Hello Samuel, Sunday, September 21, 2003, 2:08:46 AM, you wrote:
SWH> For those who use Outlook, or Outlook Express as their email client and SWH> MSIE as their browser program, it would seem to me that, theoretically, SWH> one could easily protect himself from viruses of this type simply by SWH> renaming MSIE to something else before running Outlook or OE to download SWH> and read his emails. MSIE, Outlook, and Outlook Express are not single discreet programs, they are suites of many different small programs, acting in concert. Modern malware (virus, worms, malicious script, etc.), when run, do not 'call' your browser or mail agent, or any of their modules, in Windows, they generally install themselves in a /Windows/System directory under a 'Windows' sounding name, then go straight for the Registry, where they add an auto-start for themselves, to turn themselves 'on' at reboot. They also usually attack your anti-virus program, to either turn it off permanently, or defeat its heuristics, so that it will not recognise the virus as malware. The script is the interesting part, in malware that are able to run themselves from your browser window, permitting a Windows machine to be infected simply by viewing an infected email in the browser window. the MSIE browser window is the program that Outlook Express and Outlook use as their Preview Pane, so if you turn off the preview pane, and do not open suspicious emails except with a text editor, you can stop scripting auto-run from occurring. MSIE 5 had controls in the Internet Options Advanced page, that permitted users to set scripts to either run automatically, prompt the user to run (Yes or No), or to not run by default, but apparently, MSIE 6 has removed these controls... bad idea in my opinion. I use MSIE only as a viewer for WebPage development, I don't use it on-line. For my Windows 98se box, I prefer using Mozilla and Opera browsers, and 'The Bat!' email agent http://www.ritlabs.com/ -wittig http://www.robertwittig.com/ -weblog http://radio.weblogs.com/0128450/ A business is as honest as its advertising. . To unsubscribe from SURVPC send a message to [EMAIL PROTECTED] with unsubscribe SURVPC in the body of the message. Also, trim this footer from any quoted replies. More info can be found at; http://www.softcon.com/archives/SURVPC.html
