never too old to learn. And youre never too smart to make a stupid mistake. Ever
since buying my first home-office computer in 1992, I took pride in avoiding virus
attacks. Norton AntiVirus (NAV) had done well.
One day this past
summer, I noticed that my hard disk was churning for about two minutes although the normal
boot process had finished. After this happened four days in a row, I decided to
I thought back to the preceding weekend. A client had sent an e-mail
with the subject line Very Funny. A .vbs (Visual Basic Script) file was
I knew that .vbs files could carry viruses. On the other hand, I knew
that my client who had a sense of humor had good anti-virus protection. So I
made my stupid mistake: I double-clicked on the Very Funny attachment.
A few seconds later, Windows brought up a dialog box to configure MS
Outlook, which I do not use for e-mail. Not wanting the process to go any further, I
closed the dialog and thought no more about it until four days later.
Suspecting a virus attack, I fired up NAV for a complete system scan.
The findings: I had roughly 300 files, mostly .jpg (JPEG) graphics, infected with the Love
Bug virus! After every boot-up, the virus was busily looking for more files to infect.
So why had NAV not intercepted the Love Bug in the first place? When
I installed NAV eight years earlier, I had set the software to examine only executable
files .com, .exe and the like. In 1992 this made sense, because executable files
were where viruses lurked.
Over time, NAV adapted to include, for example, Word documents and
Excel spreadsheets as executables because they can carry macro-based viruses. Yet although
I had been doing monthly anti-virus definition updates, it appears that NAV did not add
.vbs files to the executables list.
NAV was not able to fix any of the infected files, including the
virus, itself, so I deleted them. The scanning and deletion process took an hour.
Fortunately, I had backup tapes available to restore the graphics.
After another hour, I was in good shape.
Finally, I deleted the association between .vbs files and the program
that runs them, wscript.exe. That way, if I am ever again foolish enough to double-click
on a .vbs file, Windows wont know how to run it.
As it turns out, my stupid mistake did not have terrible
consequences. I lost a couple of hours, but I regained my data. Nevertheless, I offer the
following recommendations so you will not have to deal with these sorts of problems.
First, make sure that your anti-virus software is examining all
files, not just executables, and that you are updating virus definitions at least monthly.
Second, if you do not need to run Visual Basic Scripts, remove the
.vbs association from Windows. (At the desktop, double-click on My Computer. On the View
menu, select Folder Options and click on the File Types tab. Type v; scroll
until you reach Visual Basic Script; then click Remove.)
Third, make regular backups and make sure that you are copying the
files that you need to protect.
Finally, pay attention, and trust your instincts. If you see an
unusual file attached to a message you were not expecting, do not open or run the file. If
your computer starts behaving strangely, look into the situation right away.
We cannot avoid every mistake, but we can probably avoid making
Dana Shultz is vice
president and legal counsel for an international financial services organization, where he
specializes in technology licensing and related transactions. His e-mail address is firstname.lastname@example.org.