Skip navigation

Below are answers to frequently asked questions about computer viruses. Penn State students, faculty, and staff are responsible for protecting themselves against computer viruses, worms, and other forms of malicious code. Note that suggestions regarding external services and products are provided for your convenience, and should not be regarded as endorsements or guarantees of reliability.

1. What is a virus?
2. What do viruses do?
3. How should I protect myself?
4. ITS filters for viruses, so why do I need to run anti-virus software?
5. I think I received a virus in my e-mail. What should I do?
6. Where can I find the latest news about viruses?
7. Can I be notified automatically when there is a threat?
8. Is virus protection software available?
9. I installed virus protection; is my computer safe now?
10. How do I update my virus protection? How often?
11. How can I tell if it's a hoax?
12. What other resources are available?
13. How do I get help?

1. What is a virus?     [return to top]

Virus: A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Most viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems.

Since 1987, when a virus infected ARPANET, a large network used by the Defense Department and many universities, many antivirus programs have become available. These programs periodically check your computer system for the best-known types of viruses.

Some people distinguish between general viruses and worms. A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs.

Definition used by permission of Webopedia.com. ¹

2. What do viruses do?    [return to top]

"Most viruses are comparatively harmless, and may be present for years with no noticeable effect: some, however, may cause random damage to data files (sometimes insidiously, over a long period) or attempt to destroy files and disks. Others cause unintended damage. Even benign viruses (apparently non-destructive viruses) cause significant damage by occupying disk space and/or main memory, by using up CPU processing time, and by the time and expense wasted in detecting and removing them." (Source: excerpted with permission from the Virus FAQ.)

Many viruses are disguised in e-mail attachments with an interesting name. When a curious computer user receives the mail and opens the attachment, a malicious program is executed. The virus attempts to modify the registry in order to copy itself into the Windows directory. The virus will then attempt to send infected mail messages to the addresses in the Windows Address Book. By causing congestion through self-propagation, the virus can also cause mail server performance problems. The subject line and attachment name may change as the virus spreads.

Macro viruses are becoming an increasing threat for users of Microsoft Office products such as MS-Word, MS-Excel, and MS-Powerpoint. See Anti-Virus Resources for Microsoft Office for information on how to protect your system from macro viruses.

For more information about different types of viruses and their behavior, see Frequently Asked Questions and Answers About Computer Viruses (see Part 1, question 4 of the FAQ).

3. How should I protect myself?     [return to top]

• Install virus-protection software. See software suggestions below. Make sure to update the product at least once a week. Because an increasing number of viruses cannot be "cleaned" by simply running the "latest" virus checker if you are already infected, preventing infection is the wise course of action.
• Beware of e-mail attachments. Do not open any e-mail attachment unless you are expecting the file and know it is from a reliable source, especially if you are using Windows.
• Back up your files. On a regular basis, back up your files (somewhere other than on your machine). This can save hours, days, even years of work should you lose data because of a virus problem.
• Make a rescue disk. If you own an IBM-type system create a bootable floppy disk, put the antivirus software on it, and set the write-lock tab. This may be useful later.
• Stay informed. Keep up with the latest news about viruses. Virus news sources are listed below.
• Don't spread rumors. Do not pass along rumors or unverified notices regarding computer viruses. This does more harm than good. Read about hoaxes below.
• Get help. If you receive mail that you believe contains a virus, or think your machine may already be infected with a virus, contact the ITS Help Desk at (814) 863-1035 or (814) 863-2494. Help Desk locations and hours are available at the ITS Help Desk Web site.

4. ITS filters for viruses, so why do I need to run anti-virus software?    [return to top]

Although ITS has installed virus protection software on Penn State's e-mail servers, we recommend that individuals continue to run anti-virus software on their local machines as well. Why? Because good security design dictates that multiple methods should be used to guard against intrusion. If one fails or is compromised, hopefully the others will succeed. Experience shows that hackers are always working to overcome security defenses, so we need to use every means possible to protect ourselves.

5. I think I received a virus in my e-mail. What should I do?     [return to top]

First, never open an attachment unless you are absolutely sure it is from a reliable source. Often infected e-mail messages invite you to click on an attached file. Don't be tempted! The attachments are most likely viruses that will infect your computer. In some cases it's easy to see that the message is just "junk" mail. But messages often appear to originate from an "official" source such as Microsoft, Penn State, or Security@psu.edu. Just remember that official sources such as Penn State, ITS, and Microsoft Corporation never send patches or fixes as e-mail attachments. If you are in doubt about any message you receive, contact Security Operations and Services (SOS) at 814-863-9533.

To get assistance with a virus infection, contact the ITS Help Desk at (814) 863-1035 or (814) 863-2494. For locations and hours, see the ITS Help Desk Web site.

To report a virus received through e-mail, follow the reporting instructions at Security Operations and Services (SOS).

Please do not forward e-mail containing a virus, or suspected virus, to any address other than virus@psu.edu.

6. Where can I find the latest news about viruses?     [return to top]

There are many ways to find out about the latest viruses; below is a list of information sources. Some provide general information, while others are more technical. We recommend that you review all of them and use the sources that are most helpful and convenient.

• The ITS Alerts System offers a continuously updated announcements about viruses and other threats.
• Computer Emergency Response Team at Carnegie-Mellon University (CERT)
• F-Secure Corporation Virus News
• IBM Antivirus Research - Scientific Papers
  

7. Can I be notified automatically when there is a threat?     [return to top]

The following organizations offer virus alert subscription services.

• The ITS Alerts System offers customized alerts by subscription, RSS, and on the Web.

• Computer Emergency Response Team at Carnegie-Mellon University (CERT)

• McAfee.com Virus Information Center

• Symantec Corporation

8. Is virus protection software available?     [return to top]

Penn State has arranged to have Symantec, a leading anti-virus software developer, provide anti-virus software at no cost to Penn State students, faculty, and staff. The Symantec AntiVirus software can be downloaded at https://downloads.its.psu.edu/ on the Web. Departments may also use the PAC-ITS CD to install the software on staff machines, or they can purchase the full server version from the Computer Store.

9. I installed virus protection; is my computer safe now?     [return to top]

Not necessarily. You also need to download updates called "virus definitions" or "DAT files" on a regular basis. Experts recommend that you download updates at least once a week, and more frequently if you hear that a virus is spreading. The Symantec AntiVirus software can be easily customized to automatically download updates every week at a time that's convenient for you.

In addition to virus protection, you also need to make sure your computer has all of the latest security updates. See Take Control for important instructions.

10. How do I update my virus protection? How often?     [return to top]

Immediately after installation of Symantec AntiVirus software and periodically thereafter you must run LiveUpdate, a component of the software, to update your virus definition files. Failure to update your virus definition files will leave your computer vulnerable to new viruses. Experts recommend that you download updates at least once a week, and more frequently if you hear that a virus is spreading. Learn how to set up Symantec LiveUpdate.

11. How can I tell if it's a hoax?     [return to top]

Hoaxes involve phony announcements, warnings, or instructions.

One recent type of hoax involves e-mail that purports to come from an official source, but is in fact a virus. Often infected e-mail messages that appear to originate from an "official" source such as Microsoft, Penn State, or Security@psu.edu invite you to click on an attached file. You should never open an attachment such as this, because it is most likely a virus that will infect your computer. Just remember that official sources such as Penn State, ITS, and Microsoft Corporation never send patches or fixes as e-mail attachments.

If you receive an e-mail message that suggests you forward it to everyone you know, it's probably either a hoax or a chain letter. Distributing chain letters is against University policy, so don't send these messages to others.

Before distributing some dire warning to all of your friends or mailing lists, we recommend that you make sure it is not a hoax. Here are sources of information about hoaxes and myths:

• Hoax Encyclopedia from About.com

• F-Secure Corporation Security Information Center, Hoax Warnings

• snopes.com Urban Legends Reference Pages

If you are in doubt about any message you receive, contact Security Operations and Services (SOS) at 814-863-9533.

12. What other resources are available?     [return to top]

The resources listed in the news section above offer not only news but information and instructions for protecting yourself against viruses. In addition, here are some others that may be useful:

• See the safe computing page for important instructions.

• To learn more about viruses and how they work, check the alt.comp.virus FAQ.

• Check Google groups for Usenet discussion forums on computing and other issues.

• See the Stay Safe Online Web site for additional tips on computer security.

13. How do I get help?     [return to top]

To get assistance with a virus infection, contact the ITS Help Desk at (814) 863-1035 or (814) 863-2494. For locations and hours, see the ITS Help Desk Web site.

To report a virus received through e-mail, follow the reporting instructions at Security Operations and Services (SOS).

Please do not forward e-mail containing a virus, or suspected virus, to any address other than virus@psu.edu.

¹ "Reprinted with permission from http://www.internet.com. Copyright 2001 internet.com Corporation. All rights reserved. internet.com is the exclusive Trademark of internet.com Corporation."