There is a new virus floating round, know I know most people here are virus wise.. but for those who arnt, dont accept anything suspicious or that ends in
.pif

Ive had these sent me by 4 people now.. just because they accepted the virus download!

you wont know about the infection it it sends filre transfer requests to all your contacts! without you knowing.

MSN were supposed to have shut this kinda virii down, but blah.

ty for the heads up anyway

Cheers Ascention, i'll get the word out to the computer illiterate on my MSN list (90% of the list i guess ...)

:angel:

Cheers Ascention, i'll get the word out to the computer illiterate on my MSN list (90% of the list i guess ...)

:angel:
Send them a file transfer request with a document explaining why they shouldn't accept file transfers.

.pif iirc is a shortcut file, so whats the shortcut too? O_o

.pif iirc is a shortcut file, so whats the shortcut too? O_o
all the virus associated items are shortcuts.. im only guessing to an external source.. which then d/l's something!

/me strokes my firewall, both of em, and my dmz :D

i'm a security nut, anythin says "lemme access internet" i say "hell no!" then think "oh, err, ok"

thought it was curious that somone who i hadnt talked to online for a few months was sending me a file, luckily i thought wtf O_o and declined, at least i know what it was going to be now, cheers much.

thought it was curious that somone who i hadnt talked to online for a few months was sending me a file, luckily i thought wtf O_o and declined, at least i know what it was going to be now, cheers much.

Wo0t.. Ascy saves the day :D

MSN crashes my house's router when I try to receive a file anyway, so meh.

MSN crashes my house's router when I try to receive a file anyway, so meh.

thats coz MSN is evil, and you need to set your router up to use it correctly, i just flashed another routers firmware onto mine for uPnP :D

my Top tips:

1. Don't use MSN, use ICQ or something.
2. Tell MSN to automatically scan all d/led files.
3. Don't run MSN on your main PC if you must use it.

I've never used MSN in over 6 years, and it's not coming back on. This virus is just one example of why. Because it's poorly maintained, maybe?o_O

Edit: uPnP is one of the largest security flaws in Windows.... so if you've enabled it, turn it off now!
http://www.grc.com/unpnp/unpnp.htm
Also, you might wanna run ShieldsUp! (At same site) to check your firewall...

Easiest solution is just to stop using MSN. I'm mainly using Skype atm, free internet chat and internet telephony... very nice app. www.skype.com. And you can get credit to call landlines :D

Edit: Delete plz, I seem to have posted 3 posts somehow :(

deleted

.pif iirc is a shortcut file, so whats the shortcut too? O_o

.PIF files are MS-DOS shortcuts, yet executables in their own right. I'm not exactly sure why, but rename any executable to .PIF and run it, it works exactly the same as when it had an EXE extension.

EDIT: There was a worm going round MSN like this about 2-3 years ago, and it wouldn't suprise me if its the same one :rolleyes:

My MSN doesn't even sign in atm :S.

is it that hard not to open / download things you dont know?

its the same as with email attatchments...

my Top tips:

1. Don't use MSN, use ICQ or something.
2. Tell MSN to automatically scan all d/led files.
3. Don't run MSN on your main PC if you must use it.

I've never used MSN in over 6 years, and it's not coming back on. This virus is just one example of why. Because it's poorly maintained, maybe?o_O

Edit: uPnP is one of the largest security flaws in Windows.... so if you've enabled it, turn it off now!
http://www.grc.com/unpnp/unpnp.htm
Also, you might wanna run ShieldsUp! (At same site) to check your firewall...

Easiest solution is just to stop using MSN. I'm mainly using Skype atm, free internet chat and internet telephony... very nice app. www.skype.com. And you can get credit to call landlines :D

I stopped using ICQ about 4-5 years ago, its got more security flaws than MI5 HQ :p

uPnP *can* be unsafe depending on how you look at it, grc's report is based on when uPnP first came out, which is quite a while ago and the specifications have changed quite a lot and is naturally updated in Windows and turned off by default, even with uPnP aware hardware.

My router itself provides the uPnP however, Windows never touches it, the firewall on my router protects the uPnP activity, opens and closes ports as requested by MSN, which is a bit more secure than having to open ports on my router to allow file transfer for instance.

My mate sent me a file "Nude_women"
when i asked about it, she had no clue about it!

Oh well.
I think i know the guy's address who made it.

steve.Yusan@gmail.com
He changed my contact email address on Amazon and spent 85 quid...
BUGGER!

Oh well, i'd like a wee reward for catching the bloke!

my Top tips:

1. Don't use MSN, use ICQ or something.
ICQ is a festering pile of ugly, resource-munching crap. I wouldn't wish it on my second-worst enemy.

wrt uPnP - Much as it pains me to agree with anything that ass-clown Steve Gibson says, I agree. The spec for it may as well start "you're too stupid to own a PC so we're going to make sure yours get boned by 5 year olds".

Skype is indeed pretty neat though it's non-standardisation will kill it in the near future I expect. I wouldn't use it as a text-chat system though.



@DJ - that's just weird, update the router BIOS.

damn man, why did u make this topic, anyone stupid enough to accept random files, whould not be allowed on the net ! aka let em get a virus and suffer pc breakage :P

Good thing my router does what its told. I can get infected by any virus/trojan and my router won't allow the connection to go through if I haven't allowed the target port to be open.

<= Likes being computer literate

Apart from anything, my computer has 3 AV proggies running at once, which go mad whenever a virus/trojan gets even near my PC.

look m8, never have more then 1 av program runnin, its common knowlage that having more then 1 fightin over a virus totaly messes up your system.

also, yo pc must be hella slow with 3 av thingies runnin constantly O_O

<= Likes being computer literate

.....

Apart from anything, my computer has 3 AV proggies running at once, which go mad whenever a virus/trojan gets even near my PC.
Sorry to have to say it but those two statements are mutually exclusive.

Three AV programs is just stupid, all you'll do is kill performance for no gain. Get one that works.

Sorry to have to say it but those two statements are mutually exclusive.

Three AV programs is just stupid, all you'll do is kill performance for no gain. Get one that works.


I really didnt want to hurt his feelings, so im kinda glad u did it for me :P

I really didnt want to hurt his feelings, so im kinda glad u did it for me :P
I tried not to :(.


I have a truly useless AS400 contractor here today so I'm probably not at my most tolerant.

Moved off ICQ a logn time ago...went crap around about the time AOL brought it out and tried scamming ppl.

Well AOL says it all really!

hehe

yeah i tried ICQ, but no one could ever reach me on it...just use MSN, AIM and Skype pretty much...

Don't get me wrong it was a great IM proggie and really the first one to make it popular, I was using it back in '97 and I think it was quite new then.

Good program turned into a advert whore proggie and bloated with too many features that made it less usable and features it didn't truely need.

Moved off ICQ a logn time ago...went crap around about the time AOL brought it out and tried scamming ppl.

Well AOL says it all really!

hehe


how did they scam?

For all those whininh about my AV setup, go screw yourselves.

I have NO performance loss at all, as I have run stress tests on my system with programs running and all process except critical processes running from memory. I never get a virus/trojan, so my 3 AVs don't fight at all over them.

There is no such thing as too much security.

And I bet all you whiners have a firewall running I guess? Thats not hardware or self coded?

just be a man and ignore the bullies :)

just be a man and ignore the bullies :)

I just wanna know if they use a firewall, then we will see who knows what.

I run smoothwall on my *nix box, does that count?

I run smoothwall on my *nix box, does that count?

*nix > all

So yes, it does.

And I am also pretty sure you know what you are talking about trig :p

I have my own iptables rules list on my *nix box, that is the webserver + router (security flaw right there, heh).

how did they scam?
Selling personal details.
Refusing to cancel accounts.
Overcharging.

Take your pick, they've done them all over the years.



@Morganth - Believe what you want but you are losing performance. If you aren't then they aren't doing anything in which case why have them there.

It's your PC so do what you want with it but don't expect others not to comment if you publicly declare that you do something daft.

@Morganth - Believe what you want but you are losing performance. If you aren't then they aren't doing anything in which case why have them there.

It's your PC so do what you want with it but don't expect others not to comment if you publicly declare that you do something daft.

Either way I bet my PC > yours.

Either way I bet my PC > yours.
Sorry dude, I left the playground behind me decades ago. Find someone else to play that game.

My internet connection -> Smoothwall (FC3, SElinux) -> Cisco firewall -> Internal LAN Firewall, Netgear -> Software firewall (Sygate) -> My PC

^_^

And you can have too much security. 3 Virus scanners can conflict, screw things up and diagnose their ID libraries as viruses, killing each other. Been there, done that, reformatted and put Fedora 3 on.

meh i already got the virus from my stupid sister..doesn't seem to be doing much atm...jus sending itself to everyone i kno

meh i already got the virus from my stupid sister..doesn't seem to be doing much atm...jus sending itself to everyone i kno
watch ya isp dont cut you off for for exteme bandwidth usuage ;)

meh i already got the virus from my stupid sister..doesn't seem to be doing much atm...jus sending itself to everyone i kno

A very good reason not to use IM's.
I dont even let my sister or my parents use my computer. They have to go through a key, and a password.

Some time I wish they make a PC for computer illeterates, and trash the Mac computers.

ohhh i gotta unblock some ppl now :lol: isnt the file names like "she can fit all of it in a teapot.pif" or some crap like that?

ohhh i gotta unblock some ppl now :lol: isnt the file names like "she can fit all of it in a teapot.pif" or some crap like that?

and webcam.pif

hot sexy nude gurl.pif

and such yes.

i noticed the funny.exe thing is still being sent.. thought it was gone long time ago :confused: must be having a 1 year in circulation anniversary soon. :rolleyes:

I've got this stupid little fucker on my machine now, curtousy of my little sister.
Norton doesn't know it's there, and neither does the free scan that msn gives you :p.
A search for .pif finds two of them, neither with file names that look iffy. So dunno if they are legit msdos apps or what. Nor are they in a place I would expect (root windows folder and the winzip folder).

While we are at it, I have a file. Which I.... aquired, and in good old tradition, it isn't what it was meant to be.
I can't see that it's doing anything. It's clean according to norton and my adware progs, it won't delete (being used by windows apparently :rolleyes:) and I can't see it under processes.
How can I get rid of it?

i almost got it from crazy lol

it looks just like a normal message

"omg this is funny! http://jose.rivera4.home.att.nt/cute.pif"

Ah, this little buggar is kinda fun, I got it sent to me by an old clan-mate, ran it... and 2 minutes later I got the message "omg this is funny! http://jose.rivera4.home.att.nt/cute.pif" from 4 of the people on my contacts-list :D

It's so goddamn hilarious :lol: :lol: :lol:

Anyway, getting rid of it is pretty simple, it's just a matter of killing the process and then removing it from all startup-lists...

http://truedeath.com/2005/02/16/removing-the-msn-virus/

Happy Hunting! ;)

//edit - DJ, what kind of file?
///Edit - Oh, and while talking about security, I have no firewall whatsoever (I would have if my adsl-router wouldn't cut me off every 20 minutes if I enable NAT), so the only protection I have is this german anti-vir, which is very good tbh... get it at http://www.anti-vir.de/ (they have an english site too, but that one's almost always inaccessible due to it being overloaded...)
Free updates and everything + it takes up MUCH less resources than any other av I know of... ;)

It's a 400mb exe file, presumably an installer, but it doesn't work, and is apparently in use.

I have also found the cause of some of the popups I have been getting. Little .exe files in c:\, that won't let me delete them.