![[Bytes Link logo]](../../../cgif/bytelnk2.gif)
Did you get the AnnaK worm yet? Here’s a quick and easy way to trick the worm
by By Rod Ream, Pasadena IBM Users Group Visual Basic President of PC Consulting, 626/280-6850 - March 26, 2001 at 20:15:11:
Scripts (VBS) are popular with virus writers. That’s because they’re easy to create and will launch if sent as an e-mail attachment, and the recipient double-clicks on them.But there’s an easy, free way for you to defeat Visual Basic Script viruses.
Every file type has a default action that takes place when we double click on a file. The default action for double clicking on a VBS (Visual Basic Script) file type is to open and execute the script file, meaning run or launch the script. This default action is the mechanism that can result in system infection if a user unknowingly launches an infected attachment received in an email message.
You can easily change this action and stop the accidental launch and execution of a VBS file by making it do something else when it is double-clickeded.
Some users have disabled or removed the capability of the system to run a VBS file, out of fear of potential viral exposure. However, there’s a relatively easy fix for this that will still permit a web page or other application to run a VB script when such function is actually needed, but will block the double click action. The fix is to change the default action to Edit, which causes the file to open in Notepad rather than execute.
In Windows Explorer (not Internet Explorer); goto View/Folder Options/File Types. (In Windows ME it is moved to Tools.) Scroll to VBScript Encoded File. Click on the “Edit” button (“Advanced” in Windows Me).
Another window will open showing the possible file actions, with the default action indicated in boldface type. The default action is likely “Open.” Highlight instead the word “Edit” and click on the “Set Default” button. “Edit” should now appear in bold face.
In some older systems the Edit function may not be listed. In such instances, click the NEW button and enter “Edit” in the action field and “NOTEPAD.EXE” in the application field. When “Edit” has been added make it the default action as shown above.
While in the file type screen, also make sure the boxes for “always show extension” and “enable quick view” are also checked. Click “OK” to close the open windows.
Windows usually has several example VBS files on the system, in a folder named “sample.” Find one of them and double click on it. If the action caused Notepad to open and display the content of the file, you’ve done it correctly and are now safe from an accidental VBS infection.
Rod Ream is senior tech support for the Pasadena IBM Users Group and president of PC Consulting, 626/280-6850 RodReam@techie.com.
This article is brought to you by the Editorial Committee of the Association of Personal Computer User Groups (APCUG), an International organization to which this user group belongs.There is no restriction against anyone using the article as long as it is kept in context, with proper credit given to the author.
![[------STRIPE-----]](../../../cgif/str1.gif){kind=small}
Site Disclaimer Suggestions? E-Mail to webmaster@noccc.org