Re: Annie's REPLY

To: a*@sirius.com, M*@ucdavis.edu
Subject: Re: Annie's REPLY
From: R* F* D*
Date: Mon, 23 Oct 2000 09:37:58 -0400 (EDT)

At 10:26 PM 10/22/2000 -0700, you wrote:
>HEY EVERYONE! I have no idea how i have unintentionally sent a virus. This
>has never happened before. I did have my modem replaced today. How in the
>world could i have sent a virus unintentionally? I did run my norton
>anti-virus and it shows no virus tho it did quarantine the attachment in my
>in-box. Now i'm paranoid this e-mail will send some weird attachment!
>Sincerely, Annie.

Annie:

Here is another recent example:

It is possible that Outlook has been programmed to send this attachment,
under the name METALLICA.JPG.PIF,  or similar, to all contacts in Xxxx's
address book, or just to those who have received e-mail from Xxxxx since
October 5.

Solution:

What you need to do is TURN OFF the Microsoft Scripting Host.  By doing so,
you should be able to prevent a lot of virus problems.  Microsoft has set
the default for this utility in the ON mode.  This will automatically open
attachments as soon as you open the e-mail it is attached to, then
automatically activating the virus.  

There is another sneaky feature to the virus - its name.  Note the double
extension.  The file is really not a JPG image file, but a system PIF file,
part of the Microsoft Windows operating system registry.  Often people will
assume that such files are what they seem, having accepted the Windows
Explorer default setting which drops off the real three letter extension,
fooling the viewer.  Microsoft assumes most people hate details like this.

You can't even rely on the person who sent it to you, because users that
have Outlook can get worms like Melissa or the I Love You virus that resend
viruses to all persons in their Outlook address book.  This happened at
Reynolds while I worked there last year.

I use a program that comes with both Microsoft and Corel WordPerfect office
suites called QuickView Plus.  Opening any file with this utility will block
off viruses from acting while revealing what the content is.  So if I get a
file that says happy.gif, and really is happy.gif.exe, QV+ will open it as
an EXE file, showing me the file header that will tell me it is a disguised
EXE file, a sure sign of trouble.

Microsoft's marketing strategy is to make their products powerful and simple
stupid to operate.  This may make their software funfunfun to run, but
leaves them vulnerable to viruses.  I am a person who likes to have easy
access to the defaults and controls of the system and software I use.  One
of the first things I do with new or upgraded software is go into Edit >
Preferences or the equivalent and explore my options.  I've saved myself a
lot of grief that way.

Richard F. Dufresne
313 Spur Road
Greensboro, North Carolina  27406 USA
336-674-3105
World of Salvias web page:
http://www.eclectasy.com/gallery_of_salvias/index.htm
or
http://home.infinet.mindspring.com/~salvia/salvia.htm (to be phased out)

Follow-Ups:
- Virus Problems
  - From: C* M*

Prev by Date: Re: Annie's REPLY
Next by Date: Virus Problems
Prev by thread: Re: Whitelist of Prohibited Import Plants
Next by thread: Virus Problems

Other Mailing lists | Author Index | Date Index | Subject Index | Thread Index