Virus - A message I received had an attachment called "alert.txt." Is this a virus?
No. It only means that that message had been infected at one time. GroupShield has cleaned the message and inserted "alert.txt" to let you know it was cleaned. Double-clicking on "alert.txt" tells you what procedures you should follow. |
Virus - Are all the messages I send and receive being scanned for viruses?
Yes, with a very few exceptions. The e-mail anti-virus product, GroupShield, scans messages sent to and received from your mailbox. With older versions of GroupShield, during periods of heavy e-mail traffic, it was possible for a message to be delivered to your mailbox before GroupShield had scanned it. GroupShield would try to get back to scan that message when the e-mail traffic load is lighter. Occasional maintenance requires GroupShield to be turned off for as short a time as possible. Turning GroupShield off exposes mailboxes to viruses. As soon as GroupShield is turned back on, a scan of all mailboxes is conducted. |
Virus - How can I find out which version of an anti-virus dat file or engine I have?
Version information for the dat files and scan engine can be found in VShield Properties. To access this information do the following: 1. Right-click on the VShield icon in the lower right corner of the screen (by the time display). The VShield icon will look like a red V surrounded by a blue shield.
2. A pop-up menu will appear.
3. Left-click on About. The About McAfee VShield dialog box will then appear.
4. Notable version numbers displayed here are the software version at the top of the box, scan engine, and virus definitions version numbers. Virus definitions are used to remove viruses, trojans, and worms. The creation date of the virus definitions is also displayed. |
Virus - How can the anti-virus dats/extra dats be applied?
The easiest way is to configure systems to automatically update dats-via autoupdate tasks, but they can be pushed by ePolicy Orchestrator. See the Virus- ePolicy Orchestrator FAQ for more information. |
Virus - How do I contact corporate support at Network Associates?
Users of Corporate Products from Network Associates can receive fast and helpful technical and non-technical support at (800) 338-8754 ext. 2480. To access corporate support online, go to this site: http://www.nai.com/asp_set/support/technical/login.asp. |
Virus - How do I get the appropriate anti-virus software?
Please see the anti-virus website to find out about current contract informtaion. |
Virus - How do I obtain McAfee virus protection software for my home computer? I understand that the state’s licensing agreement with McAfee allows participants to install the virus protection software, VirusScan, on their home computers free of charge. How do I obtain the software?
Yes, that is correct. COT administers the enterprise agreement for virus protection software that exists between the Commonwealth of Kentucky and McAfee of Network Associates, Inc. The site license for the Total and Active Defense Products entitles participants to also install these products on their home computers. (See page 84 of the SPPM.) Shawn Thomas of the COT Virus Defense Team has created an e-mail distribution list that includes all COT staff that participate in the Home/Laptop Virus Protection Program. Each week the latest virus definitions or DATs, as well as the URL for downloading them, are e-mailed to COT staff. For those staff who are unable to receive attachments via their work email accounts, the information is sent to their home email accounts. You can contact Shawn at 564-9617 or mailto:Shawn.Thomas@ky.gov. |
Virus - I had Outlook’s preview pane open & received message with known virus. Is my PC infected?
While becoming infected usually requires user action, some viruses can infect systems that have the preview pane open. It is recommended that the preview pane be disabled. If the attachment is named "alert.txt," then GroupShield has already scanned and cleaned the message. |
Virus - I received & opened a message with a subject I’ve heard is a virus. Is my PC infected?
Not necessarily. Becoming infected requires user action. If you opened the message but didn’t double-click on the attachment, chances are good that you’re not yet infected. If the attachment is named "alert.txt," then GroupShield has already scanned and cleaned the message |
Virus - I’m certain my PC has been infected with a virus. What should I do?
Keep your e-mail client (Outlook) closed. Call your systems administrator or local technical support to have them clean your PC and determine why anti-virus software was not correctly operating on your PC. They will determine if a virus is confirmed and report it appropriately to the Commonwealth Service Desk via e-mail at ServiceCorrespondence@ky.gov or by calling the Commonwealth Service Desk at 502-564-7576. |
Virus - What anti-virus products are included in the state's agreement with McAfee?
The state has an agreement for its anti-virus software with McAfee of Network Associates for Total Virus Defense (TVD) and Active Virus Defense (AVD). The licensure suite incorporates the following products into a multi-tier virus defense system: VirusScan for desktop protection, NetShield for file server protection, GroupShield for Exchange e-mail scanning protection and WebShield for Internet mail gateway protection, and ePolicy Orchestrator to manage and enforce anti-virus policies. |
Virus - What are dat files?
The dat files contain signatures and definitions to identify viruses. New dat files are released weekly. |
Virus - What else should I do to further protect my computer(s) from viruses, trojans, worms, etc?
Secure network shares and apply critical updates recommended by Microsoft. You should ensure that all network shares are as secure as possible. It is a good policy to never allow the Everyone or Domain Users group to have full control or change access to a network share. There are security vulnerabilities in all operating systems. It is critical that patches are applied to address these vulnerabilities.
More information about patches for Microsoft products can be found at http://windowsupdate.microsoft.com. |
Virus - What is a super dat (anti-virus file)?
A super dat lets you upgrade your scanning engine in addition to your dat files |
Virus - What is an extra dat (anti-virus file)?
An extra dat is a supplement (usually with a filename of extra.dat) to the weekly dat file that contains definitions for an unforeseen virus outbreak. Extra.dat is applied by copying it into the anti-virus software directory and stopping and restarting the Network Associates anti-virus (VirusScan, NetShield, GroupShield, WebShield) services. Sometimes, Network Associates provides self-extracting executable files (.exe’s) that automatically copies the extra.dat into the anti-virus software directory. Extra dats may be phased out as newer methods are developed for solving problems that extra dats have traditionally solved. |
Virus - What is ePolicy Orchestrator?
The most critical element of defending your network against virus infection is keeping your anti-virus software up to date. ePolicy Orchestrator (ePO) makes it easy to know whether you have the latest protection. It includes comprehensive policy management, detailed graphical reporting, and software deployment enabling administrators to ensure virus protection more effectively. Check with your McAfee cabinet-designated represented for additional information. |
Virus - What is GroupShield?
GroupShield prevents propagation of viruses within state government via messaging to other agencies and the internet. |
Virus - What is the best way to prevent my PC from being infected by a virus via e-mail?
Having up-to-date anti-virus software running on your PC. Only open messages and attachments from known, trusted sources. Delete messages from untrustworthy sources and remove them from the "Deleted Items" folder. |
Virus - What is the difference between an anti-virus Update and Upgrade?
Update refers to downloading and installing newer virus signature (dat) files. Upgrade refers to obtaining a newer version of the scan engine. |
Virus - When do the anti-virus dat files need to be updated?
The latest dat files is listed on the anti-virus FTP site each week once they’re released from Network Associates – usually Thursdays. They can be found on the state’s anti-virus web site below. Subfolders, upgradNT and upgrad9x, will be kept up to date with files necessary for engine upgrades for VirusScan on the appropriate platform. |
Virus - While opening a locked email, a box said it hadn't been scanned for virus yet. What do I do?
Please try to be patient until GroupShield has scanned the message. The mail system may be overloaded and it may take some time for GroupShield to scan the message. The message may be infected and opening it is a judgment call on how reliable you believe the source to be. Closing and reopening Outlook may force the message to be scanned and unlocked. |
Virus - How do I get enrolled for the anti-virus licenses?
The state has an agreement for its anti-virus software with Network Associates. To obtain the software, a F-180 form needs to be completed and sent to the Commonwealth Office of Technology. The cost is $20 per node (or workstation), which is good through June 30, 2003. The Department of Education and local entities are excluded. |