently! We at Delta Data stand behind Norton AntiVirus, for several reasons, most importantly is that the current version (2002) auto-updates itself and also scans every folder, program and document you open or look at, including files as they're being downloaded, from whatever source. They also have excellent support, both from the web and when you call in. EVEN IF YOU DON'T USE NORTON, GET SOMETHING AND KEEP IT CURRENT.

Here are some other tips and links to virus related info:

Don't open suspicious email without a good virus scanner in place and updated. Many of the WORM viruses today mail themselves to unsuspecting friends from your address book, so even mail from your long time friends may potentially carry an infected payload - When in doubt, email or call your friend to confirm that they intended to send you the email in question.

Virus myths are not always easy to understand, but generally if the message states that you need to warn everyone you know, it is a myth. The best place on the web to get info on virus myths is Vmyths.com

The other reason we like Norton AntiVirus is the Symantec AntiVirus Research Center (SARC). If you need to find info on what a virus does, how to clean it, and stop it from happening again, all the info is on their site.

Here are some virus terms that can help you to understand the nature of the type of virus you may be dealing with:

Trojan Programs - Trojan viruses are defined as a program that loads into memory and then either destroys your local/network data, or capture information as you type it in (such as logon info and password info.) Symptoms range from accounts being used without your knowledge, to an inability to boot. These files are always executable (files with an exe, or com extension) and generally run in the background. The difference between a trojan and a virus is that trojans do not reproduce.

Viruses - Viruses replicate by themselves and can do just about anything nasty that you can think of. All viruses are Trojans, but not all Trojans are viruses. Viruses attack in a variety of ways; by copying a piece of their code into other files which then does the same thing, overwrite existing files completely, destroying subdirectories, or the entire data structure on your drive, clearing your CMOS (hardware) setup, etc. Viruses can do just about anything, and also do not have to be a standard EXE or COM program, but hide in any kind of file your computer can read. Most viruses have a specific target however and rarely infect other file types.

File Infectors - Infector viruses are nasty little programs that copy themselves into or overwrite other executable files on your local/network drive. These nasty little files will also infect files that handle, view, and scan them, and bad ones can bring the network down by overwriting crucial network operating system files. Symptoms include inability to open files, run files, file size change, content change and file date change. These files are always executable (files with an exe, or com extension) and run in the background. These viruses only attack executable file (files with an exe, or com extension).

Boot-Sector Infectors - Boot-sector viruses attack your system when booting from an infected disk. In most cases, the first thing they do is attempt to infect the boot-sector of your hard-disk. then subsequent disks that are inserted into the floppy drive are infected as you copy files and read data on the disk. While a lot of boot-sector viruses are not horribly damaging, some will damage the FAT (tells your PC where files are stored on the drive) and cause you to lose data, or the ability to boot. Frequent symptoms include GPF's in windows, and other memory related problems. These viruses are not visible as files, and usually require a special removal boot disk.

Macro - Macro viruses are macros that run inside another program such as MS Word or MS Excel. They can be set to do anything, and are usually destructive to the documents that are infected. These macros can be set to search and modify numbers, words, add words, wipe the document out, in other words, just about anything that'll ruin your day...

WORM or VB Script Viruses - The most prolific viruses today, these little script files spread across the web from several different sources, email, email attachments, and thru infected websites. The impact of these viruses show up several ways, the sheer volume of mail generated by a few infected users can bring a networks performance to a standstill, flooding email servers and crashing them, and generally being a nuisance to the users receiving them. these users who are not protected by an antivirus agent of some sort, and starts the process in their company and soon you can see why some companies shut down their Internet connection when a virus like this strikes.

HOAX Viruses - Many viruses being reported these days via email are hoaxes. Some warning create the panic of a virus so intense that everyone follows the instructions in the fictitious email & sends email about it to "everyone you know". (By The Way, this is usually the tip-off that the email is bogus). Be sure to ask your consultant about any virus warnings you receive, before passing the info to your friends, or check it out @ http://www.vmyths.com/

Maintain Your Own PC

Windows keeps getting more stable program than each previous version, but it still requires minor maintenance when the system is responding unusually. This is easily performed by the end user following these steps about once every 2 weeks or whenever you're having trouble in Windows:

- Close all active applications but Don't exit windows!

- open your temp area (this will vary depending on which windows version you're running)

- Press CTRL-A (should tag ALL the files)

- Press Del and send ALL the files to the recycling bin

There may be a dialog asking you to confirm that you want to delete certian types of files:

- regarding system, read-only & EXE (executable) files - go ahead and delete them. (say "yes to all")

- if it says that the deletion will affect a REGISTERED Program - it's OK to delete them!! (Say "yes to all") if the directory is needed again, it will recreated.

- Once this folder is cleared out, Close the temp files window and restart your computer (Start / Shutdown / Restart the computer)

FOLLOW UP FAQ:

- WHAT ARE TEMP FILES AND HOW DO THEY GET LEFT BEHIND?
Temp files get created whenever the application you're working in needs more memory than what you have available. These files are usually cleaned up when the application is done using them, or when it is shut down. However, if a lockup occurs, each application you have to terminate can leave behind any temp files that were in use. If the application happened to be in the process of writing these files, they can be incomplete or damaged.

- WHY DO TEMP FILES CAUSE PROBLEMS?
Windows reads the contents of the active TEMP dir every time it starts up to see if there is anything needing to be recovered from the previous session. If there is anything in there that is damaged or garbled, they can cause unusual problems. The Bottom line is that if there are no windows applications running, there should be no temporary files. 

- WHAT ELSE CAN I DO TO HELP MAINTAIN MY COMPUTER?
As a follow-up, every month or so, run Scandisk (In Win9x, go into Start / Programs / Accessories / System Tools) or Norton Disk Doctor to check your hard drive for errors. 
When that has been completed, Defrag your systems harddisk with disk defragmenter (In Win9x, go into Start / Programs / Accessories / System Tools) or Norton Speedisk.
TIP: Be sure to close all apps and disable your screen saver before starting either of the above programs, run only one at a time, and don't try to use your system while the maintenance programs are running (Any disk access will cause Scandisk and defrag to start over from the beginning). 

Tech Support guidelines

When calling Tech Support, be sure to ALWAYS:

- Get the name of the Individual you're relying on.
- Be in front of the computer you're experiencing difficulty with.
- Listen to the tech, and answer his/her questions as truthfully as possible
- Let the tech know if you are having trouble understanding him/her.
- Try stay focused on the problem you called about.
- Try not to get ahead of the tech who is helping you.

Also:

Do some of your own troubleshooting! If you get crashes or strange behavior, turn off all unnecessary peripherals and see if the problem persists. If it goes away, then the problem is not with the crashing product, but its interaction with something else. This is useful info for tech support. The more work you can do to isolate the problem, the less time it will take to devise a solution. 

Whenever you call a company for support, first ask the tech straight out, "Do you work for the company that makes (this product), or do you work for a support company?" This is the only circumstance under which their employees may admit the truth without risk of termination. Immediately tell your support person your level of expertise and the tests you have done to resolve your problem. This will help the employee get past the stock answers s/he is required to give you and get down to giving you the help you really need. 

Pay close attention to every question suggestion given, looking for a temp or untrained newbie. If you are suspicious, ask them how long s/he has been supporting this particular product. If you determine that you are more knowledgable than the support tech, ask to be transferred to a supervisor. Tell the supervisor that you were treated courteously and competently by the previous tech but that you need more advanced help. Don't give the supervisor any reason to give that worker a black mark, unless, of course, you got a bad egg. 

Ask each tech at each level if s/he is under time constraints or can take the time to help you now. This will let them off the hook if the call is recorded and later reviewed and s/he has to explain why it took 20 minutes instead of the three they are normally allotted. 

Basic Troubleshooting

When your PC starts to act irrationally, there are several things you can do.

- Reboot. Does the problem persist? Try some disk maintenance.
- Still problems? Ask yourself, "What changed Last?", then back out the last change, if possible.
- Read the error message carefully - does any of it make sense? The important things to note are the file or programs names mentioned. If you plan on calling a tech, be sure to either leave the error on the screen or write it down, so you can read it to your support person.
- Problem with a specific peripheral? (printer, modem, video) try going to the manufacturers website and getting an updated driver for that device.

After performing the above detailed steps, if the error(s) still occur, then the problem may be more serious, and should be handled by a pro. Call us!

Understanding Security

Two things are real important to understanding Computer Security. The first is that unconfigured network devices and systems are not to be considered secure, by default or "out-of-the-box". They must be set up by someone who knows what to change in the existing security setup to make it difficult to get past, and the changes must be documented, and that documentation must be stored securely as well.

The second thing people need to know is that any lock, hardware or software, only keeps honest people out. It doesn't stop someone who is determined to get at your data, and it certainly doesn't stop people from trying. (this was brought to my attention by a very good local locksmith)

But once again, there ARE things you can do to protect your data.

- Secure your network hardware behind locked doors, and only allow limited access to the systems.
- Use some sort of firewall, hardware or software, when maintaining an active connection to the internet.
- Share your data sparingly on your LAN, and secure with passwords whenever possible.
- RTFM: Read the furnished manual :) - Meaning; that you need to read and understand how your security devices & applications work to ensure that you're protected, while providing the best throughput for the applications you need to use.

Lastly, a frequent concern people express is that they're afraid of being hacked. Keep in mind that if you're not sharing any drives or folders, and not running any type of server software, you are relatively safe. Meaning that if you haven't configured your computer to share your info, then there is little anyone can do to access your system. However, be aware that certain viruses (Trojans) can attack your system and that some of them will enable sharing and share your drives with no password, allowing anyone access. Please read the segment about viruses to get more familiar with how to protect your system. 

Shortcut Keys

Most people, using their computers today, keep moving their hand back and forth from the keyboard to the mouse to manipulate their programs and data. An incredible amount of time can be saved by knowing a few shortcut keys, generic to windows and most applications, and also by knowing the applications you use and their internal shortcuts.

Common or Global Windows shortcut keys

Windows Shortcut Keys

+ E	Opens Windows Explorer
+ R	Opens the RUN Command
+ F	Opens The Find Files/Folders Dialog
+ M	Minimizes all Minimizable windows
+ Pause/Break	Opens System Properties

Browser Shortcuts