First of all, let me start by saying that good antivirus software is absolutely necessary on any computer connected to the internet or another untrusted network. There are principals that will help you recognize and avoid viruses, but they are still based on your own actions, and mistakes can be costly. I went for years without any antivirus software on my computer, thinking I was smart enough to avoid them - and for the most part I was. But one day, I decided I needed to go ahead an install some good antivirus software, just to be safe. Within hours, the software caught a virus that would have gotten by my "smarts", and I was very glad I had it.
On the other hand, it's very easy to just trust your antivirus software, and forget that no software is perfect and antivirus software is mainly focuses on recognize known, existing viruses. Every virus unleashed on the internet ends up impacting someone before the antivirus world catches up with it.
If you run antivirus software, but are careful as if you didn't have antivirus software, you stand the best chance of avoiding getting and spreading viruses.
Many viruses spread by infecting a computer and then sending themselves to e-mail addresses they find on that computer. Often those e-mails appear to come from either the infected computer's owner, or another address the virus found on that system (meaning the "sender" may not be infected at all). Usually, though, these are easy to identify, because the e-mail probably does not look like something the person would send. If you get an e-mail from your friend Jim, who works in construction, and it says "This game I wrote I think you like it", you can ask yourself a couple of questions.
First - does this sound like the way Jim talks or writes? Probably not. Many viruses are written and distributed from third-world countries, and the english is broken or mis-spelled.
Second - Since when is Jim writing games? Most people do not write and distribute games, especially through e-mail, so that should cause some suspicion as well.
If you are still not sure, or if the e-mail looks a little bit more legitimate but you are suspicious of the attachment, simply reply to Jim and ask him if he sent it and what exactly the attachment is. That should clear things up pretty quickly.
Most files have a file extension, which is the part after the dot. File.exe is an executable (exe) file, which means it's a program. File.doc is a document, probably made by Microsoft Word. File.txt is a text file, which is most likely harmless.
Many windows systems are configured to hide file exptensions, so that you only see the portion of the filename before the dot. Some viruses have taken advantage of this by naming files things like image.jpg.exe. When the .exe extension is hidden, it looks like a harmless JPEG image. You need to be wary of files that have extensions if you normally don't see them on your system.
File extensions to be wary of are .exe, .bat, .reg, and Microsoft Office file formats such as .doc, .ppt, .exe, etc. Usually, .jpg or .gif files are harmless images, and as mentioned above, .txt files are safe.
Right-clicking on a file and selecting "properties" can give you more extensive information about a file without actually opening it. Helpful information will include what type of file it is, what program your computer intends to use to open it, and how large the file is. Note that some e-mail programs will not give you access to the file properties until you save the file to your hard drive. Saving the file should not be dangerous to your system, since the file cannot do anything if it is not actually opened.