Has anyone ran into .shs files? We have a
user that has received a .shs file claiming to be an image. From what I am
reading on the web these in most cases are viruses or trojan horses. Any
thoughts, neither Declude w/F-prot or Norton AV on my local machine picked it up
as a virus. Any
Title: Message
Hmmm
Interesting...
another one to be added to the block extensions in the Declude Virus. But
here is a statement from Symantec:
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.smorph.html
I think there is
no reason for this extension to be e-Mailed. Can
About 6 months ago some one pointed me to a web site that listed all
file extensions and their usage.
Any one know the URL, or where can we find such information?
John Tolmachoff
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA 92835
www.reliancesoft.com
---
[This E-mail was
About 6 months ago some one pointed me to a web site that listed all
file extensions and their usage.
Any one know the URL, or where can we find such information?
http://www.wotsit.org/ . :)
-Scott
---
[This E-mail was scanned for viruses by Declude Virus
Found it:
http://whatis.techtarget.com/fileFormatA/0,289933,sid9,00.html
SHS Shell scrap file; reportedly used to send password stealers
I am going to add this to my banned extension list.
John Tolmachoff
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA 92835
Here is another link:
http://office.microsoft.com/assistance/2000/Out2ksecFAQ.aspx
On extensions their use.
We block the following -- we feel if someone wants to send them they can
always zip them, otherwise we just don't want to take any chances.
BANEXT ASD
BANEXT ASP
It has been used for virii in the past. See
http://www.pchell.com/virus/stagesworm.shtml
Dan
John Tolmachoff wrote:http://www.pchell.com/virus/stagesworm.shtml
Found it:
http://whatis.techtarget.com/fileFormatA/0,289933,sid9,00.html
SHS Shell scrap file; reportedly used to send
http://www.wotsit.org/
But they do not list .shs.
:-)
John Tolmachoff
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA 92835
www.reliancesoft.com
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus
I just implimented the BANEXT in my virus.cfg and added the bannotify.eml to
my Declude directory. The notify only goes out to the sender and I would
like to know when a banned extension tries to come in as well. I know I
could just add an additional entry to the to: field of bannotify.eml but
Thanks, will do Scott!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of R. Scott Perry
Sent: Wednesday, September 04, 2002 2:07 PM
To: [EMAIL PROTECTED]
Subject: Re: [Declude.Virus] BANEXT settings
I just implimented the BANEXT in my virus.cfg and
OOPS, I already do ban it.
:)
John Tolmachoff
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA 92835
www.reliancesoft.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of John Tolmachoff
Sent: Wednesday, September 04, 2002 9:51 AM
To:
Strange as it was, someone actually sent a real image file with the .shs
extension. After Scott was kind enough to analyze it and determine the file
to be safe, we were able to retrieve the original image by opening the .shs
file in notepad, then we copied the source, and pasted it into word.
12 matches
Mail list logo