Files as spyware?

[Blondie Smith]

I read an article online about file types that could be spyware. Does
anybody know if this is true??
The file types are:
*.VBS
*.VIR
*.HTA
*.KAK
*.SHS

[Vanguard]

Visit http://filext.com/. They don't have a listing for the .KAK
extension. Ask whomever gave you this list what .kak files are for or
what application creates them. But then your "source" is suspect since
you never even bother to identify it. Is this supposed to be a *secret*
online article?

--
__________________________________________________
Post replies to newsgroup. E-mail not accepted.
__________________________________________________


"Blondie Smith" <BBSS129@hotmail.com> wrote in message
news:bm4i54$ihlrj$1@ID-127880.news.uni-berlin.de...
> I read an article online about file types that could be spyware. Does
> anybody know if this is true??
> The file types are:
> *.VBS
> *.VIR
> *.HTA
> *.KAK
> *.SHS
>
>

[Jay T. Blocksom]

On Thu, 9 Oct 2003 16:59:46 -0400, in <alt.privacy.spyware>, "Blondie Smith"
<BBSS129@hotmail.com> wrote:
>
> I read an article online about file types that could be spyware. Does
> anybody know if this is true??
[snip]

Does anybody know if *what* is true? That you read such an article? Only
you know that.

That any/all of the filename extentions you cited *could* be used on any
given piece of spyware? Well, of course -- a file can be *named* anything;
and given Windows' (and especially MSIE's) utterly broken type-checking, it
doesn't much matter what a malicious program is named, odds are it *will*
get executed.

Bottom Line: The filename extension, in and of itself, tells you NOTHING
about whether a given file is (or contains) "spyware". However, in an
attempt to answer the question you tried to ask, I'll note that the
_most_common_ meanings of the extensions you cited are:

> The file types are:
> *.VBS
[snip]

Visual Basic Script

> *.VIR
[snip]

Something else which got renamed to this by a local virus-scanning program.

> *.HTA
[snip]

An Apache (webserver) Access Configuration File (properly named ".HTACCESS")
got mangled by a WinBox.

> *.KAK
[snip]

<http://www.symantec.com/avcenter/venc/data/wscript.kakworm.html>

> *.SHS
>

Shell Scrap Object File -- yet another MicroSlop abomination.


--

Jay T. Blocksom
--------------------------------
Appropriate Technology, Inc.
usenet01[at]appropriate-tech.net


"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-- Benjamin Franklin, Historical Review of Pennsylvania, 1759.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: E-Mail address in "From:" line is INVALID! Remove +SPAMBLOCK to mail.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Unsolicited advertising sent to this E-Mail address is expressly prohibited
under USC Title 47, Section 227. Violators are subject to charge of up to
$1,500 per incident or treble actual costs, whichever is greater.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[data64]

Jay T. Blocksom <not.deliverable+USENET@appropriate-tech.net> wrote in
news:04ooovchp5me9aiiujf4pjaridn2qt587o@news.rcn.c om:


>> *.HTA
> [snip]
>
> An Apache (webserver) Access Configuration File (properly named
> ".HTACCESS") got mangled by a WinBox.
>
Actually, .hta are used for Html application which is a Microsoft thingy.
http://msdn.microsoft.com/workshop/a...taoverview.asp

The Apache htaccess files are by default called .htaccess on windows also.
You have to change a setting (AccessFileName) to make it recognize .hta as
a configuration file


data64