How to get the latest fixes

Use this to obtain the latest "fixes" for newly discovered viruses.

Norton Hoax Check

<-- Click here to check on HOAXES

How to scan a file

How to check an individual file or an e-mail attachment for a virus.

Scheduling

How to check/schedule scans on your desktop and LiveUpdates.

AntiVirus Logs

How to see when the last scan was run on your system.

AutoProtect

This is the process which always runs in the "background" on your PC to scan incoming files for viruses.

Virus Notification

What happens if a virus is detected on your PC?

Laptop and other remote PCs

How do you protect PC's that are not connected to our LAN?

Virus Prevention Tips

How can you avoid viruses?

How to get the latest AntiVirus fixes on your desktop.

Open Norton Antivirus. The Virus Definitions date is displayed under the Virus Definition File section.

Follow the instructions below to update your Virus Definitions.

Note: One of the most common problems when running this update is insufficient space on the C:\ drive. If you get errors when attempting to run your update, please use NT Explorer to determine how much space is available on C:\. You need more than 10 meg free. If you have loaded programs or special files (such as bitmap images, .wav files, etc.) on C:\ you may need to delete them. However, if you are not sure what can be deleted, please call the OIS Help Desk at 342-4730. Please do NOT delete any NT system files, since deleting the wrong files can cause your system to fail.

1. Close Norton AntiVirus and ALL running applications.
2. Click on "DOA Norton AntiVirus Update" (below) to obtain the latest fixes:

   Get the latest update

3. Select "Run this program from its current location".
4. If you get a Security Warning screen, select YES.
5. The SARC Intelligent Updater pop-up will appear. It asks if you want to update your virus definition files. Click Yes to continue. Wait for the update to read the application settings and search for all components.
6. Click YES if asked if you want to update your virus protection.
7. Click YES if asked to search for additional Symantec products.
8. Click OK when finished.
9. Open Norton Antivirus. Verify the Virus Definitions date under the Virus Definitions file section. The date should be greater than or equal to the date you originally had.
10. If there has been a recent virus "scare", that would be a good time to kick off a scan of your workstation. To do so, click on Scan, Scan Computer. Select the c:\ and d:\ drives. NOTE: Although the Scan can run while you do other work on your PC, the process may take 30 minutes or more, and it may degrade the performance of your PC slightly while it is running.

How to scan a file

To scan an e-mail attachment:

1. Inside the e-mail, click on the attachment and then click with your right mouse button to bring up a menu.
2. Click on "Save As" to save the document to a folder on your hard drive. You may want to create a special folder just for testing purposes, or you may want to store the attachment where you can refer to it later (like in your d:\my documents\word folder). Just make sure you notice which folder the file is being saved to.
3. Double-click on your WINDOWS EXPLORER icon and locate the folder and file.
4. Use your right mouse button to click on the file. You'll see an item in the menu called SCAN WITH NORTON ANTIVIRUS. Select that. That's it! Now you can either delete the file from your hard drive, or you already have it saved for future use!

To scan a file on a diskette or on your hard drive:

1. Open Norton Antivirus icon on your desktop.
2. Click on SCAN, SCAN A FLOPPY DISK. Expand the a:\ and highlight the file. Click on Scan. Norton will scan the file and report its findings. If all is well, click on CLOSE. If a virus is detected, call the OIS Help Desk (342-4730).

Note that in the above instructions, there are two ways to scan a file once it has been saved to a diskette or to your hard drive. You can either scan it via WINDOWS EXPLORER or via the NORTON ANTIVIRUS program. Pick the way that works best for you!

Scheduled Scans

A daily system scan should be scheduled on every workstation. To check your schedule, open Norton Antivirus. Then, click on View, Scheduled Scans. Select Close to exit. The "DAILY SYSTEM SCAN" checks every file on your PC for a virus. When your PC is set up by PC/LAN, it is set to check your c:\ and d:\ drives for viruses. The recommended scan is DAILY during non-work hours. If you want to setup a one-time job, select Scheduled Scans in the Norton Antivirus Corporate Edition hierarchy and choose "SCAN" , then "SCAN COMPUTER". Remember that scans will NOT work if you have run a shutdown and/or powered off your machine. Therefore, be sure to run your scans at a time when your PC will be operational.

Live Updates are scheduled during the off hours everyday. In addition, upon logging onto the network, your virus definition files are checked and updated if necessary. Be sure to logoff of the network every afternoon so that your machine will be checked for updates.

Note: If you want to "force" a LiveUpdate, you can do so at any time by clicking on the LiveUpdate button on the main Norton Anti-Virus screen.

AntiVirus Logs

Click on Histories, Scan Histories to display the history of scans that have occurred on your PC.

File System Realtime Protection

File System Realtime Protection works in the background to check program files whenever they are used on your PC. It uses the latest definition files which were obtained via the steps above or via the LiveUpdate. This process is set "on" by default and should always be left running. To tell if it is running, look in the bottom, right-most corner of your Windows 2000 screen for the golden shield. If you right-click that icon, it should display "Enable File System Realtime Protection."

Virus Notification

Virus notification is the process that Norton uses to let you know that a virus has been detected on your PC. The defaults set for you by PC/LAN are to display an Alert message and to sound an audible alert. If you are alerted to a virus on your PC, you should stop using your PC and call the OIS Help Desk at 342-4370 immediately. Further use of your PC could cause the virus to replicate on your PC or over the network. That could be bad! Please note that if you have turned off the pop-up message function on your PC, you will not receive any Norton AntiVirus alert messages (although you should still hear the audible alert). Turning off your NT pop-ups is NOT recommended.

If the DOA e-mail server discovers a virus in an e-mail attachment addressed to you, it will attempt to repair the attachment and send it to you. If the attachment cannot be disinfected, it will delete the attachment and notify both the sender and recipient of the mail.

The Exchange Gateway has been configured to block incoming attachments with the following file extensions: .vbs; .exe; .eml; .nsw; .dll; .asp; .com; .wav; .scr; .pif; .bat; and .mp3.This list is subject to change.

Laptops and Home PC's

Laptops and home PCs are also vulnerable to virus attack. It is important that this equipment be kept up-to-date, especially if files are transferred to/from your work PC and network servers.

OCS will provide software to protect State-owned, supported equipment. OCS will not provide software for personal computers which are not the property of the State.

To update the Norton AntiVirus definition files on a remote (ie, not LAN-connected) State-owned PC or a laptop:

1. Double-click on the DOALAN icon to connect to the DOA LAN Intranet (via your phone line). Log on using your LAN ID and password.
2. Click on Start / Programs / Norton Antivirus Corporate Edition. Click on Norton Antivirus Corporate Edition. Note the virus definition date and if necessary run a Live Update.
3. Click on LiveUpdate. If prompted "How do you want to connect?" select INTERNET. Click on NEXT. This process could take up to 30 minutes. When download is complete click on FINISH. EXIT.
4. Run a Scan of your system. Exit Norton

Virus Prevention Tips

Under no circumstances should you disable the Anti-Virus software that has been installed by OIS on your PC.

It is now possible to get a virus by just reading an e-mail if that email has an auto executing virus attached. If you receive unsolicited e-mail with an attachment, be cautious. Never open email from a source that is questionable. The old way of thinking lead us to believe that the mere act of "receiving" an attachment would not cause you any problems, however this is no longer the case. Virus writers have learned to get around some of the safeguards. Always watch your inbox and never open an email from a questionable source. If you ever read a mail message and you get a warning that alerts you that the mail contains macros, make sure that you select the option to disable macros before you continue.

When you are using Outlook (or Outlook Express at home), you should never use the Preview Pane to view a portion of your mail from the inbox. The Preview Pane actually opens the email (in a smaller window) and if this email has an auto executing virus, preview pane would allow this routine to run. It is save, however, to use the AutoPreview which shows you the first three lines of each message in your inbox. If you have an email that you are not sure about, call the OCS Help Desk at 342-4730 and someone from PCLAN can advise you on how to proceed.

If you exchange files with other people (or from your home PC or laptop) via diskette, use the "scan" feature of your installed Anti-Virus software to check the diskette BEFORE you copy the file to your PC hard drive. Some viruses attach themselves to programs on the infected system, and are transmitted to other systems when the programs are copied. If a friend gives you a copy of a program, check it for a virus, even if you trust your friend; his system may be infected.

If you purchase software that you intend to install locally on your PC, run a "scan" on the diskettes before installing. Even "shrink-wrapped" software has been known to contain viruses. Commercial software on commercial CD-ROMs is less likely to contain a virus, but any software on floppy disks or non-commercial CDs can be a risk. Anyone can make floppies and non-commercial CDs, and can put anything they want on them. It doesn't matter who wrote the program; someone else can add to it or alter it. Commercial CDs have data, usually the name of the company that burns the CDs, burned into the inside track and visible to the naked eye. Recordable CDs lack this, and usually have a batch number on the unsilvered area of the hub. Be wary of any CD that lacks this identification, and certainly of anything with a stick-on label. Of course, even a commercial CD could be infected, since a criminal could hack into the manufacturer's system and plant a virus before the CD master is made.

By far the most common source of a virus infection is downloaded software. Anything downloaded can be infected, even from big, reliable, long-established companies. It's not easy for criminals to break into such systems, but it has been done. A public bulletin board (BBS) is probably the easiest place to plant a virus. If you obtain files from sources outside our network (such as the Internet), copy the file to your local hard drive and run your Anti-virus software before you open the "foreign" file. Do NOT copy any "foreign" files to g:\ or to any other DOA network drive before it has been scanned. If a virus should sneak through this way, it could affect many, many co-workers and they won't be happy with you! Be cautious of surfing the Internet as well. Virus can be downloaded sometimes without your knowledge. Pop-up adds and other type annoying packages can automatically be installed without your knowledge. These can lead to hard drive failures among other problems.

The DOA's antivirus solution should protect you in three ways. 1) it should scan your files when you open them. 2) it should scan files when saved to disk. 3) it should automatically run a scan on your entire PC after-hours daily. Each time this scheduled scan is run, it creates an entry in your Antivirus log. Periodically, you should check your logs to be sure the scanning is running as planned.

If you have a PC at home, you should run an Anti-Virus program on it also.