23 and 25 October 2002
Many computer viruses are spreading. In October 2002, there was an outbreak of
BugBear, in 2004
Mydoom and Netsky travelled the world, and there are many more.
are useful, it is quite possible to remain virus-free, just with a bit of common sense and some knowledge. Apparently many people don't have such knowledge, otherwise viruses could not spread as easy as they do.
This is my attempt to change that.
Tips for working on a Windows computer, virus-free:
If you strictly adhere to these rules, you run hardly any risk of getting infected.
That makes an anti-virus program almost overkill, although it is never wrong to have a few around.
Click on the links in the tips above for more explanation.
Most viruses (worms, really) spread by sending attachments. Such an attachment is a program, which installs the virus, and infects the computer as soon as it is executed (run). If it isn't run, the computer won't be infected. This means it is not dangerous to receive a virus, nor to save it, look at it, move it, etc., the only thing that is dangerous is to run it.
You can run a program file attachment by (double)-clicking it in an unsafe email program. You can also run a program file by typing its name in a command line and pressing Enter.
The file name extension consists of the last letters of the name, usually three of them, which are after the last dot. These letters indicate the file type, for example doc for a Word document, xls for an Excel spreadsheet, exe for an executable program, scr for a script or screensaver, bat for a batch file, pif for a program information file.
Windows' default setting is not
to display file name extensions! This is done to make computers easier to use for unexperienced users, but in fact it is outright dangerous, and a serious flaw in Microsoft's design.
It stimulates the spread of worms. It is of the utmost importance to change this setting on every Windows-system right away.
This can be done in the Folder Options, located in Windows Explorer, in a different location in each Windows version. In Windows Millennium Edition the Folder Options are in menu Tools. Select tab "View", and make sure that "Hide file extensions for known file types" is not checked.
Don't work with blinkers on! Know what you are doing!
Note: In other Windows versions the Folder Options may be located elsewhere, e.g. under menu "View" or "File".
It is dangerous not to have extensions displayed, because virus writers reckon with that so they can fool their victims. For example, an infected attachment may be called story.doc.pif, but it seems to have the name "story.doc". The user, who may have seen that Word documents can have names ending in ".doc" (with a neighbour? at work?) thinks "Hey, that's a Word file", and opens it by double-clicking it. But it really is a pif-file (a certain kind of executable control file), and the computer is infected. From then on the virus / worm can do its devastating work, and can infect others too.
Potentially dangerous extensions are exe, com, bat, pif, scr, vb, vbs, cmd.
Een attachment dat eigenlijk een worm is wordt pas gevaarlijk als het uitgevoerd wordt. Bij sommige versies van o.a. Outlook gebeurde dat al als het bericht in de Preview Pane verscheen. Latere versies van Outlook (deel van Office) en Outlook Express zijn waarschijnlijk wel veilig, maar het blijft belangrijk de juiste patches toe te passen, zodat eventuele veiligheidsgaten op tijd gedicht worden.
An attachment that is really a worm only becomes dangerous if it is run (executed). Some versions of Outlook (among others) did that already simply by viewing the message in the Preview Pane. Later versions of Outlook (part of Office) and Outlook Express are probably safe, but it is still important to apply the right patches, so any security holes are fixed in time.
Most email programma let you "open" an attachment by (double)-clicking it. This "opening" means the operating system (Windows) looks up the program that corresponds to the file name extension. Windows then starts that program, and makes it open the attachment as its document. An appendix that has a name ending in ".xls" is started in Excel, in case of a ".doc" it is Word, etc.
Attachments that are program files are directly executed (run) themselves! If that attachment is a virus (worm), that infects your computer. Safe email programs won't allow that, or at least warn you; unsafe programs sometimes even do it without needing the double-click.
To avoid this risk it is better to open an attachment from someone you know, when you previously agreed it was going to be sent, not from the email program, but in the program that belongs to the file type. So if you receive a file called something.xls, don't double-click it, but save the attachment to a directory on the disk (Eudora does that automatically, in other programs you first press the right mouse button), start Excel yourself, and open the spreadsheet from Excel. If by any chance the file was not called something.xls, but rather something.xls.scr or something.xls.exe of anything, and the Windows setting is wrong so you do not notice that, nothing harmful happens. Excel will simply tell you it cannot open the file, because it doesn't contain a valid speadsheet.
Sometimes a macro is embedded in a Word document. Macros are a kind of programs, and they could install a virus. Macros can be set to execute automatically, as soon as the containing document is opened in Word.
To avoid this, you must always enable Word's protection against macro viruses, which is present in all Word versions higher than 6. Look for the correct protection option under menu Tools, Options.