Hi Thomas,
Monday, December 25, 2000, 6:43:04 PM, you wrote:
MDP>> It doesn't need to. You don't get *infected* by a virus until it is
MDP>> executed. This is a fact.
> It has been executed. Not triggered by me double-clicking on it. I am
> the only one who has access to my TB.
A HTA file is a HTML Application - file type that appears after
installing Internet Explorer 5.0. A HTA file cab contain regular HTML
text with scripts inside but when executed it runs as standalone
application - without Internet Explorer shell. This gives the
possibility to write powerful applications using regular scripts
inside HTML. This HTA file, in your case runme.hta is created when the
worm is activated, this is done by viewing the infected page in IE,
OE or any application which can execute Javascript.
If you have not opened the infected page you will not be infected as
such, but of course your Real Time virus scanner will have spotted the
malicious code and warned you of its' existence, background scanners
take a while to scan all your drives so the warning could be seen
some time after the infected file is received, as you say whilst you
were off-line.
--
Mark Aston mailto:[EMAIL PROTECTED]
http://www.gunfleet.com
http://www.gunfleet.com/LinuxGuide
Using The Bat! 1.48f
Under Windows NT 5 0 Service Pack 1 2195
--
--------------------------------------------------------------
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
<mailto:[EMAIL PROTECTED]>
To Unsubscribe from TBUDL, double click here and send the message:
<mailto:[EMAIL PROTECTED]>
--------------------------------------------------------------
You are subscribed as : archive@jab.org
