[JA] Re: wrong extension?

  • From: thepccat@xxxxxxxx
  • To: juno_accmail@xxxxxxxxxxxxx
  • Date: Fri, 5 Jul 2002 08:34:46 -0700

Pif is one of the common extensions which can propagate
worm/virus/trojan. Pif has a legitimite use to help windows execute DOS
and perhaps other type files, but has commonly been subverted to be/carry
worm/trojan/virus. Vbs and exe are among the other common ones used. 

Some have been known to try and fool people by using deceptive characters
-- consider this file:
-----start of file-----
familypicture.jpg                                                        
                                                                         
                                .exe
-----end of file-----
There are many "space" characters between what looks like an extension
"jpg" and the real extension "exe." In some email clients this might look
like familypicture.jpg, and seem a harmless item. However, if you save it
to a folder and look at it with your Windows Explorer [or similar app] it
would show as an exe file. Also, right clicking on the file and choosing
Properties would reveal the type to be exe not jpg.

The good news is that all the virii/worm/trojan I have seen recently may
use various tricks to get people to open them, but [with the exception of
some which rely on holes in Internet Explorer which one should have long
closed by upgrading/patching] all virii/worm/trojan packages seem to be
exe, pif, bat, or vbs files [and this shows up on Windows Explorer and
Properties]. When you receive something on that order, simply delete it
[and not just to the "trash" or "recycle bin" -- why leave it lying
around?] and you are done.

thepccat

On Thu, 4 Jul 2002 20:23:19 EDT George J Kamenz <gkamenz@xxxxxxxx>
writes:
> I pulled the lines below from something I received recently. 
[...]="msg00990[1].pif"

________________________________________________________________
GET INTERNET ACCESS FROM JUNO!
Juno offers FREE or PREMIUM Internet access for less!
Join Juno today!  For your FREE software, visit:
http://dl.www.juno.com/get/web/.


To unsubscribe, send a message to ecartis@xxxxxxxxxxxxx with
"unsubscribe juno_accmail" in the body or subject.
OR visit //freelists.org
~*~

Other related posts:

  1. Home
  2. juno_accmail
  3. Archive
  4. 07-2002