Virus Protection

May 21, 2002

You may be asking yourself:

What is a computer virus or worm?
Why is it called a virus?
How does a computer virus spread?
What sort of damage does a virus inflict on my computer?
How do I protect myself?
What do I do if my computer is infected?
What is a virus hoax?

The answers to these questions are quite simple:

What is a computer virus or worm?

A computer virus or worm is a program written by a malicious computer programmer/user who is out to harm the reputation of Microsoft or other large software companies and/or takes pleasure in knowing he/she will inflict damage to computers owned/used by many computer users.

You cannot simply aquire a computer virus. The virus program is in most cases passed by email. You think it is from someone you know and trust so you open the email attachment(s) and voila... you are infected.

Why is it called a virus?

Calling these programs viruses is simply a convenient term to use because they somewhat mimmick the actions of a virus in the human body by "spreading" quickly and doing damage, sometimes terminal.

How do viruses spread?

Most of them will look into your email address box and send themselves to everyone you have listed in there. You won't even know that emails were sent out to everyone. The people who receive your unknowing email will likely open it if they don't know anything about viruses and they too will aquire the virus and it will send itself to everyone in their email address book as well. And so on and so on. So you can see that a virus program can spread very quickly even if only a few unsuspecting users open the email that your computer sent out as many more will become innocently infected.

There are some new viruses out there now that will spread themselves by directly attaching themselves to a Microsoft Word document file and a JPEG picture format file. However these are quite rare and I have not seen one myself.

In the old days a virus was much more benign in how they spread. In general an infected computer would write the virus code onto any floppy disk that was inserted in it's disk drive. When someone else used that same floppy disk in their computer the virus code located in the boot sector of the infected floppy disk would copy itself to the new computer's memory and spread itself to any subsequently inserted floppy disks. These types of viruses spread much more slowly.

What sort of damage does a virus inflict on my computer?

Viruses and worms vary in their degree of nastiness. Some just spread themselves to everyone in your address book and that is their main purpose to see how many computers it can "infect".

Others may even erase critical information from directory sectors on your harddrive, rendering your computer useless. You won't even be able to boot into Windows. These are the worst.

Most viruses are a combination. They spread very rapidly through your address book list and they start to infect various files on your harddrive. Some choose to infect critical windows files, others any executable files (software programs).

The final outcome is that your computer may start to slowly function erratically getting worse by the day. Usually some programs you use daily may be affected and not load at all or function incorrectly. You will become slowly more frustrated with the lack of correct function-ability of your computer.

Other types of viruses can ruin your precious data such as Word documents, pictures, music, databases, etc.

Every virus or worm has a specific target.

How do I protect myself?

The best way to protect yourself is to run an anti-virus program in the background which silently checks incoming emails and does a complete system file check usually daily and can be setup to do so automatically at a certain time of day when you're not using your computer.

If you don't want to run any anti-virus software then the only way to try to avoid a virus infection is to never open any file attachments, even from those you know because you never know what you'll get! Basically, when it comes to email file attachments.... get paranoid!

There are many anti-virus program packages available out there. The choice is up to you.

The one I use is called AVG from www.grisoft.com and I use it for three reasons:

It is FREE. Yes, it doesn't cost a penny!
It works very well, better than others I've tried.
It doesn't slow down your computer very much compared to similar packages.

If you want to try it, go to their website, enter you name, email address and download it, install it to your computer.

You will need to make sure you have the Outlook Express or Outlook plugin installed if you are using either of those email clients. Right-click your mouse on the AVG symbol next to the clock on the taskbar (after installing AVG). Choose "RUN AVG Control Center". Then go to the "email scanner" folder and make sure there is a checkmark in the box next to "Use Outlook Express 5 plugin". It works just fine with newer versions as well. Once enabled anytime you open an email attachment AVG will scan it instantly and if a virus/worm is detected in the attachment a warning will pop-up denying you access to the attachment and it tells you which particular virus the attachment is infected with.

Lately the "klez.h" worm is spreading like wild-fire. I get so many emails of that particular virus from people that I decided to write this anti-virus how-to webpage!

What do I do if my computer is infected?

Try to download or install an anti-virus program and do a full system scan on your computer. Chances are that you may be able to fix many infected files on your computer but those that can't be repaired will be damaged permanently and windows may cease to function.

But before you can correct the problem you need to run some sort of anti-virus software to find out which virus has infected your system. There are also a few DOS programs called "cleaners" available from most anti-virus software makers for free to rid your system of particular viruses. These are a little harder to use because you can't be in windows to use them. If you've never used them before, most providers of these cleaners will have good instructions on their usage.

What is a virus hoax?

A hoax usually looks like this:

"Sorry guys, but please do this right away. We just deleted it in our
c drive. Follow the instructions below. We just found out this morning that we received a virus from someone that has our name in their e-mail address book. As a result, our address book on which we have your email address has also been infected by a virus (called jdbgmgr.exe). and also W32.Klez.H@mm.
This virus is not detected by Norton or McAfee antivirus systems. The virus stays quiet for 14 days before damaging the system. It is sent automatically by the Messenger and by the address book, whether or
not we have sent e-mails recently to you. I have found and deleted it. Now it's your turn.
1. Go to Start, Find or Search option
2. In the files/folder option, write the name jdbgmgr.exe
3. Be sure you search in your C: drive
4. Click "find now"
5. The virus has a little bear icon with the name jdbgmgr.exe DO NOT OPEN IT
6. Right click and delete it (it will then go the Recycle Bin)
7. Go to the Recycle Bin and delete it there as well, or empty the bin

IF YOU FIND THE VIRUS YOU MUST CONTACT ALL THE PEOPLE IN YOUR ADDRESS BOOK SO THEY CAN ERADICATE IT IN THEIR OWN ADDRESS BOOKS

And as for the virus W32.Klez.H@mm we just recieved it and norton antivirus did detect it but unfortunately, they cannot repair it so your only option if you have this program is to quarentine it or to delete it.

Good luck and I hope you don't have the virus."

Many unsuspecting computer users follow the instructions because it usually comes from someone they know and trust and the name of the virus in this case w32.klez.h is somewhat legitimate.

You should be suspicious for the following reasons:

It says Norton Antivirus did detect it and cannot repair it.
That you should send the message to everyone in your Address Books!
Erase the suspect file from your computer.

First of all - never trust any message that tells you not to follow your anti-virus software's instructions. If Norton Antivirus finds a virus then it is a virus, if not, it is not a virus. In this case, jdbgmgr.exe is a legitimate windows program files and is not infected as the email will have you believe!

Anything that says you should send it to everyone in your address books is a hoax. This is exactly what a virus does and they want you to do the same thing.

Never erase any files off your computer unless your anti-virus software instructs you to do so.

DO NOT trust anyone or anything except your anti-virus software. Again 100% trust is not recommended as anti-virus software is also not perfect but in most cases it is correct.

Always update your anti-virus software on a regular basis, usually every week or two weeks. If you don't and a new virus comes out your anti-virus software may not protect you. I've seen this happen!

I hope that I have answered some of your questions and if not perhaps just clarified a few points for you.

Now you'll know what to do. I'm not an expert but have been a victim of a virus at one time. Basically, if you don't run anti-virus software you will become infected one day... it's only a matter of time.

Go to www.grisoft.com and get protection.

Happy Computing!

->Peter