Preventing Virus Problems
Back Up Essential Files!
Keep a log of what you do to learn which applications are most important to you. Although you can restore them from their installation CDs, that does not mean they’d work the way they do now. So if you have re-configured any, you’d need to find out how and where they store that data, in order to back it up.
Make backup copies of files on your hard disk. All hard disk files would be best. Some files may already be backed up (in effect) on original installation disks, but most important are the files you create with your applications. Business records, spreadsheets, manuscripts, and other important files that take tremendous work to produce can be lost in an instant–if no other copy exists. Do not take that risk–make copies of them.
Visit a computer store, and ask about a tape backup system, or a high-capacity drive, such as a CD-R, DVD-R, or other large capacity drive. If a second hard drive is used instead, remember that having both drives in the same PC leaves one exposed to viruses and Trojans that are programmed to destroy data on all drives, and to fire and theft, natural disasters, like floods, hurricanes, tornadoes, earthquakes, and lightning. Off-site storage of at least one backup is highly recommended.
Delete Email File Attachments!
The only 100 percnt safe email file attachment is the one you delete. Clicking on everything, as some users do, is very unsafe, because an emailed virus or worm can send a copy of itself to everyone a user knows, often disguised as something innocent. If you open a file attached to an email, even from someone you know, you are always taking a risk, however small.
Since worms (like KAK) can be concealed in the body of an email, close the preview pane of your email program, because that is what opens the email message (but not attachments) automatically. Also, turn the Windows 98 Scripting Host off:
- Click on Settings, then Control Panel, then Add/Remove Programs
- Then click on the Windows Setup tab, then Accessories and if it is checked
- Uncheck Windows Scripting Host and Click “OK” to save changes — or click CANCEL if it was not checked.
Note: Web pages that use scripts may not load properly with the Windows Scripting Host disabled, or you may be redirected to alternative pages, that don’t use scripts. If you find that inconvenient, you can put the check mark back later (you may need your Windows CD to do that). For Windows 95 and ME, instead of doing the above, locate winscript.exe and rename it, or delete it from the hard disk (after you first copy it to a floppy disk, in case you want to restore it later).
Prepare An Emergency System Boot Disk!
Once you have checked for viruses, create a Windows 95/98 system boot disk, and keep it write-protected, in case you have to remove a Win32 virus.
- Place a floppy disk in A> drive,
- Open “My Computer,”
- Click the (right) mouse to select the A> drive,
- Under “File,” click to select “Format,”
- Click to select “Full Format,”
- Under “Other Options,” check “Copy System Files.”
- Lock (open) the write-protect “window.”
- Label the floppy and put it in a safe place.
Since this disk will not start Windows, it is ideal for dealing with Win32 viruses. (If Windows was started, such a virus could be active in memory, and could not be removed, because infected files would be in use by Windows.)
Block Word Macro Viruses!
Since only Microsoft Word can open (run) macros that might be embedded in an MS-Word DOC file, those who use Word can enhance their safety by viewing DOC files sent to them by others using a free Viewer, available by download from Microsoft’s Web site. Another safety enhancement would be sharing Word files that are saved in Rich Text Format, instead of Word Document format, because files in RTF format do not contain macros, and thus cannot harbor a macro virus. Word 2000 users should also make sure that macro virus protection (under Tools/ Macro/ Security) is set to High.
Word 97 users should make sure that macro virus protection (under Tools, Options, General) is turned on (checked), and consider password-protecting Normal.dot:
- Exit Word97, then delete Normal.Dot
- Start Word, then use Alt-F11 to start the VisualBasic editor
- Press Ctrl-R to open a window in the upper left corner (if necessary)
- Click Normal in that window
- From the Tools menu, select Normal Properties, then Protection
- Check “Lock project for viewing” and enter a password
- Click OK, then press Alt-Q to exit the editor
Remember the password, because while this procedure protects Normal.dot from viruses, you will need the password if you want to modify Normal.dot, to record your own macros, for example.
Protecting LANs (Local Area Networks)
In the business world (and elsewhere), networked computers are at greater risk from viruses than stand-alone computers, because computers connected via a local area network risk exposure to a virus or worm on a computer elsewhere on the LAN, if security is breached.
Proper antivirus security means minimal write-access privileges for users. One infected computer is bad enough, but a thousand can spell disaster. Therefore, only those who need full write-access privilege, such as the Administrator, should be able to access a server with write intent. And they should only be able to do it from their own secure computer, and not from anyone else’s (possibly infected) system.
In addition, there should be no transitive flow path between users: Executable files written on one user’s computer should not be readable on another user’s. Also, any computer that can write to another (especially to a server) requires careful monitoring; don’t use disks from any other PC in such a computer. Finally, users should avoid swapping disks at all costs–if it’s unavoidable, the recipient should scan the disk before use, regardless of its source.
It’s important to remember that even if users precisely follow all the above rules within the LAN environment, each disk or email file attachment coming in from off-site always presents a risk. If allowed at all, disks from home, school, and vendors, and especially “outside” service technicians should be treated with great suspicion, and scanned before use. Email file attachments, especially executable files and documents with potential macros, present a special risk, whether from someone known or unfamiliar to the user.
Virus protection belongs on both servers and workstations, because both can serve as entry points for a virus that can spread over the network. There have been many incidents where major firms have been forced to shut down, despite all kinds of sophisticated and up-to-date anti-virus software, because no scanner can detect every worm/ virus, especially one newer than the software.
User awareness and common sense can contribute much to LAN security. And management can enhance those by providing encouragement and proper training, which can be cheaper than downtime, with computer users being paid, but unable to work.
Other Things To Consider
- Obtain software only from trusted sources.
- Use a safe Web browser and email client.
- Install anti-virus software, and keep it updated.
- Scan all newly-obtained disks, programs, and files.
- Install a firewall program, especially if on cable or DSL.
Article contributed by Henri Delger
Source: This article was reprinted with permission from Computer Virus Help