There has been a considerable amount of discussion recently about the rash of e-mail viruses that have been flying around the Internet. While everyone agrees that viruses that spread via e-mail (also known as computer worms) are a “Bad Thing,” the solution to this problem seems to have escaped many people. The solve for this one is really very simple: Self Control. This document contains simple instructions on how to stop e-mail viruses and computer worms cold.
- Beware ALL email attachments. An attachment is a part of an email that’s not the text. Attachments can be anything; a picture, a word processing document, a program, a video file, or anything that’s not just text. Depending on your email program the attachment can show up in different ways but it’s usually an icon somewhere on the email. In most email programs, look for a paperclip icon.
- Don’t depend on virus scanners to kill email viruses. Many of the viruses that get disseminated through email do so before the people who maintain the scanner programs can update the program to detect the virus. It’s a pretty good bet that you have not updated your virus definition file in a while either. Virus scanners offer very little protection against computer worms and email viruses.
- Look at the attachment name. The first part of the name is unimportant. It’s the LAST part after the last dot “.” that tells you what kind of file it is. This is called the file’s extension. Some people have their computers set to not show extensions for certain files. Windows users should make sure that this option is turned off. The easiest way is to double click on “My Computer” and look in the “View” menu for “Folder Options”. If it’s not there, look under the “Tools” menu. Once that is opened, look for the “View” tab – in there is a series of checkboxes. Make sure that “Hide File Extensions for Known File Types” is unchecked.
Here’s a basic rundown on file types and what danger level they pose to your system. Be careful of filenames that have more than one dot in it: GreatPic.jpg.vbs is a VBS file and is very dangerous.
“The Safe Ones” are files that the people who write viruses have not yet found a way to damage your system with. As I write this (July 2005) these files are safe to click on and open with no chance containing email viruses or computer worms, or of causing damage to your system.
“Caution” are ones that are not generally used to transmit a email virus. These SHOULD be safe but care should be taken if you are not expecting to receive this file. If in doubt don’t open it.
“No way, No How” This is the easy one, folks: Don’t open these. Delete the email and empty your “Deleted Email” folder. Even if you trust the person that sent it to you, don’t open them. If the Pope sends you an email with one of these, don’t open it. Even if the email says that this is the cutest/funniest/sexiest/weirdest/whateverest that ever was, don’t open it. If you open it you are exposing your system to extreme danger. THESE are the files that virus writers use to propagate email viruses through the Internet. If you ignore this warning and you open the file you only have yourself to blame. Don’t blame the nasty virus writer; don’t blame the person that sent you the computer worm, don’t blame Bill Gates (or Steve Jobs, take your pick) – blame yourself. YOU are the one that opened it and you are the one that made your (and possibly everyone else’s) system go bad. If everyone stopped opening these, email viruses would stop cold. The reason that the Swen virus and ‘its variants did all the damage that they have done is that people opened these kind of files. Read this, print it out, check the list and you’re well armed against email viruses.
By the way, it doesn’t matter who sent you this file – treat everything with caution. Some of the more recent viruses have been transmitted without the person that sent it ever knowing. The virus looked at the address book of the infected person and automatically sent itself to everyone on the list. The person who got infected with the virus never even knew it was doing it. Because of this, you cannot trust a file because you know who it came from. Some even more recent viruses will disguise who they come from so you can’t tell the person that sent you the virus that they have a virus. If you aren’t expecting it or you don’t know what the content of the attachment is before opening it, don’t open it.
If an extension is NOT on the list – treat it as unsafe. I’ve tried to be as complete as possible with the common files that get transmitted but I have not covered everything. Be safe and don’t open anything that you don’t know.
Recently, programs like Outlook Express and Outlook have gone a long way to make it difficult to open the “No Way, No How” ones. However, that doesn’t mean that everything else is safe by default. The rules below still apply.
THE SAFE ONES | ||
Extension | File Type | Notes |
.ai | Picture File | (Adobe Illustrator) |
.art | Picture File | |
.avi | Video File | (Audio Video Interleave) |
.bmp | Picture File | (Windows Bitmap) |
.cgm | Picture File | |
.dxf | Autocad Drawing File | (Generic) |
.dwg | Autocad Drawing File | |
.eps | Picture File | (Encapsulated PostScript) |
.eml | (another email message as an attachment – careful as there may be a virus in the subsequent email) | |
.gif | Picture File | (Graphics Interchange Format. Pronounced “JIF” – like the peanut butter. Think “Gin”) |
.jpe | Picture File | (JPEG) |
.jpg | Picture File | (sometimes .jpeg) |
.mid | MIDI Music File | |
.midi | MIDI Music File | |
.me | Text File | (Usually the end of a Read.Me file) |
.mov | Video File | (Apple Quicktime Movie) |
.mp2 | Sound File | (MPEG 2 Audio) |
.mp3 | Sound File | (MPEG 3 Audio) |
.mpg | Video File | (sometimes .mpeg) |
.pcx | Picture File | (PC Paintbrush) |
Adobe Acrobat file | (portable document format file) | |
.rar | Compressed file | * special case – see below |
.rle | Picture File | (Run Length Encoded) |
.rm | Sound/Video file | (RealAudio – sometimes .ram) |
.rtf | RichText Format | Formatted text document somewhat like a Word document |
.sea | Compressed file(s) | * special case – see below |
.sit | Compressed file(s) | * special case – see below |
.tif | Picture File | (sometimes .tiff) |
.ttf | Font File | |
.txt | Plaintext file | |
.uue | Compressed file(s) | * special case – see below |
.wav | Sound File | |
.wma | Sound file | (Windowsmedia Audio) |
.wri | Text File | (Windows Write) |
.zip | Compressed file(s) | * special case – see below |
CAUTION | ||
Extension | File Type | Notes |
.asp | Web Page File | (can sometimes carry harmful information) |
.doc | Microsoft Word Document | (not damaging in itself but can carry a macro [script] that can do damage |
.htm | Web Page File | (can sometimes carry harmful information) |
.html | Web Page File | (can sometimes carry harmful information) |
.lnk | Internal link to another file | (Could point to a damaging program) |
.url | Web Page Link | (Could point to a damaging web page [very rare]) |
.wk1 | Lotus 1-2-3 | (Could carry harmful macro – also .wk3 .wk4) |
.wks | Lotus 1-2-3 | (Could carry harmful macro) |
.xls | Microsoft Excel Spreadsheet | (See .doc) |
NO WAY, NO HOW (Really!!!) | ||
Extension | File Type | Notes |
.pif | Program | (Currently popular for the SirCam and many other viruses) |
.exe | Program File | (One of the most popular) |
.com | Program File | |
.vbs | Visual Basic Script | (Recently very popular – also .vb) |
.bat | Batch File | (Rare) |
.bin | Mac Program | |
.dot | Document Template | (Could set up a macro in Word that does damage) |
.reg | Registry File | (Could modify important system settings) |
.js | JavaScript | (Script could contain damaging items – also .jse) |
.scr | Screen Saver | (Could be a program in disguise) |
.xlm | Excel Macro | (Could contain damaging instructions) |
.wmz | Skin | (Windows media skin. Has been used for virus distribution) |
.hta | HTML Application | (Kind of a program that runs on a web page) |
.ocx | ActiveX Control | (Rare) |
.wsf | Script | (Also Rare) |
.wmf | Picture file | (Recent addition – first picture format to be able to carry a virus)Â |
*Information on ZIP files (and other compressed files). Zips are a brilliant invention. A zip file contains one or more files that have been compressed to save transmission time and space. ZIP files are completely safe to your system. HOWEVER, the files contained within the zip files may not be safe. The rules that go for email attachments can also be said about the files inside a zip file. Again, be very cautious.
I hope that information helps prevent you opening a file that can be dangerous to your system.
This warning applies to attachments to emails only. If you are poking around on your hard drive and you see files that have these extensions, leave them alone. They are meant to be there. Deleting files from your hard drive of the types that are in the “No Way, No How” section may cause your computer to stop working. Again, this is for EMAIL ATTACHMENTS ONLY…
If you suspect you may have an email virus or computer worm on your system and would like it removed, please contact the professionals at www.yourtechonline.com