Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 
Advanced search tips 
 
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Mac support 
 » Linux support 
 » Windows PC support 

Windows virus protection

If you run Windows on your computer, you should also run an up-to-date antivirus program. Not only will such a utility protect you against the most common viruses, but it can also detect many (although not all) the backdoor agents and trojans an intruder might install on your system.

Attachments & trojans

Running antivirus software is neither a cure-all nor a substitute for good security practices. There is always some time delay between the introduction of a virus and its incorporation into antivirus software databases. Backdoors and trojans can also be designed to hide from virus-detection programs. For those reasons:
  • Do not run or open email attachments unless you know the sender, expect an attachment from that person, and the subject line of the mail and type of attachment "make sense." Note that:
    • Microsoft never sends out patches via email.
    • SCS Computing Facilities will never, without prior notice, send you an email message containing an attachment
  • Do not run programs from untrusted sources
Spam emailers and email viruses can forge message headers, making it appear, for example, that the mail comes from someone you know. If you check the message headers [offsite link, will open in a new window], you can confirm the true message origin.

Obtaining antivirus software

CMU has a site license for Symantec's antivirus program Endpoint Protection (SEP). Our license agreement allows CMU (though not CERT nor SEI) staff, faculty, and students to install this software on both CMU-owned and personally-owned PCs. All SCS Facilities-built Windows machines should already have a copy of SEP installed.

If you have a PC on which you wish to install SEP, you can get a copy from:

Keeping virus definitions up-to-date

Most Facilitized SCS PCs will automatically pick up new virus definitions each night. To update definitions manually:
  1. Right-click the yellow shield on your Taskbar or go to "Start" > "Programs" and select the SEP antivirus application
  2. Click on the "LiveUpdate" button
  3. Confirm that LiveUpdate is configured to get updates from the "local network"
  4. Click "Next"
  5. When the definition download completes, click "Finish"

Dealing with a virus infection

On most Facilitized machines, the antivirus software will scan the PC at 5:30 AM every morning. If you see a message indicating that a virus has been detected, and if your PC is supported by SCS Facilities, contact the SCS HelpDesk, <help+pc@cs.cmu.edu> or x8-4231, for help in removing it.

If your machine is not supported by SCS Facilities, or if you wish to attempt to fix it yourself, see the Symantec virus database for information on how to deal with the specific virus involved. Note that many viruses and worms create backdoors or make system changes that can require special cleanup procedures. If you do not fully clean up after such an infection, it's possible that your machine will be broken into via the backdoor that it creates.