See thats why there is this thing called patching. No firewall, no AV, 3x win3k computers, perminant connection, no viruses. Ever. (and yes I run symantecs AV over them oence a month or so) ----- Original Message ----- From: "Jon Jenkins" To: Sent: Monday, August 25, 2003 12:33 PM Subject: Re: [OT:] WARNING: Dangerous PIF attachement in email from PIC list > --On Sunday, August 24, 2003 9:32 PM -0400 Olin Lathrop > wrote: > > >>> What's the big deal? Just don't open unexpected attachments. > >> > >> 0: because it looks very genuine > > > > A genuine what? Any .PIF attachment is pretty much guaranteed to be a > > virus. Just don't open attachments unless they are a file type that can't > > hurt you (like .JPG, .GIF, .TXT, etc). A .PIF definitely CAN hurt you, > > which is about the only reason they are sent via email. > > This was not easily spotted, original email > headers looked like a genuine "undeliverables". > > Further the PIF was hidden inside another > attachment. Because I am a curious character I wanted to see > what the exe would so I tried to rename it to something > not dangerous and voila it added a .PIF onto the end > no matter what I named it to. Interesting code this one > wiped the boot sector from your disk. > > I thought this was worth warning the LIST about seeing as > it came through the LISTs email server. > > If I get another one like this which comes through > the LISTs email server then I will do exactly the > same. > > > > >> 1: because it is not detected by latest virus scanner > > > > Virus scanners are worse than useless because of exactly this excuse. At > > best, they can only tell you about viruses they already know about. At > > worst they let a variant slip thru, mess up your system, and give you a > > false sense of security. > > Rubbish! I am connected 24/7 and run both a firewall and AV scanner. If > you are forced to use Windows then you need this. I have been > saved several times and would have been trashed numerous times > over if not for this. > > > I guess they are better than nothing for complete idiots, but common sense > > is far better than any virus scanner. > > Have to disagree with this, numerous sites have both malicious > Java and JS code in them and there are so many holes in > all of the browsers that all the common sense in the > world can't stop them. > > I work at a university where I am exposed to hundreds > of viruses especially around exam/assignment time. > Further I don't have the luxury to delete an email > because simply because it looks suspicious so its a > no brainer that I need to be careful. > > > >> 2: because if you use MS outlook or outlook express > >> it will be opened and run automatically! > > > > No, it won't. You have to take explicit action to "open" an attachment. > > MSO/E does display the contents of some types of image file attachments in > > line, but these image files only contain data and no executable > > information and are therefore safe. > > Yes it will...if like most pepople you have the "preview pane" > open then attachments will get run or at least they used to > when I gave up on Outlook a year or so ago. > > > > I get about 3-5 viruses per week, and frankly they're pretty easy to spot. > > Real men don't eat quiche :-) > > jon > > -- > http://www.piclist.com hint: To leave the PICList > mailto:piclist-unsubscribe-request@mitvma.mit.edu -- http://www.piclist.com hint: PICList Posts must start with ONE topic: [PIC]:,[SX]:,[AVR]: ->uP ONLY! [EE]:,[OT]: ->Other [BUY]:,[AD]: ->Ads