It is a VBS script (Visual Basic Script) which on most Windows 95->2000
based machines is executable via. the C:\Windows\wscript.exe program. The
VBS extention is associated with this application.
Users save the attachment then run it, or run the attachment, and the
attachment modifies registry se
Nathan E Norman wrote:
> The attachment must be opened for infection to occur.
>
> On Fri, May 05, 2000 at 01:13:12AM +0800, hingwah wrote:
> > How the virus work?It can infect immediately when opening the email but
> > without open any attachment?
> >
> > Nathan E Norman wrote:
> >
> > > Put to
> If you have sendmail and you want to block this virus, you can just add the
> following to your configurations:
>
> HSubject: $>CheckSubject
>
> SCheckSubject
> RILOVEYOU $#error $: 571 This message likely contains a virus.
>
> You will of course also block any legitimate mail with tha
If you have sendmail and you want to block this virus, you can just add the
following to your configurations:
HSubject: $>CheckSubject
SCheckSubject
RILOVEYOU $#error $: 571 This message likely contains a virus.
You will of course also block any legitimate mail with that subject, but ...
File that are overwriten have the following endings:
VBS,VBE,JS,JSE,CSS,WSH,SCT,HTA,JPG,JPEG,MP3,MP2
And then there is this (annoying) FAQ:
Is there a Virusscanner for Linux witch scans eMails and shared files for M$
Viri?
--
[ampersand online agentur]
[andreas rabus]
[programmierung]
How the virus work?It can infect immediately when user open email without
opening
any attachment?
Nathan E Norman wrote:
> Put together by Morgan Sarges, one of our engineers.
>
> Regards,
>
> --
> Nathan Norman "Eschew Obfuscation" Network Engineer
> GPG Key ID 1024D/51F98BB7
He doesn't mention that the script overwrites all mp3's jpg's ...
with itself.
Bill Suetholz
On 04-May-00 Nathan E Norman wrote:
> Put together by Morgan Sarges, one of our engineers.
>
> Regards,
>
> --
> Nathan Norman "Eschew Obfuscation" Network Engineer
> GPG Key ID 1024
7 matches
Mail list logo
