Web-based Virus Scanner (excellent and always up-to-date).
Virus Myths and Hoaxes:
By far, the most common virus problems are caused by "boot sector" viruses. Litigation firms find that floppies from court reporters often have viruses, and lawyers who work at home have children who bring in floppies with viruses. These travel around on the boot sector of floppy disks, and if you boot from a floppy, they transfer to the hard disk's boot sector, and get put on the boot sector of every floppy you put in the machine. The best way to avoid these is to NEVER BOOT FROM A FLOPPY unless you are doing it intentially.
Most of the time booting from a floppy with a boot sector virus happens accidentally, such as when you leave a floppy disk with a document or deposition on it in Drive A: and reboot.
Solution: To avoid this problem without turning off access to floppies:
- Go into the BIOS of the computer, and change the boot sequence order to boot from hard disk first, and only from floppies if the hard disk isn't found.
- To boot from floppy, just go into the BIOS and enable floppy boots again. (You'll only do this in VERY rare situations.)
Word 8 and 9 (2000) viruses:
- Microsoft info on Viruses and Security can be found at http://www.microsoft.com/security/default.asp, including a link to Office 2000 security and virus issues, discussion of the "Melissa" virus, etc.
Word 6 and 7 have had problems with viruses. Here are my notes on that:
The one that has been widespread is the "Concept Virus." It turns a DOC file into a DOT file (still with the name .DOC), with macros embedded that cause a variety of confusing effects. Fortunately, the Concept virus is just an inconvenience and doesn't wipe out any data or corrupt any files. There is a ton of information written on it, and I won't take the time to deal with it now. (You can tell you have it if Tools|Macros have a macro called "Payload" and one or two that start with "AA..." (Having a "Payload" macro may also be your IS director's way of tricking the virus into thinking that you already have it, so by itself, that is not reason to panic.)
Debbie Martin at Holland and Hart in Denver reports that she had quite a few problems with a nastier Word macro virus called nPad. It is explainded on the McAfee web page at http://www.mcafee.com/support/techdocs/vinfo/v_1524.html, except for some nasty effects for Word macro writers.
Here was her helpful heads-up:
FYI: We had invasion of the nPad virus. Not a terribly destructive one (just very self-replicating), but rather inconvenient since it messes up CompareRite (which won’t work on Word Template documents). Since this sneaky one was not caught by our standard virus detection, it spread for a time before we began to catch onto it. You didn’t need to have saved a document to contaminate it and you only needed to open a contaminated document to have your normal.dot become contaminated, so it spread very quickly indeed.
Another nasty thing it did: While I was testing and developing these macros, when I purposely contaminated myself with a template open (as one sometimes does when testing and editing a macro), it repeatedly encrypted all macros in the open template. After re-writing everything a couple of times, I learned to keep unencrypted copy of template someplace protected before opening one on my hard drive and testing it.
We wrote a new function into global templates which looks for such nasty AutoOpen macros in normal. Also intercepted the DocsOpen macros so we can look for it upon opening or closing any document in the Docs integrated environment.
Back to Eidelman Assocates' www.lawtech.com