UNC has a site license for Symantec's Norton Antivirus (NAV). Students, faculty, and staff can download and use NAV for free under the terms of this license, but you must comply with certain restrictions of the site license agreement to do so. [ https://shareware.unc.edu/software.html#n ] Download a copy from ITS's shareware site and run the installer.

If you bought a CCI laptop, NAV should already be installed and configured.

Do not install more than one type of antivirus software on your computer! This can cause system instability and may make both programs fail to work, leaving you unprotected against viruses.

Once you have antivirus software installed, configure it so that it updates your virus definitions and scans your computer for viruses on a regular schedule. We recommend updating your virus definitions daily and scanning your computer at least weekly.

Update your virus definitions.

To update your virus definitions in NAV, you must be connected to the Internet.

Scan your computer regularly.

If you install the UNC shareware copy of NAV, it will be set by default to update its virus definitions daily and scan itself weekly. CCI laptops may or may not be set up this way. Scanning your computer may take 10 or more mintues, depending on how much data is on your computer and whether you are running any other software while you are scanning your computer.

To scan your computer automatically in NAV:

E-mail attachments are among the most common method of transmitting viruses, worms, and Trojan horses. The best thing to do to protect yourself against this method of virus infection is to configure your antivirus software to check all e-mail attachments when you download them to your computer. However, attachments to IMAP mail (like UNC's e-mail system) don't always download automatically, so this may not work for you. The next best thing is to use sensible precautions.

Sometimes free software or shareware can contain code that does things you weren't expecting it to do. Just because it says it's a game, a screensaver, a picture viewer, a whatever, doesn't mean that's all the program does. You could be downloading [ http://help.unc.edu/4240 ] spyware, or you could be downloading a [ http://help.unc.edu/3927 ] Trojan horse. Don't download software-to any computer you use-from a source you don't trust. Don't install software without being sure of what it will do. Make a backup of your computer before you install shareware or freeware.

It stands to reason that if your computer gets infected with a virus and your operating system or files are damaged or destroyed, you'll have an easier time getting back on your feet if you have backups. [ http://sils.unc.edu/itrc/its/faq.php?id=4545 ] Read about how to back up your files and how to plan a backup strategy.

To fully protect your computer, back up your operating system as well as your data.

If your computer does become infected with a virus and you don't realize it right away, you may make backups of infected files. If you restore these files to your computer, your infection will start all over again. Scanning your computer regularly is one way to prevent this. Scanning your backup files before restoring them is another. Also be sure to save backups for a while-at least a month is a good idea-before overwriting them. That way, you can go back to an older version of an infected file, in case you can't successfully clean the infected one of the virus.

Once you have a virus, antivirus software can usually remove it successfully, provided you have the most current virus definitions. In fact, if you are updating your definitions and scanning your computer regularly, your antivirus software is most likely the way you'll find out that you have a virus in the first place.

If your computer is not in a workable state because of the infection, see specific removal instructions for the virus you have at [ http://www.symantec.com/avcenter/ ] Symantec's site . You can sometimes boot the computer from a CD and run antivirus software from another piece of removeable media or manually delete files that the virus uses. However, don't be afraid to get some help if your computer reaches this point. You can contact the SILS Help Desk, but if your computer is a CCI laptop, you'll have better luck going straight to ITS.

If you use your laptops on other networks besides UNC's, be aware that you are vulnerable not just to viruses, worms, and Trojan horses, but also to hacking. Consider installing a firewall such as [ http://www.symantec.com/sabu/nis/npf/ ] Norton Personal Firewall or [ http://www.zonelabs.com/store/application?namespace=zls_catalog&origin=global.jsp&event=link1.catalogHome&&zl_catalog_view_id=201&lid=nav_ho ] Zone Alarm .

Do not download freeware or shareware on a lab computer. Do not install software on a lab computer. In fact, the lab computers don't even allow you to do this, and for good reasons.

Please notify the lab attendant if a lab computer shows a message about a virus-infected file or shows any sign of virus infection.

If you are using removeable media like USB keys, Zip disks, CDs, etc., please scan them for viruses before inserting them into a lab computer. Removeable media are a relatively easy way for viruses to spread, so please be careful with them.

The same [ http://sils.unc.edu/itrc/its/faq.php?id=4548#d0e74 ] rules about opening e-mail attachments apply when reading your e-mail on a lab computer. Please don't open e-mail attachments unless you know the sender and you know what the attachment is, and then scan it for viruses before you open it.

Some basics, excerpted from [ http://help.unc.edu/?id= ] [ http://service1.symantec.com/SUPPORT/nav.nsf/docid/1999041209131106 ] Symantec's site (http://service1.symantec.com/SUPPORT/nav.nsf/docid/1999041209131106):

A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. A virus must meet two criteria:

Some viruses are programmed to damage the computer by damaging programs, deleting files, or reformatting the hard disk. Others are not designed to do any damage, but simply to replicate themselves and make their presence known by presenting text, video, and audio messages. Even these benign viruses can create problems for the computer user. They typically take up computer memory used by legitimate programs. As a result, they often cause erratic behavior and can result in system crashes. In addition, many viruses are bug-ridden, and these bugs may lead to system crashes and data loss.

Trojan Horses are impostors--files that claim to be something desirable, but in fact are malicious. A very important distinction between Trojan horse programs and true viruses is that [Trojan horses] do not replicate themselves. Trojans contain malicious code that when triggered cause loss, or even theft, of data. For a Trojan horse to spread, you must invite these programs onto your computers--for example, by opening an email attachment or downloading and running a file from the Internet.

Worms are programs that replicate themselves from system to system without the use of a host file. This is in contrast to viruses, which requires the spreading of an infected host file. Although worms generally exist inside of other files, often Word or Excel documents, there is a difference between how worms and viruses use the host file. Usually the worm will release a document that already has the "worm" macro inside the document. The entire document will travel from computer to computer, so the entire document should be considered the worm.

For further information about types of viruses, please see the [ http://help.unc.edu/?id= ] [ http://service1.symantec.com/SUPPORT/nav.nsf/docid/1999041209131106 ] source page at Symantec from which this information is quoted.

Sometimes, you may receive an e-mail warning you about a particular virus. Unless the e-mail comes from a local authority about viruses, such as ITS or the SILS Lab, you have reason not to trust what it's telling you. We say "local" authority because the government, Microsoft, etc., do not send out e-mails warning people about viruses. If you aren't sure whether a virus warning is real, look up real viruses at [ http://securityresponse.symantec.com/avcenter/vinfodb.html ] Symantec , and look up hoaxes at [ http://www.symantec.com/avcenter/hoax.html ] Symantec or [ http://www.vmyths.com/hoax.cfm ] vmyths.com .