Win32.Poza - worm using the exploit described in MS03-026 to gain access to unpatched Windows installations
Viruses: Trojan Horses
Trojan Horses are impostors--files that claim to be something desirable but, in fact, are malicious.
They do not replicate themselves.
Contain malicious code that when triggered can cause loss, or even theft, of data.
Sent by email to you – it does not email itself.
opening an email attachment or downloading and running a file from the Internet.
Viruses: Trojan Horses
Backdoor.SubSeven is a Trojan horse, similar to Netbus or Back Orifice. It enables unauthorized people to access your computer over the Internet without your knowledge.
PWSteal.Trojan attempts to steal login names and passwords.
Do not save passwords on your computer!
Worms are programs that replicate themselves from system to system without the use of a host file.
In contrast to viruses which requires the spreading of an infected host file.
There is a difference between how worms and viruses use the host file. Usually the worm will release a document that already has the "worm" macro inside the document. The entire document will travel from computer to computer via the network, so the entire document should be considered the worm.
Also called “viruses”
Email in chain letter fashion
describes some devastating, highly unlikely type of virus or a big pay off if you forward the email
Microsoft is not going to pay you for beta testing anything!
Victoria’s Secret is not going to send you a coupon for forwarding an email!
The “Teddy Bear” hoax has you delete a program that was installed with Windows. jdbmgr.exe is the Java Debugger Manager and does have an icon that looks like a Teddy Bear.
With this, YOU are the virus!
How do you know if something is a hoax?
Access one of the following web sites:
http:// hoaxbusters.ciac.org /
This site is a Federal computer system and is the property of the United States Government. It is maintained by the US Department of Energy.
“ The best defense is a good offense”--Install anti-virus software, update it regularly (daily) and run it DAILY.
Free: AVG from Grisoft available at www.grisoft.com
Use the licensed version of the Anti-Virus software purchased by your district.
Protect Your Computer
Create a bogus email address in your address book, i.e. email@example.com
Do not open or download files from unknown or forwarded emails and be cautious of those from people you do know. File extensions to look for:
.pif or a dual extension .exe.pif
If on a network you open the whole system up for infection.
Do not run or download executable files (.exe or .zip extension) from the Internet or any attached to an email.
Protect Your Computer
Rather than sending a document as an attachment, whenever possible paste the text from the document into the body of your email.
Save any Word files in Rich Text Format (RTF) as opposed to DOCs. RTF files do not support the macro language and cannot carry viruses.
Do not download games from web sites.
Check for Microsoft’s security updates regularly.
Write-protect floppy disks before inserting them into other users' computers.
Protect Your Computer
Establish, and enforce, a “SCAN FIRST” policy if you allow others/students to use floppies from outside of the classroom/home.
Insert diskette then run an anti-virus scan on the 3-1/2 floppy drive before allowing any file to be opened.
Insert CD-ROM then run an anti-virus scan on the CD-ROM drive before allowing any file to be opened (generally applies to CD-R or CD-RW’s)
Protect Your Computer
Backup important data regularly.
If data can be easily reproduced don’t worry about it.
Schedule regular (daily) tests by anti-virus software and make sure the computer is on prior to the scheduled run time!
Protect Your Computer
There are two things that are most important in protecting your computer and your systems network:
Install, Update and Run Anti-Virus Software DAILY.
Update Windows operating system directly from the Microsoft web site ( www.microsoft.com ) or set your computer to check for updates automatically.
Note: Windows XP requires log in as administrator to receive & install updates
PC Troubleshooting Hardware Issues
The computer, monitor or printer will not power up.
Check the cable connections to assure they are tightly inserted (pushing, never rocking--Bent pins can cause a problem).
Check the surge protector, it may be unplugged or turned off.
Unplug from surge protector and plug directly into power source (surge protector may be bad).
If a printer will not power up and all connections are tightly inserted, get another printer power supply and try it.
If it works the power supply needs to be replaced.
Check with school custodian, inform of power problem and ask him/her to check switches/breakers to your classroom.
If all of the above fails follow your district’s technology department procedures for requesting technical/repair assistance.
If monitor screen is black
Make sure the monitor is turned on.
If energy saving feature is “on” the system may be sleeping, press a key on the keyboard or move the mouse around a bit and wait to see if the monitor comes on. Power light on monitor will be amber rather than green if sleeping (timed out).
Check power cord for tight connection and see that is plugged into power supply.
If power is on and cables are connected but still have a dark screen, check brightness and/or contrast controls and adjust settings.
Get another monitor that you know is working and establish that the video card is working.
If the other monitor works, the original monitor may be faulty.
If the other monitor does not work, the video card may be at fault.
The computer started up with a blue screen stating that the system had not been properly shut down and a scan started running.
Let the scan run and once completed normal startup will begin.
This will occur when the power button is pushed to turn the computer off without going to Start, Shut Down.
A red, green and blue striped box is displayed on the monitor with the text “No Sync Input.”
This means that the monitor is on but it is not receiving a signal from the system.
Turn the desktop/tower on at the power switch.
I cannot print.
There are many things that can cause this problem:
Check to see that printer is turned on.
If the printer is connected to another computer, make sure that the shared computer is turned on.
Make sure that you are trying to print to the right printer by going to File, Print and double-checking which printer is identified in the printer name box.
Connect printer to another computer and try printing from it.
If prints problem may be within the computer
If does not print problem may be with the printer.
Check manufacturer web site for updated printer drivers, download and install. Try printing again.
Uninstall then reinstall printer software. Try printing again.
Access the printer diagnostic program.
Turn the printer off and restart the computer.
The numeric keypad does not work.
The Num Lock must be on, indicated by a green light.
If Num Lock is off, push the Num Lock key in the upper left corner of the numeric keypad.
The keyboard is frozen.
Shut the computer down.
Unplug the keyboard from the port and reinsert tightly.
Wait about 60 seconds then turn power back on.
If you did not save prior to the keyboard freezing you may lose all data entered after the last save.
The mouse is frozen.
If it is a new mouse you may need to install the mouse software.
Check to make sure that the connection is tight (push, never wiggle). Check pins.
Save what you’re working on by using the shortcut keys “Ctrl + S” then shut the computer down. Unplug and reconnect mouse cable to the port tightly (pushing not wiggling). Wait 60 seconds and then power up again.
Check to see that mouse ball is inserted (children love to take them and use them as a marble!).
If the mouse ball is missing you can still work using shortcut keys—see handout.
Clean the inside of the mouse, gunk collects inside the housing for the mouse ball which may cause problems.
To clean the wheels inside the mouse:
Remove the cover from the back of the mouse.
Remove the mouse ball.
Use a Q-Tip dipped in rubbing alcohol to gently rub buildup from wheels.
Replace mouse ball and cover.
Computer is frequently freezing, hanging, or crashing.
Freezing usually describes the system suddenly becoming completely inactive while running with no error messages on the screen, the mouse pointer will not move, and pressing keys has no effect (yet system beeps may be heard).
You will probably lose all work if you have not saved prior to the system freezing.
Press “Ctrl + Alt + Del” simultaneously. The Close Program dialog box will open. If a program is not responding this will be noted.
Click on the program name.
Press the End Task button. If another window opens press End Task again.
Press “Ctrl + Alt + Del” again then press Shut Down button.
Press the “Reboot” button, not the power button, to restart the system.
Press the Power button on the desktop/tower and let system cool down for several minutes before restarting.
Last resort, unplug from power supply then reconnect and power up again.
If system remains frozen then you must shut down:
Computer is slow to load or run programs.
Delete “Findfast” from your system.
Check the space available on the C: drive.
Delete all temporary internet files and cookies (If not emptied on a regular basis they can consume a lot of memory).
Delete unnecessary programs or files.
Run Scan Disc and then Defragment the C: drive – see handout.
Scan Disc & Defragment
Open My Computer then right-click on the C: drive. Click Properties in the pop-up menu.
The Properties dialog box opens with the General tab active.
Click the Tools tab.
Computer started in Safe Mode.
You can still use your computer but Windows loads minimal or limited options.
This is Windows way of indicating that there is a problem.
You can restart the computer and it should start up in normal mode.
I cannot access the Internet.
Did you log on to the network correctly?
Check the T1-line into the computer to make sure that it is tightly inserted and that a green light is on.
Remove and reinsert line.
Try another T1-line.
See if other computers in school
are having the same problem.
Reset the hub/check with school
Contact Technical Department if
school’s network access is down.
PC Troubleshooting Software Issues
To find out what version of Windows is installed, what type of processor is installed or how much RAM the computer has:
Right click on the My Computer icon on the desktop. A pop-up menu appears.
On the pop-up menu click Properties .
In the System Properties dialog box the General tab will be active and displaying all system information.
Software Issues Operating System & Version Registration Number Processor RAM
The program I’m working in has frozen.
Press “Ctrl + Alt + Del” simultaneously. The Close Program dialog box will open. If a program is “Not Responding” this will be noted.
Note: See Hardware Issues: Freezing and follow same procedures
While working on a document my system froze. I received a “Fatal Error Message” after pressing “End Task” from the Close Program dialog box.
While running a program you received a full blue screen that said there was a Fatal Exception Error.
This is called the “Blue Screen of Death”!
Two options were provided, which do I choose: “Hit any key to continue” or “press Ctrl+Alt+Del” ?
Press any key to continue: If you choose this option you may or may not get back to the document that you were working on prior to this error occurring.
Press Ctrl+Alt+Del: This will reboot the system and restart it.
I turned the computer on, my system will not boot up, and the following message appeared:
There is a floppy diskette in the 3-1/2 Floppy drive. Eject the floppy diskette then press any key.
After saving to a floppy diskette I ejected the disk and the following screen appeared. I cannot get back to my desktop.
When I try to start a program from the shortcut I get a “Missing Program” error.
If the program was moved from it’s original location, delete the old shortcut and create a new shortcut to the new location.
The program may have been deleted without being properly uninstalled – see handout on how to uninstall a program.
The shortcut is trying to access the program from the CD-ROM drive but the program is not in the drive.
A second hard drive or another drive has been installed which kicked the CD-ROM letter up to a new letter—see handout for instructions on how to redirect shortcut.
One of my students has downloaded a picture from the Internet onto the desktop. How do I get the picture off and get back to the regular desktop?
See handout for instructions on Display Properties.
My desktop, mouse pointer and sounds have been changed. How do I go back to the original settings?
See handout for instructions on Display Properties, how to reset the mouse pointer and how to reset sounds.
I was inserting text into a document and it was erasing the text as I typed rather than inserting.
The “Insert” key was toggled off.
Push the “Insert” key located between the alpha-numeric keys and the numeric keypad.
If working in MS Word, you can “Undo” back to the original text--see handout for alternate method of toggling the Insert option on and off in Word.
Computer Associates (CA) available at
Donald Gremilion, Network Specialist, Vermilion Parish School Board
Grisoft, Inc. (AVG) available at www.grisoft.com Kim Bergeron, IT Facilitator, Lafayette Parish School System