Return to index: [Subject] [Thread] [Date] [Author]

FW:Simple method for preventing the AnnaK virus from affecting your machine

[Subject Prev][Subject Next][Thread Prev][Thread Next]
I belong to the listservice represented by the following message. Although I
don't recall which of the Lists this was from (Steve Bass is the originator)
I believe it was one that I joined for web designing. I mention this because
I don't want you to think that I might have forwarded an unsolicited and
possibly infected message.

I've been hearing about this virus all day and read the method to prevent
this virus from affecting your computer since it is a Visual Basic Script
virus that is easy to launch.

You may follow the procedures which are not difficult or simply pass it on
to others who might benefit from it. I do not suggest this as an alternative
to a good virus checker but I am not sure if all Virus Checking software can
identify viruses such as this. Better safe than sorry.

Dennis S. Wish, PE

-----Original Message-----
From: Steve Bass [mailto:stevebass(--nospam--at)]
Sent: Monday, February 12, 2001 2:31 PM
To: stevebass(--nospam--at)
Subject: [stevebass] the AnnaK virus (and a free way to stop it)

If you haven't received a copy of a message with the Ana K (or
AnnaKournikova.jpg) attachment, you probably will. It's blasting its way
through the Internet.

It's a VBS (or Visual Basic Script) and if you don't click on it, you
needn't worry. Just delete it.

If you want to prevent <<any>> VBS virus from honking up your PC, use Rod
Ream's (Pasadena IBM User Group's head of tech services) handy-dandy tip.
It's easier than it looks, and about a ten minute job.

The default action for double clicking on a VBS (Visual Basic Script) file
type is to open and execute the script file.  In other words, double
clicking runs or launches the script.  This default action is the mechanism
that can result in system infection if a user unknowingly launches an
infected attachment received in an eMail message.

Some users have disabled or removed the capability of the system to run a
VBS file out of fear of potential viral exposure.  However, there's a
relatively easy fix for this that will still permit a web page or other
application to run a VB script when such function is actually needed, but
will block the double click action. The fix is to change the default action
to Edit, which causes the file to open in Notepad rather than execute.

Here's how:
In Explorer, open the "Folder Options" under the "View" pull-down (moved to
Tools in WinMe).  Select the "File Types" tab and scroll to VBS - Visual
Basic Script.  Click on the "Edit" button ("Advanced" in WinMe).  Another
window will open showing the possible file actions with the default action
indicated in bold face type.  Highlight "Edit" and click on the "Default"

In some older systems the Edit function may not be listed.  In such
instances, click the ADD button and enter "New" in the action field and
"NOTEPAD.EXE" in the application field.  When "Edit" has been added make it
the default action.

While in the file type screen, also make sure the boxes for "always show
extension" and enable quick view" are also checked.  Click "OK" to close
the open windows.

Windows usually has several example VBS files on the system.  Find one of
them and double click on it - if the action caused Notepad to open and
display the content of the file, you've done it correctly and are now safe
from an accidental VBS eMail infection.

When you think about it, there's no real need in actual practice for most
users to ever want to launch a VBS file by double clicking on it.  The only
people that might want this function would be a power user that has written
their own script.

MS could easily correct the problem by issuing a security patch that does
the same as the manual fix.

Rod Ream PC Consulting

This E-letter may be forwarded or reproduced for non-commercial use, either
in part or in its entirety, provided the following is included:

* This message is brought to you by Steve Bass. The content reflects his
personal opinion and not that of PC World.
* To unsubscribe: mailto:stevebass-unsubscribe(--nospam--at)
* To subscribe: mailto:stevebass-subscribe(--nospam--at)
* This is an announcement-only mail list. Replies go to Steve Bass (not the
* Subscribe to the PC World's free "Steve Bass' Home Office Newsletter:

Copyright 2000 by Steve Bass.