January 28, 2004
Update Now--VirusScan Enterprise 7

If you are running any version of VirusScan other than Enterprise 7, you need to update now.

IMPORTANT NOTE: VirusScan Enterprise 7 will not run on Windows 98 machines. If you are still running Windows 98, you need to update to Windows 2000 or Windows XP.

Instructions for installing VirusScan Enterprise 7 are available online. Alternately, you can find them by going to For Staff-- Technology Items--Anti-Virus Information.

VirusScan Enterprise 7.0.0 was provided to field offices on the Scout CD that was sent in the July 13, 2003 transmittal package. You can also install VirusScan Enterprise 7 by using Scout over the network, but in most county offices this download will take a half hour to an hour to complete.

When you install VirusScan Enterprise 7, it will set up a schedule for automatically updating your virus definitions. VirusScan 7 will scan incoming messages and scan files when accessed. It will generally not do a regular scan of your entire hard drive (since it's scanning files as they arrive and as they're accessed). However, you can scan your hard drive at any time by right-clicking on the VShield icon in the lower right-hand corner of your computer screen and selecting 'On-Demand Scan.'

You can also update your virus definitions at any time (in between scheduled updates) by right-clicking on the VShield icon and selecting 'Update now' from the menu.

If you don't know what version of VirusScan you currently have, you can right-click on the VShield icon and select 'About VirusScan' or 'About VirusScan Enterprise'. You should have VirusScan Enterprise 7.0.0 or higher.

If you are not currently running any version of VirusScan, you need to install it immediately following the online instructions and, once you've installed VirusScan, you will likely want to download and run the latest version of Stinger.

Links in this post:

Instructions for installing VirusScan Enterprise 7: http://www.extension.iastate.edu/Comp/virus/installing_virusscan.htm
Download Stinger: http://vil.nai.com/vil/stinger
For Staff Pages: http://www.extension.iastate.edu/ForStaff/homepage.html
Technology Items: http://www.extension.iastate.edu/Comp/
Anti-Virus Information: http://www.extension.iastate.edu/Comp/virus/

Posted by dcoates at 10:16 AM
January 20, 2004
Virus Alert: W32/Bagle@MM

W32/Bagle@MM is a mass-mailing worm. The worm arrives in an email message with the following characteristics:

From: (address may be forged)
Subject: Hi
Body:
Test =)
(random characters)
--
Test, yep.

Attachment: (random filename) 15,872 bytes

example:

frjujs.exe

When the attachment is run, the virus checks the system date. If the date is January 28, 2004 or later, the virus simply exits and does not propagate. Otherwise, the virus executes CALC.EXE and also copies itself as bbeagle.exe, and sets itself to load when you startup your machine. The worm uses your email address lists to send itself to others.

The virus spoofs the sender address (if you receive one, it's likely not sent by the address in the FROM: line).

You can tell if you're infected by going to Start--Search (or Find) and searching for a file called bbeagle.exe. If this file is on your computer, you're infected.

If you have not opened an attachment, you are not infected. If you get a mail message where the subject begins with "Virus Detected and Cleaned" the virus has already been removed from that message.

To remove the virus:

  1. Run Scout (over the network; do not use the Scout CD)
  2. Click on 'Configure'
  3. Select 'Advanced'
  4. Click on 'Done'
  5. Download 'McAfee Stinger'
  6. Setup of Stinger includes running it.
  7. When completed, go back into Scout, click on 'Configure'
  8. Select 'Current'
  9. Click on 'Done'

Some important notes about viruses

  • DON'T open attachments
    This is important NOT ONLY when the attachments are from people you don't know, but ALSO when they are from people you do know but are contained in suspicious-looking emails that you normally don't receive from these people.
  • If the body of the message (nonsense words, for instance) looks suspicious, EVEN IF it's from someone you know, check with that person first before opening the attachment.
  • DON'T EVER open attachments that have a .EXE extension unless you're explicitly expecting that specific file from that specific person.

For more information about the W32/Bagle@MM virus, check http://vil.nai.com/vil/content/v_100965.htm

Posted by dcoates at 10:49 AM
January 05, 2004
Eudora Email Updater--Field Instructions

Follow these instructions to ensure your email continues to work after January 6, 2004.

On January 6, 2004, the ISU Office of Academic Information Technologies (AIT) will begin requiring updated network applications. This change is in response to security concerns and will provide a higher level of security for the ISU Extension network. Affected applications for Extension, in particular, are Scout and Eudora. You will need to update these applications on your computer now.

Please print these instructions before beginning.

  • Do NOT attempt to open your mail while logged on with the local administrator account.
  • Do NOT use your Scout CD for this update.

To update your computer:

  1. Log on with the local administrator account (remember to change 'log onto' so that it contains the name of your computer (which will be identified on a drop down list by (this computer)).
  2. Open Scout (Start, Programs, Scout) **If Scout DOES NOT allow you to login, proceed to the "Update Scout" instructions below**
  3. In Scout, select the Eudora Pro Updater button and follow the instructions.
  4. Exit Scout, reboot your computer, and log back in with your regular username. Be sure to change 'log onto' back to IASTATE.


Update Scout: (only if you're prompted to do so)

  1. When prompted to update Scout, click No.
  2. When prompted to update Scout's components, click No.
  3. Click Exit to close Scout.
  4. Connect to your shared drive:
    1. Right-click on My Computer
    2. Select Map Network Drive
    3. Select S: and enter "\\ext-county\shared" (no quotes, substitute the name of your county; for example "\\ext-story\shared")
    4. Uncheck Reconnect at Logon
    5. Click on "Connect using a different username"
    6. Type IASTATE\username (for example, IASTATE\jdoe) and then your password
    7. Click Finish
  5. From the S: drive, open the EIT folder and double-click on Scout32-6.0.exe, follow the on-screen instructions.
  6. Run Scout (Start, Programs, Scout)
  7. Click OK to install Kerberos, follow the on-screen instructions. When it tells you to make sure that no programs are running, right-click on the gold key at the bottom right-hand corner of your screen and select 'Exit.'
  8. Reboot when prompted.
  9. Continue with the above instructions (step 3 in the above instructions).

    Note: If you use Host Explorer, you will also need to update this program. You can do so by logging in as administrator, running Scout and updating Host Explorer.

    If at any point you need further assistance, please contact the Extension IT Support Hotline at 515-294-1725.

    Posted by dcoates at 02:27 PM
Eudora Email Updater--Campus Instructions

Follow these instructions to ensure your email continues to work after January 6, 2004.

Note: If you have departmental IT staff, you may wish to contact them before following these instructions.

On January 6, 2004, the ISU Office of Academic Information Technologies (AIT) will begin requiring updated network applications. This change is in response to security concerns and will provide a higher level of security for the ISU network. Affected applications for Extension, in particular, are Scout and Eudora. You will need to update these applications on your computer now.

Please print these instructions before beginning.

Do NOT attempt to open your mail while logged on with the local administrator account.

To update your computer:

  1. Log on with the local administrator account (remember to change 'log onto' so that it contains the name of your computer (which will be identified on a drop down list by (this computer)).
  2. Open Scout (Start, Programs, Scout)

    If Scout alerts you that a new version is available, follow these steps:

    • Select 'yes' when prompted to update Scout.
    • Follow the on screen instructions
    • Select 'Yes' if prompted to remove shared files.
    • When finished updating, open Scout (Start, Programs, Scout).
    • When prompted to install Kerberos, select 'OK' and follow the on screen instructions. When it tells you to make sure that no programs are running, right-click on the gold key at the bottom right-hand corner of your screen and select 'Exit.'
    • Reboot when finished and be sure to log in again as administrator, not with your regular username)

  3. In Scout (or after running Scout again if you've just done the 'update Scout' part of these instructions), select the Eudora Pro Updater button and follow the instructions
  4. Exit Scout, reboot your computer, and log back in with your regular username. Be sure to change 'log onto' to IASTATE when logging in.

Note: If you use Host Explorer, you will also need to update this program. You can do so by logging in as administrator, running Scout and updating Host Explorer.

If at any point you need further assistance, please contact the Extension IT Support Hotline at 515-294-1725.

Posted by dcoates at 02:20 PM