Results 1 to 5 of 5

Thread: The Danger of Scrap Files

  1. #1
    Senior Member
    Join Date
    Feb 2002
    Posts
    1,210

    Exclamation The Danger of Scrap Files

    i went to this site http://www.mischel.dhs.org to download the latest version of
    trojan hunter and came across this article http://www.mischel.dhs.org/scrapfiles.jsp
    I'll quote just the intro and conclusion.

    The Danger of Scrap Files
    Magnus Mischel

    Introduction
    Many Internet users today know that they should never run executable or script files they receive via e-mail because of the danger of malicious code. So they set their Windows Explorer settings to show file extensions so they can recognize the dangerous file extensions like .exe, .vbs et. al. But what if there was a file type that could contain malicious code, and the file extension was automatically hidden from the user by Windows no matter what the Explorer settings? And what if that file had an icon that resembled a harmless text file? And what if double-clicking on such a file would execute the malicious code embedded in it?
    Well, the bad news is that there does exist such a file type; it's called a Scrap File. The good news is that this article will teach you the basics about it, and how you can protect yourself
    .
    .
    .
    .
    Conclusion
    You should never double-click a scrap-file before you know what its contents are. This is a flaw in the OLE system that Microsoft should have corrected, given its implications in the security area. Even experienced computer users can be lured into running these files since they might assume that the file is harmless since it has no extension.

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Location
    Ireland
    Posts
    734
    Unfortunately not everything bad has an icon with a skull & crossbones

  3. #3
    Senior Member
    Join Date
    Apr 2002
    Posts
    711
    Hmmm... that's rather interesting... here's what a *.SHS file looks like on my desktop. So, if you can attach an icon to them, then... ick. Just ick.

    Yet another reason to hate Bill & Gang...


    <edit>
    (yes, that's highlighted and with "show all extensions" checked - of course)
    </edit>
    \"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"

  4. #4
    Senior Member
    Join Date
    Oct 2001
    Posts
    175

    OLD!!!

    Hello Everyone,

    The scrapfile "trick" is really really OLD...

    The .SHS file extension (and other "hidden" extensions) can be shown by using RegEdit to remove the "NeverShowExt" key.

    Simon Templer
    Simon Templer

    \"Your work is to discover your world and then with all your heart give yourself to it. \"
    -The Buddha

  5. #5
    Senior Member
    Join Date
    Apr 2002
    Posts
    711

    Re: OLD!!!

    Originally posted here by Simon Templer
    Hello Everyone,

    The scrapfile "trick" is really really OLD...
    ...hence the quote, "dates back to Windows 3.1."


    The .SHS file extension (and other "hidden" extensions) can be shown by using RegEdit to remove the "NeverShowExt" key.

    Simon Templer
    Nice t'hear... speaking as a UN*X head that tries to limit Winblowz usage to a work machine and my own "game machine" at home.
    \"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •