By Diane Poremsky
With the Klez worm making the rounds this week, this is a good time to talk about email viruses and what to do if you're unlucky enough to become infected.
Your first line of defense should be a virus scanner, with its autoprotect feature enabled and the virus definitions always up-to-date. Many desktop virus scanners include email scanners, which act as mail servers, intercepting and scanning your email as you send and receive. Scanning email as it arrives gives you advance warning to infected messages, but is only as good as your most recent virus definitions. For this reason, you should configure your virus scanner to check for updates daily. If your scanner doesn't include email scanning or if you want additional protection, try Scanmail for Outlook, free from Trend Micro at http://www.antivirus.com/free_tools/smo/.
As helpful as a virus scanner is, you should never rely solely on the virus scanner alerting you to what attachments are safe. A virus scanner can only detect viruses it knows about and if you're unlucky enough to be an early victim of a new virus, the scanner won't detect it. For this reason, you need to use common sense and not open attachments you aren't expecting. You should get into the habit of practicing safe computing, such as regularly installing all the latest Internet Explorer updates. Look for them at http://www.windowsupdate.com.
Although you may know you will never open unexpected attachments, many of the newer viruses use an "iframe" embedded in an HTML message that opens the infected attachment for you, automatically, as soon as you preview or open the message. You aren't totally defenseless against iframe exploits, it depends on the email client, operating system and the Internet Explorer security patches you have installed. The attachment security features included Outlook 2002 and Outlook 2000 SP2 will stop viruses from spreading.
Other software can provide additional protection. Zone Alarm (http://www.zonealarm.com) provides an attachment security feature that renames file extensions for executable file types. Watch Your Back (http://www.grinningshark.com) removes attachments and scripts, and can convert HTML formatting to plain text.
If you think you did every thing right, but are worried that you might be infected with a virus, use an online virus scanner to check your system, since many viruses disable local scanners. Most major antivirus software vendors have free online scanning utilities similar to the online scanner at http://housecall.antivirus.com. If an online scan reports you are infected, disinfection instructions are available at http://www.sarc.com and most other antivirus sites. These sites also have information about the virus, such as how it reproduces and what it does to your computer system.
