Virus FAQs

  • What are some safe computing practices?

The best way to protect yourself from viruses is to use common sense.
- Do not open any e-mail attachments without verifying its authenticity.
- Never click on an attachment in an email message unless you know who the message is from, what the attachment is, and why it has been attached to the email.

  • What is the Klez virus?

A major virus that has been spreading rapidly is called "Klez". Distributed via an e-mail attachment, this destructive virus has the potential of wiping out all of the data on your computer. Klez uses a random subject line and a random file attachment with the extension .BAT, .EXE, .PIF, or .SCR. In addition, this virus can use a technique known as "spoofing." The virus randomly selects an address that it finds on an infected computer. It uses this address as the "From"address that it uses when it performs its mass-mailing routine.

It is possible that uninfected computers will receive complaints that they sent an infected message to someone else. For example, "Sue" has just been infected with Klez and the virus has started to replicate itself to other computers. However, instead of sending the virus as "Sue", it uses "Bill's" name and e-mail address,
which is in "Sue's" address book. "Bill" receives messages from colleagues that complain that he has sent them a virus. However, because "Bill's" e-mail address was spoofed, Bill's computer is not necessarily infected with a virus.

  • What is the jdbgmgr.exe hoax?

The jdbfmgr.exe hoax is a message that has been circulating that isn't actually a virus but a hoax. This e-mail gives instructions on how to search your hard drive and delete a file named "jdbgmgr.exe" because it is a virus. This file is not a virus, but is in fact a necessary component of the Windows operating system that allows your web browser to display web pages correctly. If you receive this message, please disregard it and delete it from your inbox.

  • What is spoofing?

Spoofing is when a virus randomly selects an address that it finds on an infected computer. It uses this address as the "From" address that it uses when it performs its mass-mailing routine. It is possible that uninfected computers will receive complaints that they sent an infected message to someone else. For example, "Sue" has just been infected with Klez (a type of virus) and the virus has started to replicate itself to other computers. However, instead of sending the virus as "Sue", it
uses "Bill's" name and e-mail address, which is in "Sue's" address book. "Bill" receives messages from colleagues that complain that he has sent them a virus. However, because "Bill's" e-mail address was spoofed, Bill's computer is not necessarily infected with a virus.

  • Virus Scanning Software (Norton Anti-Virus) Information

Over the past year, in conjunction with our Windows 2000 migration, Information Systems and Technology has been deploying a highly robust and reliable anti-virus software package called Norton Anti-Virus Corporate Edition. This program works slightly different than the program we previously used, McAfee Virus Scan. Included with the software is an “always on”, real time virus scanning engine. That means if you modify or open any file on your computer, it is automatically scanned for viruses. In addition, Norton Anti-Virus allows us to deploy critical virus definition updates automatically, keeping your valuable data protected from any new viruses.

If a virus is detected by Norton Anti-Virus, a couple of things could happen. One is that Norton Anti-Virus could state that the virus has been cleaned. If this is the case, you are free from infection. Secondly, it could state that the virus or file was “quarantined.” If the file that was “quarantined” is important (for example, a document you need) call the IS&T Help Desk at 3-6862. If there is no message about either the virus being cleaned or quarantined and you think that you might be infected, feel free to contact the Help Desk.