At 09:49 AM 1/27/2004 -0800, you wrote: >Please everyone get virus protection and never open attachments that you >have any questions about. Beware of any emails you receive that have >attachments with these extensions: >.bat, .cmd, .pif, .exe, .scr, .zip Dear all, My resident better half and technical expert has provided a few comments regarding attachments. Due to recent 'improvements' in the Windows operating systems, it is now possible for filenames to have 256 characters. Also, many previously 'illegal' filename characters are now allowed, and Windows operating systems default to a setting which makes file extensions invisible to the user. Because of these factors, it is no longer safe to classify email attachments by filename, because there are many ways to 'spoof' a harmless looking file extension. For example, we received an attachment today consisting of a normal Zip file archive, containing a file named; readme.txt .scr This malicious screensaver file (identified by the true extension '.scr' seen far to the right) will show up simply as readme.txt in the Windows Explorer and most other dialog boxes in the Windows system, unless the user is extremely observant. This is an example of a very simple, low-level name spoof -- there are schemes in circulation which are much more sophisticated. >Unless you have requested something and the email is in response to that >or you have downloaded something you wanted from the Internet it seems >wise never to open any attachment with these extensions just as a >precaution. And remove the message and the attachment from your computer >without opening it. We have also written code so files with these >attachments cannot be uploaded to the wiki. Since most new viruses and worms will harvest email addresses from the victim's email address book, or the victim's stored email, it is likely that you will receive harmful attachments from (apparent) 'friendlies'. Anti-virus programs are not an effective panacea, since, on the average, it takes at least two weeks for anti-virus software writers to incorporate filters for a new virus into their software. The screensaver I received today checks out as 'safe' with all of our current anti-virus programs, however, there is no doubt in my mind that it is some sort of malicious software, and it will be correctly identified as such in the next software update. If you absolutely must test a suspicious attachment, there is one safe way to open and check them. Right-click on the attachment link and save the file to the hard drive. Open the Windows explorer, navigate to the folder with the attachment, and right-click on the filename. A menu will appear. If one of the menu choices is 'Open with', select that option, and you will be presented with a short list of applications that your system normally uses to open that type of file. Choose the application which is appropriate for the type of file it appears to be. For instance, if the file is masquerading as an image file, (.gif or .jpg), select your image viewer or editor to open the file. Using this technique, the questionable file will always be treated as data, and opened WITHIN an application, but not executed on your system. If the file is bogus, the chosen application will generate some sort of error, but the file will not be able to run, or damage your system. If, after right-clicking on the filename, you do NOT see "Open with", but only see choices like 'Open', 'Run', 'Test', 'Configure' or 'Install', it is some sort of executable file and you should probably delete it. Best regards, Jamie