Craig,

>Yeah, it could be a scroll. I always called it a tornado, cause if you run it, you're likely to think your harddrive was struck by a tornado cause of the destruction caused by the virus. (Assuming it is one). For me, it doesn't matter what the script language... I don't run it.

Let's not let folks get the impression that the WSH is some sort of "dangerous, evil" thing. Point of fact, it's a tool, no more and no less. The problem is (as I point out in my article in the current VFUG (www.vfug.org) newsletter) really twofold. First, it "flys beneath the radar" of anti-virus software since, unless it's encoded, it's just a text file. Second, is ignorance. People aren't aware of it.

The "stick your head in the sand and hope it goes away" approach, is the most dangerous. I make a number of recommendations in the article about what you can and should do. The best is the approach taken here. People can send in all the script files they want to me, and I'll never see them. They're stomped before they ever reach me.

>Now, if you want to read about something scary, go to grc.com and read about Denial of Service attacks.
>
C'mon Craig, it's too early in the day for scary stuff.:-)
>>
>>Looks more like a scroll of paper to me.< s > Actually, there are four file extensions to be concerned with: vbs, vbe, js, and jse. The first two are VBScript files (with vbe being encoded). The latter two are JScript files (again the jse is encoded).
>>
>>The reason that it (the various WSH viruses) goes after SCT files is that this is the extension that's associated with Windows Script Components as well as VFP forms.