Search this site Go to FAQ Go to main page Go to What's New Contact the author

Avoiding Viruses

Viruses are one of the most talked-about topics among practically all Internet users, and they crop up in uk.rec.birdwatching as well.

Here are some simple hints on avoiding them. (This pretty much assumes you are using a Microsoft operating system by the way - there are few viruses which affect Apples and probably none for any other operating system.)

Virus checker

The most frequently given recommendation is to get a virus checker and update it regularly. While good advice, it is not sufficient. For every virus there is a delay between it starting propagating and a detector being added to the various anti-virus programs. Nowadays the delay is usually very short - a day or so - but you can still get the virus in the meantime. And to get maximum protection you have to download the latest files practically every day, which is quite a chore.

Attachments

The most important thing is to be very wary about opening attachments in e-mails. Beware in particular unexpected messages from senders you do not know, with no text or a very general text ("here is the file you asked for"; "here are the meeting minutes") and an attachment. Just delete them.

BUT even if the file is, or appears to be, from someone you know, it may well contain a virus. Numerous viruses propagate themselves by sending e-mail to addresses they find in the Microsoft address book or in message folders. Some also insert a random address from the address book in the 'from' field as well, so that the message appears to come from someone else. Beware any attachments which are not accompanied by a text saying fairly explicitly what the file is and why it is being sent. If you are uncertain whether the message is genuine, send a reply back to the sender asking him or her to confirm what the contents are.

A useful warning sign incidentally is an attachment with a double extension, like 'report.doc.exe' for example. Some viruses produce them - just delete it!

Of course if you are unlucky the person may have quite deliberately and innocently sent you a file, which happened to contain a virus because his machine had been infected and he hadn't yet noticed. That is where the virus-checker comes in.

Incidentally, with a ".doc" document (from Microsoft Word) you can safely examine the contents in Notepad or any word-processor which does not support macros. There will be a lot of unreadable junk, but you can usually find the relevant bits of text.

As for newsgroups, in text newsgroups like uk.r.b the rule is simple - attachments have no place there. Just delete any you come across.

Microsoft software

The next important step is to ditch Microsoft Outlook or Outlook Express. Viruses are extremely frequently written to target these programs. This is partly because they are the most commonly used e-mail programs, but also because of the design blunders they contain. (This is not the same as programming errors, which can also crop up in other readers.)

Use of these programs makes you more susceptible to suffering some types of virus. More importantly, it makes it much easier for viruses to propagate themselves from your machine to your friends and acquaintances. So as a favour to them: empty the address book, empty the message folders, and switch to another program. Alternatives are mentioned in my page on Usenet.

Virus Warnings

Almost everyone must have seen them - the messages which get e-mailed around, or posted in newsgroups, warning of a new and dangerous virus, and invariably ending with the plea to pass the message on to as many people as possible.

You do pass on such messages? If so, I've news for you. The messages themselves are a form of virus, and you are transmitting it. No, they don't wipe your disk, but they do waste people's time. Many of them are hoaxes anyway - the virus referred to does not exist - and the genuine ones are unnecessary if you follow the precautions above.

A recent variety of these is a message which tells you that you have been infected if a particular file is present in a particular directory, and advises you to delete the file. If you do so you have been particularly stupid, because the file referred to is part of your operating system. Never do any such thing unless the information comes from a reliable source, such as the sites of the anti-virus companies, some of which are listed below.

Other points

One of my colleagues was once alerted to the fact that a given file contained a virus. He went to delete it in Windows Explorer - but accidentally double-clicked it instead of single-clicking, and infected his computer anyway. Since then, if I want to delete a dubious file, I navigate to it using the tab and arrow keys, not the mouse. If you're as paranoid as I am, you might like to do the same. ;-)

Further information, both on real viruses and hoaxes, can be obtained from the sites of the various anti-virus manufacturers:
Symantec
McAfee
F-Secure