Internet Security
Viruses
Topics
- What are viruses, worms, and Trojan horses?
- Virus hoaxes
- Authoritative (trustworthy) information about specific viruses
- How to check for and remove viruses
- Where can I obtain antivirus software?
- How are viruses transmitted?
- Should I trust an attachment that was emailed to me by someone I know?
- Did Network Tallahassee send me an email with an attachment?
- Internet Security Main Menu
What are viruses, worms, and Trojan horses?
The following site has extensive information on the distinction between these three closely-related varieties of malware:
What is a virus
Note: For the sake of simplicity, throughout the rest of this document we use the term virus(es) to represent viruses, worms, and Trojan horses.
Virus hoaxes
Virus hoaxes are notices about a supposed virus that doesn't actually exist. When sent through email, these notices are merely another form of annoying chain mail, messages that contain misleading/false information that the originator hopes will propogate to as many people as possible. These notices are typically forwarded repeatedly across the internet through emails sent by friends, family, coworkers, etc. These messages almost always have the following characterisitcs:
- The messages usually have been forwarded multiple times by multiple people. These forwards often include all of the artifacts from previous forwards including numerous email addresses that may be unfamiliar to the final recipients.
- The messages usually indicate that the threat was mentioned on the news (e.g. CNN) or by a well-known ISP (e.g. AOL, etc.) and yet these messages never actually provide a link to verifiable information (web address to an online version of the article at CNN, etc.).
- Some virus hoaxes instruct you to search for a particular obscure file on your computer and if found, delete it. The file referenced is often a file associated with the operating system in some way (rather than an actual virus), so the file is almost always found. Unsuspecting people following the directions in the hoax delete the file, unaware that it wasn't related to a virus at all. The Jdbgmgr.exe hoax is a common example.
- The messages usually contain a sentence or phrase indicating that the virus will cause catastrophic damage such as "...will destroy everything on your computer!" or "...is the worst virus yet!"
- The messages usually end with a statement similar to "Forward this to everyone you know..." which is usually a dead giveaway that this message is just another form of chain mail.
Authoritative information about viruses can be found on the websites associated with antivirus software manufacturers such as McAfee and Symantec.
Details about several virus hoaxes (including the actual messages for reference) can be found here:
Authoritative (trustworthy) information about specific viruses
Authoritative information about viruses can be found on the websites associated with antivirus software manufacturers. These are links to information from some of the common antivirus software manufacturers. Also, see the section above about virus hoaxes.
How to check for and remove viruses
If you already have antivirus software installed on your computer:
Always make sure that it is up-to-date; don't let it expire. New viruses (and variants of other recent ones) are created every day. Antivirus software uses data files (often called virus definition files) that are updated and released by the software manufacturer very frequently (typically from every few hours to every couple of days) to keep current with new viruses. It's imperative that you allow these updates to be installed. Most modern antivirus software solutions can do this automatically without intervention from the user. If your software supports this, don't interfere with it.
If your existing antivirus software is properly configured, is up-to-date, and is always running in the background, you probably don't need to worry about anything. You can always scan your computer at anytime by opening the software and allowing it to scan your system.
If you do not have current, properly functioning antivirus software:
Some antivirus software manufacturers have online virus scanners that you can use across the internet. These are very convenient short-term solutions, but are not designed as a long-term, real-time solution. Some of these online scanners are listed below:
- Panda Security ActiveScan (detect/removal)
- McAfee FreeScan (detect only)
Where can I obtain antivirus software?
Rather than list the numerous antivirus software manufacturer's here, we suggest you look up reviews on the software. When examining the reviews, keep an eye on the date of the review and remember that antivirus software is updated frequently. Here are a couple of references:
How are viruses transmitted?
Viruses can be transmitted from one computer to another by several means. Several years ago, the most common method of transmission was on a 5.25 or 3.5 inch floppy disk (or later, a CDROM) with files placed there by an infected computer. Some viruses were also associated with infected files that were hosted on BBSes (bulletin board systems) and other proprietary online services that users dialed into. Those infected files were uploaded by infected computers. As the general public became aware of and flocked to the internet in the mid-1990s, these viruses found their way to FTP (file transfer protocol) servers and web servers that served files for others to download. One of the most common ways to transmit viruses in recent times is via email as attachments that often appear to be coming from people the recipients know and may be more inclined to "trust."
Should I trust an attachment that was emailed to me by someone I know?
If you have to ask this question, then the general rule of thumb is no.
Email messages that contain viruses in their attachments are almost never sent by the apparent sender (the name and/or email address you see in the email message's From header). For information on how this is happens, see our spam control information.
If the apparent sender can speak and write with better grammar than what you see in the message, DON'T TRUST IT! English is not the first language of many virus creators, and as a result, many of the messages that accompany viruses clearly display bad grammar/syntax/spelling.
If you actually know the apparent sender of the message, but are not expecting any attachments from them, simply ask the sender if they really sent the attachments (WITHOUT forwarding the message to them or replying to the original message).
Many more recent viruses are sent via email as a ".zip" attachment--a type of compressed file. Viruses that are sent this way frequently reference a password in the email message which is displayed as either plain text or possibly a small image to thwart mail filters. Unless you are expecting a specific person or organization to send you a legitimate email with a password-protected zip-file, NEVER trust emails providing a password and an attached file.
Some email messages may not contain viruses as an attachment, but may try to get you to click on a web address link in the message that brings you to a malicious website that may be able to infect your computer through a web browser that has not had all of its (free) security patches installed.
Did Network Tallahassee send me an email with an attachment?
Network Tallahassee will sometimes send specific people an email that may contain a legitimate attachment, usually while on the phone with the customer or in response to an email from a customer. In most cases, the attachment will be a plain text file (something.txt) or sometimes, if the file is large (or contains a file type that spam filtering software may normally be inclined to filter out), we will send a NON-PASSWORD-PROTECTED zip file (something.zip). The actual email message would contain information about the file(s) being attached and will come from one of our staff.
If the message is signed Nettally.com Team, IT WAS NOT SENT BY US. In most cases, when viruses are sent with this tactic, the domain name before the word "Team" matches the domain name portion of the recipient's email address. Example: if the recipient's email address is "jdoe123@example.com", the signature of the message is "Example.com Team" to make it appear as if the message came from the recipient's email provider. Network Tallahassee never signs any legitimate message using any of our domain names (e.g. nettally.com, gnt.net, talstar.com, etc.) followed by "Team" in the signature. Our company name is "Network Tallahassee"--not nettally.com, etc.
See the following section (above) for other tips: Should I trust an attachment that was emailed to me by someone I know?