Webcam_015.pif -- Virus?? - Printable Version
-Shoutbox (https://shoutbox.menthix.net)
+-- Forum: MsgHelp Archive (/forumdisplay.php?fid=58)
+--- Forum: Skype & Technology (/forumdisplay.php?fid=9)
+---- Forum: Skype & Live Messenger (/forumdisplay.php?fid=10)
+----- Thread: Webcam_015.pif -- Virus?? (/showthread.php?tid=36913)
Webcam_015.pif -- Virus?? by TLs4 on 01-13-2005 at 02:55 AM
Hey guys,
Has anyone seen this file randomly being sent via your contacts? I've seen about 15 people from my list try to send it to me now, is it just my comp or is this something going around MSN? They say they don't even see request to transfer to me. Thanks!
-- TLs4
RE: Webcam_015.pif -- Virus?? by .blade// on 01-13-2005 at 02:56 AM
It's most likely a virus. Don't accept any file transfers of files you don't know/ from ppl you don't know.
quote: Originally posted by File Ext
Note: This file type can become infected and should be carefully scanned if someone sends you a file with this extension.
http://filext.com/detaillist.php?extdetail=.pif&goButton=Go
RE: Webcam_015.pif -- Virus?? by TLs4 on 01-13-2005 at 03:06 AM
Yeah I figured as much... just hoping that its on their computers and not mine. I forgot that I had auto-accept enabled in Plus, and came back with 12 of them in my recieved files. Not cool! haha, thanks for the uber quick reply
RE: Webcam_015.pif -- Virus?? by M73A on 01-13-2005 at 07:29 AM
VIRUS oh, ive had to many of these not more wats a pif neway
Edit: oh yea, fileext.com....derrr sorreh
RE: Webcam_015.pif -- Virus?? by jadev on 01-20-2005 at 06:02 AM
Symantec site has just posted a virus
http://www.sarc.com/avcenter/venc/data/w32.bropia.html
wow, so this virus does exist since Jan 13?
RE: Webcam_015.pif -- Virus?? by ddunk on 01-20-2005 at 07:03 AM
Yep, 4 people from my list sent me *.pif files today, seems to be a new MSN virus.
RE: Webcam_015.pif -- Virus?? by user13774 on 01-20-2005 at 08:17 AM
quote: Originally posted by http://www.webopedia.com/TERM/P/PIF_file.html
Short for Program InFormation file, a type of file that holds information about how Windows should run a non-Windows application. For example, a PIF file can contain instructions for executing a DOS application in the Windows environment. These instructions can include the amount of memory to use, the path to the executable file, and what type of window to use. PIF files have a .pif extension .
Almost all of the .pif files you get from the internet are virusses.
Another populair extension for virusses is .scr (screensaver). But the problem with scr is that normal screensavers also have the extension scr, so only execute scr files if you absolutly trust the file and it's creator.
And of course exe files . Never ever execute exe files you don't know or don't trust.
EDIT:
Here is a special item on someone's weblog about the webcam_015 shit:
http://spaces.msn.com/members/tls4/Blog/cns!1pVUh...wVSLiQDg!176.entry
RE: Webcam_015.pif -- Virus?? by _Humphreys on 01-20-2005 at 08:21 AM
Also stay clear of files in P2P's that don't look right most of the time they will be a virus.
RE: Webcam_015.pif -- Virus?? by user13774 on 01-20-2005 at 04:20 PM
From mess.be:
quote: WARNING: Bropia.A, a new MSN Messenger worm on the loose!
Based on numerous reports from messers, a new virus seems to be propagating itself rapidly through MSN Messenger.
F-Secure identifies the worm as Bropia.A, other antivirus software (like including Kaspersky) labels it IM-Worm.Win32.VB.a.
When received and executed by the victim, the worm places itself in the C directory with a random filename like:
sexy_bedroom.pif
drunk_lol.pif
naked_party.pif
webcam_(random number).pif
love_me.pif and similar looking names.
It then automatically sends itself to active MSN Messenger contacts. It also drops and executes oms.exe, a variant of Rbot, which copies itself as lexplore.exe and adds two registry keys so it will be executed at next system startup. The bot can be used as a backdoor, logging keystrokes, relaying spam and for various other purposes and is therefor a huge security threat to your system. Brobia.A can also disable mouse right button and manipulate Windows mixer volume settings.
If you receive a file transfer request for such a file, press ALT-D or click Decline. Don't ever execute the file. If you did, delete the file immediately and permanently from your system (My Received Files and C drive) and take necessary security measures. For more information, visit F-Secure.
RE: Webcam_015.pif -- Virus?? by Stigmata on 01-20-2005 at 05:31 PM
more information here
http://forum.mess.be/index.php?showtopic=4399
|