U of MN Extension - Crispen's Five Steps for Preventing Viruses

Information Technology Team
Computer Viruses logo: U of MN Extension

Here are five tips for preventing computer viruses from doing harm on your workstation. They come from Patrick Crispen, author of "The Roadmap to the Internet Workshop" and co-author of "Tourbus", and have been edited.

Crispen's Five Antivirus Rules

Regardless of your operating system, these five rules will protect you from most of the over 40,000 viruses that are currently floating around the Net.

Purchase and use a good commercial antivirus product like Command AntiVirus, Norton Antivirus or McAfee VirusScan.

Most commercial anti-virus programs cost between $40 and $50 and can be purchased at almost any computer store. The University of Minnesota has a site license agreement with Command Software. The annual charge to license one workstation with Command AntiVirus is $8.00 the first year and about $5.00 in subsequent years.

Update your virus definitions files frequently. Check for updated definition files each week.

With over 250 new viruses being discovered each week, if you don't update your definitions frequently you won't be protected from the new viruses floating around the Net.

Definition files for Command AntiVirus can be downloaded from Extension's "Software Download" page. If you do not use Command AntiVirus, visit the homepage of your anti-virus software manufacturer and look for their "download," "update," or "technical support" section.

Never double-click (or launch) any file, especially an email attachment, regardless of who the file is from, until you first scan that file with your anti-virus program.

This is probably the most important rule of them all. If you want to protect your computer from viruses, you need to ignore ALL of the virus warnings you receive and instead beware of EVERY file you see, especially files that are attached to email messages. Remember, to infect your computer with a virus, you have to launch (or double-click on) a file that contains a virus. As long as you don't launch that file, your machine won't become infected.

Do you have to scan EVERY file, even if that file is from your friends or coworkers? Yes! Both the Melissa and the WormExplore.Zip viruses distributed themselves by opening your email program, looking at either your 'friends' list or the list of email addresses in your inbox, and then distributing virus-infected files to everyone on that list.

Turn on macro virus protection in MS Word and beware of all word macros, especially if you don't know what they are.

Word Macros are saved sequences of commands or keyboard strokes that are stored and then recalled with a single command or keyboard stroke. They enable advanced Word users to easily accomplish what would otherwise be difficult tasks. They also allow virus writers to do serious damage to your computer. For example, the Melissa virus was actually a Word Macro virus.

If you use Word 97, go to Tools --> Options. Click on the "General" tab. Make sure that "Macro virus protection" (at the bottom of the list) is checked.

If you use Word 2000, Double-click on the Tools menu, point to "Macro," and then choose "Security." Select the level of security you want. High security will allow only macros that have been signed to open. Unsigned macros will be automatically disabled. Medium security always brings up the macro dialog protection box that allows you to disable macros if you are unsure of the macros.

With Macro virus protection turned on, Microsoft Word will warn you every time you try to open a Word document that contains a macro. The warning gives you three choices: the option to open the file but disable its macros ("disable macros"), open the file with macros enabled ("enable macros"), or the option to not open the file ("do no open"). Chose the first (default) option: "disable macros."

For more information, visit the Macro Virus Protection page at http://officeupdate.microsoft.com/focus/articles/o97mcrod.htm

If someone unexpectedly sends you an executable file - in other words, a file that ends in .EXE - delete it.

The key word here is "unexpectedly." If you are expecting a friend to send you an executable file, you certainly don't need to delete that file -- just scan it for viruses before you open it.

If you are in an environment (like a home) where you seldom receive ANY files attached to your incoming email messages, a better rule would be: "When in doubt, throw it out ... and doubt EVERYTHING."

How well will these five rules protect your computer from becoming infected with a virus, Trojan horse, or worm? How many people whose computers were infected with the Melissa or the WormExplore.Zip viruses ignored at least one of these rules? ALL OF THEM! How many people who followed these five rules had their computers infected by Melissa or WormExplore? NONE OF THEM!

These five rules will not protect you from every computer virus, Trojan horse, or worm, but they will so significantly decrease your computer's chances of becoming infected that you can all but forget about the next virus scare and all the ones that will follow.

Information Technology Page

University of Minnesota Extension Home Page

URL: http:// www3.extension.umn.edu/units/cets/it/crispen.html This page was updated Feb. 20, 2001 .
Online Privacy Statement. Contact Information.