Downloads and virus vulnerability

Hi Paul

It is Strongly advised that you scan any downloads from the www before opening. With Excel Workbook downloads from this site (and others) you should Save as then open from your hard drive. Your Excel application should have macro security set to medium at the very minimum.

In a nutshell (as written in the agreement when registering here) the responsibility is totally upon you to protect yourself by having an up-to-date reputable virus scanner.

Adding to the wealth on this feed / post. I wanted to offer a very different side and approach.

Disclaimer:

I post what I know, I’m not authority, or present you with all the answers, I’m just passing on tips and ideas, knowledge I have learnt, to aide your understanding. I [this post] does not replace full proper professional advice or any way replace security measure that are common sense such as Anti Virus software, weeks maximum updated, but offer solely an insight and no more.

I am not responsible to a uses lack of knowledge or not taking my advice and having up to the minute defence software running full on. Flat out. Even this highest level of defence is only a defence and as secure as last update, new definitions, variant and strains are found daily some 500 a month, so this is intender to open eyes and just offer general advice only.

Reading your post carefully, I feel you firstly should be looking at the two types of download available.

- Click the attachment hyperlink and Excel will open live in web council mode, you will need to click file save as in the normal fashion to save as this is for viewing and save if need be.
- Second is right click the link and save target as this will save to where you want, and name accordingly / required.

Re: Does this mean that any macros in the attachment will also be downloaded and potentially active in the IE session?

This depends on the programmer:
- if set to run a macro on opening then yes this is correct
- If set to run on command then no this is incorrect
- If set to run depending on variable, yes / no depend if variable criteria is met – then yes this is correct, else no this is incorrect.

I hope I have answered the main issues that were requested.

To Add:

What is that thing we call a VIRUS?
A virus is just a file that is code like another file, I guess Excel is the same, we can add Visual Basic for Applications programming language scripts to this, many we see here, and help us in every day work, but as we know as well, they can do not so welcome actions. A VBA Script is a mini program as such and so is a virus, I would say a virus is a nickname for a unplanned / unwanted program, after all it does do what its designed to do. A Virus is a manmade program or piece of code that causes an unexpected, usually negative, actions/ or events.

Viruses come in all shapes and sizes, and can deceive us and be visible as one thing when they are really something quite different, attachments come to mind quickly here.

Virus files in Excel its self are now not so common [all will be VBA, generally {LAROUSE is one such name, a macro virus}] and not so bad by the standards set today, which are not VBA Excel coded.
Most today will be Borland, Delphi, VB {Visual Basic, not to be confused with VBA [Visual Basic for Application – what Excel uses]} and so on, VBA does not feature like it did some years back, Most attacks and spreads are from received emails, and the virus is extremely cleaver, cross programming. That is say the programmer wrote in Borland, it could attack Excel is so programmed, not the case so much today.

I will leave this section here for now; let me know if you would like more on this section / topic.

Downloads:
You need to grasp a general concept of how the internet words. Its based on send and receive data. I will keep it on base level here, soon as you connect your receiving data, and IPS home page, or you will not see anything. As such you are downloading text and images, sound and so on. This is a download, and has the potential to carry virus files, in many forms. Scripts, codes, dlls, most I have heard are TROJAN files, which are more complex are they are delivered as a known file and so accepted, but really are something else, could realistically be any thing – so be aware.

I have herd of a Trojan Horse So what that then?
One of these are a very cleaver pacific strain of type of Virus, it’s a nasty one generally, one you don’t what to have if at all helped. It will play game and pretend to be something its not, like a useful software program application, but beware!! Just like the army in old history story of Greece I think it was, were the army snuck into the enemy town inside a wooden horse, when in side they jumped out and killed everyone. Weather this story is true I have no idea but a good tangible comparison to us all. The gift to the enemy of a wooden horse, carried men from the opposing army. Trojan horse Virus files are hidden often inside other programs, and just out to get you.

The point is Trojan Horse Virus do things we don’t really want to do, this can b all sorts and governed by the programmer once again, when they are inside they can do as they like, like an open book.

Trojan horses as far as I know do not infect by duplication like general virus files do this is a big different, Trojans run normal one, against our will. Nevertheless, can and are just as deadly dangerous, beware.

Viruses are often disguised games or images with clever marketing titles such as “Me, nude.” [This I have copied from some site ages ago, when I was studying virus files, and I kind of like it – so I share it here, not like me to post others work, so credit to the author, sorry I can not remember who it was, please forgive me for this]

More:
If you by demand say like on Ozgrid click to download an Excel attachment then this is a download and we hope you get as you believe is correct. This is not always the case, some people like to deceive and cause virus files to spread.

Most spreading is by downloads and of cause emails, as attachments. This exposure and threat is very real today. This is cleverly done by coding so that emails are sent to everyone in your address book and all are sent as infected files as you might have guessed.

I will stop there for now.

Damage:
Virus files will and can cause damage to your loved PC that’s generally the point – sadly I do not understand the buzz from damaging others PC I assume the programmer finds this funny, I do not get this part but still.

Now damage might be corrupt files, delete them, just loose, or ruin your hard work, a bit sick, but in programmer’s eyes, making money is best as a result some virus files will look for finance details, I will not explain this section for common sense reasons.

Equally, virus files can attack windows and stop the PC working altogether.

I hope this have offered some explanation to virus files and how and what they do and why programmers make them. I have offered my opinions and feeling but this is by no mean a total explanation. I have found Anti Virus Software Application manufactures, MacAfee offer very detailed and in-depth explanation in general information’s and also on single virus files offering what they do and how to rid them.

Protection:

Simple – run antivirus software and keep it twice weekly up dated, and run on the highest setting, I admit I scan all inbound files, CD, Floppy, Email and internet traffic. In addition, I have switched OFF sent files, this is as I believe everyone should be protected, and send scanning comprises system speed and performance.

Hope this helps gain a very basic idea of files and what to do.

To finish:
Jacks Defence Policy:

Make sure you run the latest software anti virus and have the updates every day if at all possible, weekly is generally OK, but I would check daily, its worth the effort.

Virus Detection and Prevention Tips

Maybe if this feed is warmly welcomed I will draft some kind of checklist and dos and don’ts!

Kind regards

Jack in the UK

In line with all the above advice I only access the internet on my secondary computer which does not contain any important files and which I reinstall at least every 2 months.

As far as downloads and macro virus I open the download with macros disabled.
I then view the code, if it is locked or I cannot determine the perpose of the code I delete the file.

Insomniac

Hi PaulBrown

Great advise from Jack as usual.

Quote

so I cannot affect how it behaves when I open it. Or can this be controlled from [Tools [Options]] ?

While in Excel go to Tools>Macros>Security set this to Medium and you will be asked by Excel whether to Ebable macros or not. The advise from Insomniac is what you should then follow.