Results 1 to 6 of 6
  1. #1
    New Lounger
    Join Date
    Apr 2002
    Location
    Poulsbo, Washington, USA
    Posts
    13
    Thanks
    0
    Thanked 0 Times in 0 Posts

    virus or paranoia?

    I don't know if I've been 'tagged' with a virus, or, if I'm just paranoid. I ~wish~ I had the time to research it, but, alas, in my haste I post here the details and pray for an answer.

    Using WIN 98, and Outlook 98. Got an e-mail with attachment: "IS_LINUX_GOOD_ENOUGH!TXT.pif" (18 kb). Saved to disc. Scanned for viruses. Don't know where it 'went'. Did a "find" for "LINUX". Sorted by Modified. Saw the following three files with a time stamp that is essentially 'now' (today, anyway):

    System.dat in C:WINDOWS dat file
    le pack.exe in C:WINDOWS application
    WIN32.dll in C:WINDOWS application extension

    I may have tried to open from Outlook it after I scanned my drive, -which was after I received my mail....point is, I both "opened" it...and saved it, again, only this time to a known location. After saving again, I right clicked the file for Properties and found the following data...(I wish I knew what a ".pif" file is)

    General tab: IS_LINUX_GOOD_ENOUGH!.TXT
    Type: Shortcut to MS-DOS Program
    Location: ...downloadsLinux.pif
    MS-DOS Name: Linux pif
    Attributes: read-only

    The other tabs have more settings, but, I hope the above is enough information. It seems weird that there would be a modification to the c:WINDOWSsystem.dat file...but it may just be my ignorance. Same frustrating foolish feeling I have about the "C:WINDOWSle pack.exe" file. Should I run it??? Delete it??? How did it get into the WINDOWS file...MAYbe this is just noormal, typical, run-of-the-mill operations for when I get an e-mail, or attachment...

    Worst case: I'm thrashed.
    Best case: I get to run the .exe then learn how to get it off my drive...er, clean it out of the WINDOWS file.

    I wish I knew...can you help me? If you can't, feel free to forward, or cut-and-paste to someone, or someplace that can.

    TIA - holding my breath...

    "Dr Carl"

  2. #2
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Roanoke area, Virginia, USA
    Posts
    3,729
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: virus or paranoia?

    if it's not a virus or a trojan, it very well could have been. pif is a shortcut used for running dos programs. if the program it points to is in your downloads directory and you ran it, you could be hosed.

    never, never open unknown files - and this is exactly why microsoft added the email security patch to SR2 and Outlook10.

    http://www.sarc.com is a good place to start for everything on viruses. don't trust the results of a virus scan - if the file is not important to your work, don't open it.

  3. #3
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Roanoke area, Virginia, USA
    Posts
    3,729
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: virus or paranoia?


  4. #4
    New Lounger
    Join Date
    Apr 2002
    Location
    Poulsbo, Washington, USA
    Posts
    13
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: virus or paranoia?

    [img]/w3timages/icons/love.gif[/img]Many Happy Thanx to you, MaryJ, as well as all those who constructed my 'OK, NOW what to do' instructions. After slow, deliberate, and time-gulping attention...my disc is clean again. And, having been stung, I shall be furthermore a more 'protected' user by leaving Norton's Auto-Protect feature enabled while on the net.

    MaryJ, you mentioned the Outlook E-Mail security patch...I thought it got a real bad rap by Woodies, et al...so, I stayed away from it...I can't remember the exact details, but something about (after installation) Outlook 98 not performing correctly? -or, was it the Mail Merge? SOMEthing that made users wish they could go back to Outlook 97, or 6, or 5 or something...

    I welcome your comment.

    Thank you.

    "Dr Carl"

  5. #5
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Roanoke area, Virginia, USA
    Posts
    3,729
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: virus or paranoia?

    the e-mail security patch, which i've seen referred to as "HELL patch" in the MS newsgroups and on mailing lists, displays a dialog that needs approved for mail merges, the new ICQ toolbar and programs like stamps.com and synch software for palm pilots. Anything that accesses the address book causes the warning dialog and you can approve access for up to 10 min.

    It also blocks access to certain attachment types.

    As an administrator, I reviewed it for use within our company and decided it was too restrictive.
    for the low down on it, check here:
    http://www.slipstick.com/outlook/esecup.htm

  6. #6
    New Lounger
    Join Date
    Apr 2002
    Location
    Poulsbo, Washington, USA
    Posts
    13
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: virus or paranoia?

    Thanx

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •