USER GUIDE Net Nanny for DOS Copyright 1994, 1995 NOTICE The information in this document is subject to change without notice and does not represent a commitment by Net Nanny Ltd. It is against the law to copy the software except as specifically allowed in the software license agreement. No portion of this manual may be reproduced in any form or by any means, electronic or mechanical, including photocopying and recording, for any purpose without the express written permission of Net Nanny Ltd. (C) 1994, 1995 Net Nanny Ltd. All rights reserved. Net Nanny Ltd. C2 - 1122 Fir Avenue 525 Seymour Street Blaine, WA Vancouver, B.C. USA Canada 98230 V6B 3H7 Tel: (604) 662-8522 SOFTWARE LICENSE AGREEMENT LICENSE GRANT: Net Nanny Ltd. grants you, the end user, the right to use one copy of the enclosed software program (the "SOFTWARE") on a single computer. COPYRIGHT and TRADE SECRET The SOFTWARE is owned by Net Nanny Ltd. and protected by both United States and Canadian copyright law and by International Treaty provisions and all other applicable national laws. Any copying of the SOFTWARE, other than a single copy for backup purposes, constitutes an infringement of Net Nanny Ltd.'s copyright. The SOFTWARE incorporates Trade Secret materials. LIMITED WARRANTY NO WARRANTY OF THE SOFTWARE AND DOCUMENTATION IS PROVIDED. THE SOFTWARE IS PROVIDED AS IS, WITHOUT ANY WARRANTY OR CONDITION, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABLE QUALITY AND FITNESS FOR A PARTICULAR PURPOSE. Without limiting the above, Net Nanny Ltd. does not warrant that the operation of the SOFTWARE will be uninterrupted or error-free or that the SOFTWARE will achieve your intended purpose. Net Nanny Ltd. does provide a limited warranty for the diskettes upon which the SOFTWARE is furnished. The limited warranty is that the diskettes will be free from defects in material and workmanship under normal use for a period of one year from the date of delivery as evidenced by a copy of the receipt. Any diskette not meeting Net Nanny Ltd.'s limited warranty will be replaced if returned to Net Nanny Ltd. or authorized Net Nanny Ltd. software Dealer or Distributor with a copy of the receipt. If Net Nanny Ltd. is unable to deliver replacement diskettes which are free of defects in material and workmanship, you may terminate this License by returning the SOFTWARE, as delivered, and you will receive a refund. LIMITATION OF LIABILITY Your sole remedy against Net Nanny Ltd., and Net Nanny Ltd.'s entire liability regardless of how such liability arises, is limited to replacement of the diskette or a refund in accordance with the above limited diskette warranty. IN NO EVENT WILL Net Nanny Ltd. BE LIABLE TO YOU FOR ANY DAMAGES, INCLUDING BUT NOT LIMITED TO SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE. Some States and Provinces do not allow the exclusion of implied warranties or limitation of incidental or consequential damages, so the above limitation or exclusion may not apply to you This License will be terminated if you fail to comply with any term or condition of this License. You agree, upon such termination to destroy the SOFTWARE and related documentation. You agree that this License is the complete and sole statement of the agreement between us and this license supersedes representations made by us or your authorized Net Nanny Ltd. software Dealer or distributor or any other Agreement, written or oral, or communications between us or your authorized Net Nanny Ltd. software Dealer or Distributor relating to the subject matter of this License. TABLE OF CONTENTS System requirements Hardware Operating System Contents of Package Introduction Novice Computer Users CHAPTER ONE Software Installation Steps 1 - 9 Virus Warning CHAPTER TWO Operation & Administration Introduction Is Net Nanny Working ? Using Net Nanny Net Nanny Text Editor Is Net Nanny Active ? Testing 123 ... CHAPTER THREE Install Net Nanny View History of Hits Frequency of Hits Edit Dictionary Errors Clear History Action ShutDown Disable/Enable Remove Quit APPENDIX A Installation Installation from Backups Config.sys File Updating Previous Versions Using the Dictionary Effectively Effective Dictionary Choices What Words & Phrases to Monitor Dictionary Characters MS-DOS Prompt Text Editor Re Booting the Computer Problems and Errors APPENDIX B Viruses What are Computer Viruses? Boot Sector Viruses Program Infector Controlling Viruses Establishing a Virus Free Computer Develop Screening Procedures Backing Up Computer Introduction Net Nanny was developed in response to concerns expressed by parents, educators, law enforcement authorities and commercial On-Line service providers. The concern is caused by recent publicity surrounding the use of pornographic material and the sexual exploitation of children and young teenagers using computer On-Line services (modem). Net Nanny allows you to MONITOR and take ACTION on DOS based computer activity. Net Nanny allows you to set standards for "acceptable" behavior on the computer. After the program is installed, Net Nanny is automatically activated whenever the computer is turned on. While the Net Nanny program is running, the activity on the computer screen is monitored and scanned for the words and phrases you have defined as "unacceptable". These words and phrases must be entered into the Net Nanny dictionary during or after installation of Net Nanny. Novice Computer Users This User Guide is designed for the inexperienced computer user and we suggest that you follow the instructions carefully. For the experienced user this User Guide may contain more information than is necessary. Net Nanny is easy to install and use and many users have successfully installed and used the software without reference to this Guide. Chapter One Software Installation Steps 1 - 9 STEP 1. Install from Drive A: Place the floppy disk labeled "Net Nanny" in floppy drive A and type... A:INSTALL and press the ENTER key. Install From Drive B: To install Net Nanny from floppy drive B:, put the Net Nanny floppy disk in drive B: and type ... B:INSTALL and press the ENTER key. STEP 2 To make Net Nanny fully active and operational you must complete the three tasks outlined below: 1. Install Net Nanny software. 2. Add words to the dictionary. 3. Re Boot (re start) the computer. Choose the CONTINUE option to start the software installation. A successful installation will copy the Net Nanny program files onto your hard drive. STEP 3 Since the purpose of Net Nanny is to monitor the use of certain words and phrases appearing on the computer screen, these words and phrases MUST be added to the Net Nanny DICTIONARY. Without words or phrases in the dictionary Net Nanny will not be operational. STEP 4 Press the ENTER key to continue and the Main Net Nanny screen will appear with the Edit Dictionary ... menu item highlighted. The Status Box shows that Net Nanny is not yet active and the number of hits is zero. Net Nanny will become active after you add words and phrases to the dictionary and reboot (re-start) the computer. Follow the steps below for full instructions. The Main Net Nanny Menu screen has two other boxes in addition to the Menu box. The Net Nanny Program box shows the name of the program and the software version. The other box shows the Installation status of Net Nanny. STEP 5 With the Edit Dictionary ... menu item highlighted, press the key to activate the box for entering words and phrases into the dictionary. STEP 6 To see how Net Nanny works, add a few test words and phrases to the dictionary box. At this point, don't worry if you are not sure which words and phrases are the right ones. Just make sure NOT to use common words or any punctuation which would normally appear on your computer screen. It is important NOT to use words or phrases which may appear on your computer screen during normal use.. After testing these words, delete the words and phrases and add to the dictionary the actual words and phrases you want to monitor. Please refer to Chapter Two, Using the Dictionary, for detailed information on selecting, adding and editing words and phrases in the dictionary. STEP 7 Save the words and phrases by pressing the ESC key. This will activate the Save and Exit box. Press the ENTER key to save your entries and return to the main Net Nanny screen. STEP 8 The installation is now complete and all the Net Nanny files have been copied onto your hard drive, with the exception of the main NN.EXE program. The NN.EXE program is left on the floppy disk to avoid the unauthorized use of this program from your computer. You may run the NN.EXE program from the floppy drive to add or edit words and phrases in the dictionary or to change other program options. Please refer to Chapter Two for detailed information on the continuing operation of Net Nanny. STEP 9 You have now completed two of the three tasks required to make Net Nanny operational. From the main menu screen press the DOWN arrow key to highlight the Quit ... menu item and then press the ENTER key. If words or phrases were added to the dictionary a screen will appear with "Reboot Now...." highlighted. Remove the disk from the floppy drive and press the ENTER key to reboot the computer. You may also choose to exit Net Nanny at this point and add words and phrases to the dictionary at a later date, following Step 4 to 9 above . In this case, Net Nanny will not be able to detect or record any computer screen activity. VIRUS WARNING Viruses are often found on computers using games, On-Line services and Bulletin Boards (BBS). It is very important that you avoid operating or installing Net Nanny or any other software on a computer which is infected with a computer virus. If the computer is infected with a virus, your software program's operation may be compromised and may cause damage to program or data files. We suggest you use a Virus scan program to detect and remove any viruses before installing or using any software. Please refer to Appendix B, for more information on Viruses. CHAPTER TWO Operation & Administration Introduction The computer will run normally, after you have finished; 1) installing the software 2) adding words to the dictionary 3) rebooting Net Nanny is now active and operational. However, you won't notice any difference in the way the computer operates. In the background, Net Nanny is monitoring all the activity on the computer screen. If a word or phrase on the screen matches a word or phrase in the dictionary Net Nanny will record this information. This Chapter contains examples which will help you do a few quick tests and then try some practical examples of how to use Net Nanny . IS NET NANNY WORKING ? As a quick check, at the DOS Prompt, type a word that you added to the dictionary during installation. You can type the test word while you are at DOS Prompt or in a DOS program. After typing a word (which you previously entered in the dictionary), run the NN.EXE program from the floppy (insert disk in floppy drive and type A:NN) and select the menu item "View History of Hits..." . If the word you typed was detected and recorded it will appear in the History of Hits box. You can also select the menu item "Frequency of Hits...", to see how many times the word was detected. NOTE Net Nanny does not (in this version) monitor the screen while Microsoft Windows is running. While you are in Windows, if you temporarily exit to DOS, using the MS-DOS Prompt Icon, Net Nanny will be operational. However, any Net Nanny Action occurring while at the Windows DOS Prompt may interfere with your ability to return to Windows. For example, if the computer has a Net Nanny ShutDown while you are at the DOS Prompt, in Windows, you may be able to use the CTRL+ALT+DEL keys to exit back (wait, as there may be a delay returning) to Windows. If you do not return to Windows, you may need to re boot your computer. If you do return to Windows you should save what you are doing and exit from Windows. NOTE If you are not sure what a DOS Prompt is, refer to Appendix A, MS-DOS Prompt USING NET NANNY A few practical examples are the best way to explain how to use the Net Nanny software in the most effective way. The examples below describe a few typical ways to set up your system to monitor screen activity. Example: (Simple Test) Run the Net Nanny program (NN.EXE) from your floppy drive by inserting the disk in a floppy drive and typing "NN" at the A: or B: prompt. Select the Edit Dictionary menu option. Next, add a few words and phrases to the dictionary. For this example, use the words and phrases below. Words are automatically changed to upper case. 7 UP COKE COLA LEMONADE MOUNTAIN DEW ORANGE CRUSH PEPSI THIS IS A SAMPLE PHRASE There are four example words and four phrases listed above. Any combination letters, characters or numbers, on the same line, separated by a space, is considered a phrase. For example, @ B and 1 2, are both phrases. 1. After entering the words and phrases press the ESC key to save the entries. 2. Select Quit ... from the menu by using the down arrow key to highlight "Quit ..." or by pressing the Q key. With the "Quit ... menu item" selected press the ENTER key. Because you made changes to the dictionary, you will be asked to re boot the computer to make the changes active. 3. Press the ENTER key to re boot the computer or choose "Exit without re boot". The next time the computer is restarted, Net Nanny will be active with target words or phrases in the dictionary to detect. NET NANNY TEXT EDITOR When using the Net Nanny program (NN.EXE) there are a number of places that require you to enter or change information. The dictionary entry box is a good example. When you are entering data or information in an entry box you are using the Net Nanny text editor. The text editor keyboard commands are found in Appendix A, Text Editor. IS NET NANNY ACTIVE ? After re booting or re starting the computer, Net Nanny will be active and monitoring DOS screen activity. If you run the Net Nanny program you will see the Active status in the Installation Status box. TESTING 123 ... The quickest way to do a test is type one of the words in the dictionary, while at the DOS Prompt right after the computer is re booted. Example 1. Computers are often at the DOS Prompt immediately after starting up. The cursor will be blinking and C:\> will be on the screen. To test Net Nanny type in a word previously entered in the dictionary and press enter before re booting. Run the NN.EXE program from the floppy and select "View History of Hits..." and "Frequency of Hits ...." to see if Net Nanny recorded the word you typed at the DOS Prompt. If you find the word in both places, Net Nanny is working! Example 2: (Test using a Word Processor) In the example above we suggested that you test Net Nanny by typing in test words at the DOS Prompt. In practice, you will want to monitor words and phrases used in communications programs accessing On-Line bulletin boards or the Internet 1. Start a DOS word processor and type a couple of paragraphs which contain some or all of the words and phrases in your dictionary. 2. Exit the word processor program. 3. Run the Net Nanny Program (NN.EXE) from the floppy. You may copy the NN.EXE program to your hard drive C:\, for speed and convenience while testing. 4. Select and view the History and Frequency of Hits to see if Net Nanny recorded the words and phrases used in the word processor. Example 3: (Monitor Computer Startups) 1. Re boot the computer. 2. Run the Net Nanny program and select "View History of Hits ..." 3. The first item will be .... Computer Startup .... 4. The Date and time of the last time the computer was started is also shown. CHAPTER THREE Introduction This Chapter is a review of all the items appearing on the main Net Nanny menu and instructions on how to use each one. The menu items are: Install Net Nanny . . . View History of Hits . . . Frequency of Hits . . . Edit Dictionary . . . Clear History . . . Action . . . Disable/Enable . . . Remove . . . Quit . . . INSTALL NET NANNY Selecting this item performs the same function as running the Install program (INSTALL.EXE). Instead of running the Install program, you can also install Net Nanny by running the main Net Nanny program (NN.EXE) from the floppy drive and then selecting "Install Net Nanny ..." from the menu item list shown above. VIEW HISTORY OF HITS This menu item will display a record of the last 399 hits or detected matches to your dictionary list. The display shows the last occurrence first. Any hit above 399 falls off the end of the display. Use the Up & Down arrow keys to move through this screen or the Page Up and Page Down keys to move quickly through the screen pages. See the Text Editor in Appendix A, for more information on moving in a text display box. FREQUENCY OF HITS This display box shows the number of times each word or phrase was detected, in alphabetical order. The history is current from the last time Clear History was used. EDIT DICTIONARY Enter or change words and phrases you want to monitor. A word could be a phone number (e.g. 945-4233). A phrase could be your home address (e.g. 3 - 120 Glacier Street). Avoid using words and phrases which would appear on the screen during normal use of the computer and during starts up. Avoid using words that are part of or appear in any program you normally use. It's a good idea to run a quick test by starting your computer and running some common programs to make sure that entries in the dictionary are NOT being detected during normal use. You don't want "Hits" from the normal operation of the computer. This is particularly true if you have turned the Action option ON. Remember (and Net Nanny will remind you) to re boot the computer if you make any change to the dictionary. The changes are not active until you re boot. The correct use of the Net Nanny Dictionary is vital to successful monitoring of screen activity and to obtain the maximum useful information with a minimum of false or extraneous "Hits". Please refer to Appendix A, Using the Dictionary Effectively, for information on selecting the right words and phrases. ERRORS You may be detecting words and phrases in error and may want to revise the dictionary before turning the Net Nanny Action options ON. For example, if your test monitoring shows a number of matches occurring during the normal operation of the computer, remove or edit those words and phrases in the dictionary. Since every computer is unique and is used in different ways, the correct setup of the dictionary may be a trial and error process. CLEAR HISTORY This will delete all the hits recorded in the History of Hits and Frequency of Hits display boxes. ACTION This menu item will allow you to take action if Net Nanny reaches the limit set by you, for words and phrases detected. You should not set the limit too low, until you have done enough monitor testing. You may be detecting words and phrases in error and may want to revise the limit or edit the dictionary before turning the Action options on. SHUTDOWN There are three options for the ShutDown action; 1. Number of Hits to Trigger ShutDown Enter a number between 1 and 99. Caution Avoid using a number lower than 10 to start. For example, if you use 1, and Net Nanny detects a word during boot up the computer will start and immediately SHUTDOWN. 2. ShutDown Option The keyboard will "LOCK" when Net Nanny detects that the number of hits has reached the "Number of Hits to Trigger ShutDown" when this option is ON. Use the arrow keys and the space bar to toggle the option ON or OFF. If the ShutDown option is triggered the computer will be unusable and must be turned OFF and then back ON to get the computer working again. 3. Show Screen Message with ShutDown If you turn the above ShutDown Option to ON to lock the keyboard, the computer screen will also go blank. A box with the message " Net Nanny ShutDown" will appear. Select this option and use the arrow keys and the space bar to toggle the option ON or OFF. If the ShutDown option is triggered the computer will be unusable and must be turned OFF and then back ON to get the computer working again. When Net Nanny is in the ShutDown mode all computer activity is "frozen" and you must re start (re boot) the computer to get it running normally again. You cannot re boot using the CTRL+ALT+DEL keys. See Appendix A, Re Booting the Computer for more information on how to re boot a computer. DISABLE/ENABLE Net Nanny defaults to ON. To turn it OFF (disable), use the arrows and the space bar k to toggle the indicator to OFF. When Net Nanny is disabled like this, it will not monitor or ShutDown the computer during the current session. However, if you re-boot the computer, Net Nanny will be reset to ON automatically even if you set the Action to OFF. The Disable & Enable options are valid for the current session only. REMOVE This will remove all traces of Net Nanny. The hidden NN directory and its files are deleted and the line "DEVICE=C:\NN\NNDRV.SYS" is removed from the computer's config.sys file. You can re boot the computer after removing Net Nanny to get rid of the Net Nanny TSR (Terminate Stay Resident) which is still in memory. QUIT Exit the Net Nanny main administration program. APPENDIX A Installation The installation of Net Nanny does the following: 1. Creates a directory on your hard drive C: named NN. Hides the C:\NN directory. 2. Copies the following files into the C:\NN directory and hides them. NNDRV.SYS NN.WPF NN.LOG 3. Inserts the following line in your config.sys file. Device=c:\nn\nndrv.sys INSTALLATION FROM BACKUPS It is possible to install Net Nanny by using the restore function of standard backup programs. For example, if the Net Nanny files were backed up from a previous installation, you may use normal backup/restore methods to re-install Net Nanny on the same or different computers. CONFIG.SYS FILE This is a file which contains lines of text. These text lines give the computer operating system instructions when the computer is started (or re booted). Net Nanny inserts the text line "Device=c:\nn\nndrv.sys" into your config.sys file during installation. This line gives the computer operating system instructions to load the program (device driver) "NNDRV.SYS". This line is removed from your config.sys when you choose the Remove item on the Net Nanny menu. UPDATING PREVIOUS VERSIONS If you have an older version of Net Nanny already installed on your computer, and you have received a more recent release of the Net Nanny software, updating is simply a matter of installing the new release on top of your existing installation. This can be done by placing the updated version of Net Nanny into drive A: and typing: A:INSTALL NOTE You may also update Net Nanny from floppy drive B: by putting the Net Nanny floppy disk in drive B: and typing B:INSTALL USING THE DICTIONARY EFFECTIVELY Careful choice of the words and phrases used in the dictionary is important for two reasons. First you want to make sure you detect what you are trying to monitor and second, you don't want to detect something by mistake and take action when it isn't necessary or could cause an unwanted ShutDown. Always start testing and using the software with the Action option set to OFF (default) to avoid a unwanted ShutDown and to allow time to gather information about what words and phrases are being used over a period of time. (see ShutDown, Effective Dictionary Choices In Chapter Three, we suggested that you may want to detect the use of your phone number and home address. Assuming your phone number is; (604) 945-4233 and your address is; 3 - 120 Glacier Street, The following are variations of what you should enter in your dictionary; Phone Number 945-4233 9454233 945 4233 604945-4233 6049454233 604)945-4233 (604) 9454233 Address 3 - 120 Glacier 3 120 Glacier 3-120 Glacier 120 Glacier WHAT WORDS & PHRASES TO MONITOR Many parents worry about their children having access to sexually explicit material. They are very concerned about the real danger of sexual exploitation. Children who have access to computer Bulletin Board Systems, On-Line systems and the Internet, may have unrestricted access to pornographic material, images, sounds and other information which a parent may consider totally unacceptable. They may also "meet" strangers On-Line. To monitor this "unacceptable" activity, a parent should select words and phrases to target specific problem areas. For example, if you do not want your home phone number and address given out On-Line, use the example above. You can also add body parts and four letter words to the dictionary. As in the example above, you will need to experiment to find the right words or combination of words and phrases. If possible you should use the computer in a trial to test the way you might expect your children to use it. We suggest that you become more familiar with and watch what BBSs and other activities the children use. DICTIONARY CHARACTERS You may use virtually any character you are capable of generating with the standard computer keyboard and the ASCII characters. MS-DOS Prompt This is when the computer is not running a program and it indicates that it is ready to take instructions by flashing a cursor. If you are in the root directory (the beginning of the hard drive) of the hard drive you should see C:\>. Using Windows: If you choose to exit to the DOS-Prompt from inside Windows by selecting the MS DOS Prompt icon (as shown below) while Net Nanny is active , remember, Net Nanny does not monitor the screen while Microsoft Windows is running. Any Net Nanny Action occurring while at the Windows DOS Prompt may interfere with your ability to return to Windows. For example, if the computer has a Net Nanny ShutDown while you are at the DOS Prompt, in Windows, you may be able to use the CTRL+ALT+DEL keys to exit back to Windows (wait for the delay) or you may need to re boot your computer. If you return to Windows, immediately save what you are doing and exit from Windows and re boot the computer. Text Editor When using the Net Nanny program (NN.EXE) there are a number of places that may require you to add or edit information. The dictionary entry box is a good example. When you are entering data or information in an entry box you are using the Net Nanny text editor. The text editor keyboard commands are as follows: KEYBOARD RESULT --------------------------------------------------------- ENTER ends the current line and moves down one line CTRL+Y deletes the entire line Page Down moves down one full page Page Up moves up one full page INS toggles inserting or over write text (turn On or OFF) END moves cursor to end of a line HOME moves cursor to beginning of a line Arrow Keys move cursor up/down or sideways RE BOOTING THE COMPUTER Re boot means to turn off the computer and then start the computer up again. DO NOT re boot or re start a computer from inside a program. Exit to the DOS Prompt first. There are three basic ways to re boot a computer. Hold down three keys simultaneously and then release the keys. The keys to hold down are CTRL+ALT+DEL. This method of re- booting the computer will not work when Net Nanny is in the ShutDown mode (except when ShutDown has occurred while at the DOS Prompt in Windows). Most computers have a RESET button located on the front of the computer. Pressing the RESET button will cause the computer to stop and re start. Turn the power ON/OFF switch to OFF and then back to ON. PROBLEMS AND ERRORS If you have problems getting Net Nanny to work or if you have computer errors using Net Nanny, please call our technical support department at; (604) 662-8522. APPENDIX B Viruses WHAT ARE COMPUTER VIRUSES? A computer virus is a software program that has been designed to do two basic things: to create some undesirable symptoms in your computer and to replicate itself. The symptoms that can be manifested by a virus are many and are only limited by the imaginations of their creators. Typically virus symptoms are designed to lay dormant for some period of time in order to avoid detection. Since no person would knowingly run programs in their computers that would cause problems, a virus program is usually disguised or hidden within other software that is run on the computer. In that way, the virus software will be executed without knowledge when normal software is run. Viruses are propagated by a variety of methods, but in general when it comes to the PC, there are two fundamental methods by which a virus can enter your computer. These two methods allow us to classify a virus as either being a "boot sector virus" or a "program infector virus". Boot Sector Viruses The BOOT SECTOR virus makes use of the fact that the first sector on either a floppy disk in drive A: or the physical hard disk, has a special purpose. When the PC is turned on or booted by pressing the CTRL ALT DEL keys, the content of the first disk sector is loaded into memory and execution control is passed onto the computer code contained in that sector. Normally, the computer program code, contained in sector one, is the "boot code". The "boot code" starts loading the DOS operating system into the computer. It is a relatively easy process for the unscrupulous computer programmer to replace the normal boot code on a floppy disk with a virus program that appears as if it is a legitimate boot sector. When a PC is booted with such a floppy disk, the virus code would be run before the normal boot process takes place and the operator would be unaware that the virus has been run. The virus code is usually designed to load itself into protected area of memory and then continue the normal boot process as if nothing unusual had happened. Since replication is its primary mission, the most likely first replication would be to copy itself to the first sector on the hard disk. Then from that time on, the virus code would be run each time the computer is booted from the hard disk. A BOOT SECTOR virus typically sets itself up so that it remains active in memory (TSR) even after the computer is fully booted. In this way, it can copy itself onto every floppy disk that is made available to the computer. These infected disks will then go on to infect other computers. A BOOT SECTOR virus infection can spread at a surprising rate. Important It should be emphasized that boot sector viruses are introduced into a computer, in 99.9% of the occurrences, by booting on a floppy disk that is infected. The floppy disk does not have to be a bootable MS-DOS system disk, and in fact it is mainly the non-system data disk which is the main culprit in the spread of boot sector viruses. A typical example happens when a floppy data disk gets accidentally left in the computer's floppy drive when it is turned off. Then, if the computer is later turned on with the floppy disk still in drive A:, the computer will attempt to boot on that floppy diskette and the virus code will be executed. After the virus code is executed, you may see a message on the screen similar to the following: "Non-System disk or disk error" "Replace and press a key to continue" Once this message appears, it is usually too late to avoid infection. The virus at this point has probably already copied itself onto your hard drive. Since the Virus replaces the normal "boot-code", each time your computer is started the first program code to run will be the Virus code. The Virus program will therefore become activated every time you boot your computer. If you scan for Viruses after the computer is booted, the Virus will already have control over the computer. The scan program can therefore be "defeated" by a scan program run after boot-up. Always boot from a Virus free, trusted DOS floppy on A: drive before attempting to scan the hard drive. Program Infector The program infector virus, is a virus program that attaches itself to existing innocent programs. The attachment usually takes place at object code level, at the easy to find entry points such as the beginnings or endings of loadable code modules. In this way, whenever an infected program is executed, control will pass to the viral code either at the beginning or the end of the normal operation. The viral code can then do whatever its creators have programmed. The first action is usually to set itself up in memory so that the virus will be active after the program has completed its operation. The second action is usually to attach itself to yet another innocent program that may be available on the disk. Controlling Viruses In order to build up some defenses against virus attack you should consider the following points: 1) start with a virus fee computer 2) install virus control software 3) develop screening procedures to test floppy disks before they are used in your computer. 4) develop procedures to make uncontaminated backups of your hard disk. Establishing a Virus Free Computer Initially you must determine whether your computer's hard disk is virus free. This usually involves the use of some form of virus scanning program. When using a virus scan program to check a floppy disk or hard disk, it is absolutely essential that no viruses are active in the computer at the time of the scan. The proper procedure for scanning your hard disk would be: 1) first obtain a bootable system disk that you are 100% certain is free of any virus. This disk should have the same DOS version that is present on the hard disk. 2) turn the computer off to make sure all memory is cleared 3) turn the power back on with the virus free system disk in floppy drive A: 4) allow the computer to boot on the floppy disk 5) then at the DOS prompt run the scan program from the floppy drive to check hard drives C:, D: etc. 6) if all the drives on the hard disk test negative to any viruses, then we have some degree of assurance that we are starting with clean system. It should be noted that not all viruses will be detected with every scan program. Sometimes it can be useful to do comparisons to known good programs on original floppy disks. 7) it should be noted that the best way to avoid the transfer of a virus to the original floppy disks is to make sure that the write protect tabs are in place. It is not possible to write to a floppy disk in a "normal" PC, if the diskette is write protected. Develop Screening Procedures It is recommended that all floppy disks be scanned for viruses before they are used on your computer. This is especially true if you are planning to transfer any software programs from the floppy disk to your hard disk. Backing Up Computer It is advisable to separate data files from program files in any backup system. Since program files do not tend to change once they are installed on your computer and since they are the files most susceptible to virus attack, it is best to only back them up once at the time of installation. This reduces the probability of virus infected programs ending up in your backups. Data files on the other hand, tend to change frequently and are much less susceptible to virus attack, therefore backing up data files on a regular basis should not present any problems from a virus point of view.