Dave's Common Sense Virus Page Updated 9/10/01
This page is under construction.
Due to the fact that 90% of the virus warnings I come across fall into the category of either Hoaxes, or incomplete and misleading information I have composed this page to provide some common sense tips to greatly reduce the risk of infection. These principles with work with the “new virus” just discovered today as well as the one coming next month or next year. My primary focus will be viruses that propagate by e-mail since these are presently by far the most prolific viruses. Most of the principles are however applicable to other types of Virus as well.
Virus principle #1
Focus your attention on the file extension type not the message title.
Did you know that McAfee anti virus currently detects thousands of different e-mail viruses, most of which have a different subject line one from another, and as new viruses come out they have a different subject line, message text and attachment name. With just one recent VBS Virus, New Love, there were thousands of possible combinations of subject / body text/ attachment name. Contrast this with the number of dangerous file types: less than a dozen at present with rare additions.
I remember how with the discovery of the VBS Lover letter, the press and concerned citizens spread the warning “If you get an e-mail with the subject “ILOVEYOU” Look out it is a Virus. Within a very short time the polymorphing (many changes) VBS New Love virus made its rounds, it used a random subject and attachment name. Many were infected because the attachment name and subject were a surprise to them. The warning that should have been given is this; “There is a new type of virus going around, that is a VBS script file so watch out for e-mail with a .VBS extension”. People given this warning would not only avoid the VBS love letter virus but all other VBS script viruses to come.
Partial list of Dangerous file extensions:
Executable Files: .BAT .COM .EXE .PIF Very dangerous!
Script files: .VBS Very dangerous!
System and Library Files: .DLL .VXD .SYS .BIN .OBJ
Other: .SHS Very dangerous!
Files Containing Macros: .DOC .DOT .XLS .MDB .RTF Use caution
Misc. : .HTM .HTML Use caution
It should be noted that there is almost never any need to send someone a file type listed as very dangerous.
Some may find it easier to learn what files are usually safe then to learn all the dangerous type.
Some file types you might expect to legitimately receive:
Extension |
Description |
| .doc | Word document, * use some caution these can contain macro virus |
| .xls | Excel spreadsheet file, * use some caution these can contain macro virus |
| .ppt | Power point file, * use some caution these can contain macro virus |
| .gif | image file, benign (beware of unsolicited porn) |
| .jpg | image file, benign (beware of unsolicited porn) |
| .mpg | movie file benign |
| .avi | movie file benign |
| .wav | audio file benign |
| .mp3 | music file benign |
A good general rule is if the file type is not on the expected file type list, and you don't know what it is then
Virus principle #2
You can’t understand what you can’t see
Now we know what file extensions are dangerous and what are generally benign. This information is not useful however if you can not see your file extensions. To test if you can see all file extensions go to my page on shell scrap virus and download the sample files: shellscrap.htm if you can not see all the file types then follow the listed procedure to adjust your system settings.
Virus principle #3
Viruses come from you friends and co-workers.
I can not count the number of times people have told me "I opened the very dangerous e-mail attachment from my friend and infected my system, I assumed it was safe because is came from my friend"
You have it exactly backwards. 90% of the time viruses will come from you friends and co-workers. This is because they do not know they are sending it to you. The virus spreads itself by hijacking your e-mail program. It sends itself to those people in the address book. How many complete strangers do you have in your address book?! Please repeat aloud with me:
"It's not safe just because it came from my friend! Friends send viruses too!"
"It's not safe just because it came from my friend! Friends send viruses too!"
"It's not safe just because it came from my friend! Friends send viruses too!"
Virus principle #4
What's in a name?
Viruses are written in such a way as to impact a broad segment of the population. In order to do so the subject line and attachment filenames are generally quite vague, so as to "fit" a wide variety of situations. Some typical examples: this is funny! , here's a joke, please review, your requested file, readme.exe, joke.vbs etc. The titles are vague because the programmer does not know your specifics. If your name is Jane Doe and you work for ABC Company and you receive an e-mail that says, " Jane, attached please find the text file abcbenefits.txt. This contains a description of our benefits package. Mary" You can be reasonably sure the file actually was deliberately sent by Mary, since the virus is not smart enough to know your specifics. You should use this principal when you send e-mail attachments to your friends and co-workers. Include a good description, as well as what program the attachment was created with.
The correct way to warn someone about a virus
Want to learn more about viruses?
Try these sites: