If you will be downloading files from the Internet or opening attachments to email messages, it is extremely important that you be running a good up-to-date virus checking program on your computer.

• Virus-Protection Programs and updates (how I do updates)
• Being careful about downloading files
• Receiving electronic information from students

For ACC-owned computers, we currently have a site license for Norton AntiVirus. Instructions for downloading and installing this on ACC computers are available. (This link won't work outside ACC.) If you are not able to do it yourself, the computer technicians at your campus will do it for you. Last year, ACC's site license was for McAfee VirusScan. Many of us still have that and are entitled to updates on it.

The most important part, however, is to make sure that you update the virus definitions of your program regularly.

There is a difference between upgrading a program (getting a newer version) and updating the virus-definition files. When you buy a virus-protection program, you will be entitled to update the virus-definition files free for a certain length of time (a year or two) and maybe for a small fee after that. You must update these often -- preferably once a month -- to be protected.

YOU need to learn to update the virus definitions. I recommend that you do this directly from the company's website and do not rely on others to help you. You probably won't do it often enough if you wait for others to help. Norton makes new files available weekly. If you miss a few weeks, you don't have to go back and pick them up. I understand that the latest update includes the information from the previous ones. Here's how I do it.

When do you need to upgrade your program? There's no one answer to that. Certainly, if your company isn't offering regular virus-definition updates for your program, it's time to get a new one. Also, if you are currently using a virus protection program that doesn't claim to scan email, for example, and you're using email, then it's time to get a newer version. Since ACC always has a site license for some virus-checking program, you might as well upgrade whenever a new version is available.

For your home use, you can buy such programs for $50 or under. Three major ones are Norton AntiVirus, McAfee VirusScan, and FProt. Be sure that you buy a program you will update regularly.

ACC has some information about viruses available. (This link won't work outside ACC.) This includes information about the latest viruses and links to outside sources with additional information about viruses.

Return to the top of this document.

Viruses are programs that tell your computer to do something that you don't want it to do. In order for a virus to have any effect, the program must be executed. So the key to being careful is to understand exactly which files behave as program files and how to be sure you're only getting those from trustworthy sources.

The "extremes" are easy. Text files (extensions .rtf, .txt, .dat, etc.) are safe because there is nothing to execute in them when you open them with the usual programs. Program files (extensions .exe, .com) can easily be dangerous. You have to take someone's word about what is in them until you execute them and see what they do. And once you start running them, generally you can't stop until they finish, by which time any virus in them will have done its damage. The tricky part is in between text files and program files. The programs Word and Excel (and WordPerfect, I think) have "macro" capability. That means that we can write little programs in these files to tell the computer to do various things. And the files we accept from others can have such macros hidden in them. So, we should really consider these documents as "program files" rather than just as text files. And be careful with them.

In fact, many people think that Word .doc files are some of the most dangerous. I'm quite sure that's because they are so common and so many people open them without thinking -- that makes them really attractive as a vehicle for those who write viruses.

The best strategy involves sending (and accepting) files only in the simplest level that is needed.

• If you haven't created macros in your Word file (or if your recipient doesn't need them), then convert it to "Rich Text Format" (extension .rtf). That will preserve all of your formatting, but eliminate the macros. These are quite safe.
• From your Excel file, "copy and paste" the information into a Word document and then save it as .rtf.

My friend, who is a systems analyst, tells me that I should think of three categories of files. These lists of file extensions are not exhaustive, but include the most common ones.

1. Quite safe. (no executable portions)
   Email message with no attachments
   Written information: extensions .txt, .rtf, .pdf, htm, .html, .dat
   Audio information: extensions .wav, .aud, .midi
   Graphical information: extensions .jpg, .gif, .pic, .bmp
   Video information: .mov, .mpeg, .avi
2. Potentially dangerous (supports macros)
   Written information: extensions .doc, .wpd
   Spreadsheets, databases, etc: .xls, .mdb, and others
   Screensavers: .scr
3. Most dangerous (program files)
   programs: extensions .exe, .com, .bat
   scripting: .extensions js, .vbs

A special category is "zipped" files. (extension .zip) This is just a form of file compression and it's not until you "unzip" the zipped file that you'll know what is in it. The separate files that result when you unzip it will have various extension names and you should treat them as described above.

A couple of comments about email are also relevant.

1. You can't be sure that the email you receive is really from whom it indicates. And it could have been corrupted along the way, like having an extra attachment added. So, if everyone were really being careful, they would not attach files to email messages at all, but post them on a web page and send an email message telling people where they can go find them and download them. Jane Doe had to give her password to get access to her Web page to post the files, but neither she nor anyone else had to give a password to send an email message with her name and address as the sender.
2. The integrated software programs, like Microsoft Office, make it easier for people to write viruses that use several parts of the same suite of programs. Since I use Microsoft Word and Excel, I do not install the Microsoft email program, Outlook. I'm told that it would be harder to write a virus that would use a macro in a Word document to do something to the Netscape email program, for instance, than for it to do something to Microsoft Outlook.

For additional hints about ways to deal with Word and Excel files, if you must, look at Virus Protection 2.

Return to the top of this document.

I don't think it's a good idea to assume that all students who send me something are "trustworthy" sources. I'm very willing to grant their good intentions, but students must use computers in various places, which may or may not have good up-to-date virus-checking software installed. My advice is to insist that students send information in the simplest form that I can use. For instance, in the on-line continuing education courses that I take, the instructors usually insist that the information be submitted in the text of an email message, with no attachments. I'd be willing to accept that from any student of course. I'd also be willing to accept an "rtf" file if a student were submitting a paper to me. I'm quite sure they're safe. If someone sends me "doc" files, I will be quite careful with them, such as opening them in WordPad rather than Word. There would have to be an excellent reason for me to take an Excel spreadsheet, an executable file, or a zipped file from a student. (Of course, I have done this -- there are excellent reasons, but I have to trust that the student is being as careful as I would be about virus-checking.)

Return to the top of this document.

| MP's Internet Hints | MP's Home Page |

Last updated September 12, 1999. Mary Parker