Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
think i just got sent a MAC virus
- Thread starter robotjustin
- Start date
- Sort by reaction score
applemacdude said:
Mostly files with .pif extensions are Windows files that are used to run MS-DOS programs. IIRC, when you run an MS-DOS program and change the window preferences (like which screen height the DOS prompt opens up as, full screen, etc) then Windows automatically creates a .PIF file, and in the future you double click it instead of the program.
But I guess just cuz it comes from a .mac doesn't mean it was generated by a mac. EDIT: oops, like JXYama said, its most likely a spoof address. Does sound like its a PC virus though.
robotjustin said:
Umm, there are a lot of people who actually use them... Just let your junk mail filter do it's job, if you're using OS X... If not, get a big-boy OS, switch to Mail.app, and train it for a while-- before long you'll never see files like this...
paul
paulwhannel said:
Just as a semi-OT, what's considered "a while"? Mail.app still seems to be getting steadily better but I've been training it for a couple weeks and it still seems to make surprising errors, like those "free prescription drugs" e-mails are still getting through.
Also does Mail continue to train when its in the productive mode (with a Trash folder)?
This is the only known virus for Mac OS X out there: http://www.funmac.com/showthread.php?t=6300
But if you read through the whole thread, you'll find out that it's not a real virus...
But if you read through the whole thread, you'll find out that it's not a real virus...
jbzoller from Funmac.com said:
paulwhannel said:
from his screenshot, it seems clear he's using os x and, incidentally, mail, as well.
well unless u open it under vpc then ur computer couldbe affected, but only the windows image file, not os x
King Cobra said:
It's certainly not a virus.
jbzoller is wrong though, it doesn't need to be self-executing to be a trojan horse. It was a benign proof-of-concept trojan that a developer wrote to illustrate a vulnerability in OSX (similar to other vulnerabilities in OS9 and Windows). Intego's reporting of it was grossly irresponsible.
virividox said:
Well, I think that only VPC would be affected, right? Unless the developer of the virus specifically had in mind some loophole between VPC and OS X, the virus should be contained within its native environment. That is, because the virus can't infect OS X, it probably shouldn't be able to do any damage outside the confines of VPC.
Of course, I haven't used VPC much, so I don't know how much damage that could be. Does it have some AtEase-type protection, so that your system is insulated? I'm thinking that you probably couldn't do things like reformat or corrupt OS X system files from within VPC, but maybe I'm wrong.
I suppose you could still screw with user documents.
Of course, as a post-doc pointed out to me once, the most debilitating OS X virus would be to simply to send out a mass e-mail saying, "Hey! Check out this cool new trick I found in the terminal. Log in as root, type the following and press return."
"The following" would be the command to reformat the hard drive.
junk filter
actually, i tried to create a rule that would scan the content of the emails for .pif extensions, and route them into a virus folder, but didn't seem to want to work.
I have been training the junk filter for awhile, but have been getting some incredibly random emails lately, (although lots are hotmail) and thhey all seem to be .pif files with some stupid invitation like "why don't you check out this file?" or "here's the file I sent you."
Should work, but doesn't. huh
paulwhannel said:
actually, i tried to create a rule that would scan the content of the emails for .pif extensions, and route them into a virus folder, but didn't seem to want to work.
I have been training the junk filter for awhile, but have been getting some incredibly random emails lately, (although lots are hotmail) and thhey all seem to be .pif files with some stupid invitation like "why don't you check out this file?" or "here's the file I sent you."
Should work, but doesn't. huh
robotjustin said:actually, i tried to create a rule that would scan the content of the emails for .pif extensions, and route them into a virus folder, but didn't seem to want to work.
I have been training the junk filter for awhile, but have been getting some incredibly random emails lately, (although lots are hotmail) and thhey all seem to be .pif files with some stupid invitation like "why don't you check out this file?" or "here's the file I sent you."
Should work, but doesn't. huh
How many of the people you know use "you" or "I" or "?" in the subject? When I used to get a lot of spam, I would check for those separately.
re: I and you
99% of mine are RE: PER OUR CONVERSATION or RE: Info or other generallly obnoxious things. Interesting how virus writers have such a head for the mundane
bousozoku said:
99% of mine are RE: PER OUR CONVERSATION or RE: Info or other generallly obnoxious things. Interesting how virus writers have such a head for the mundane
robotjustin said:
Yeah, I have yet to get even one *legitimate* offer from a Nigerian beaurocrat-in-hiding who wants to transfer a million dollars into my account to use it as a shield to protect cabinet members in his party from the ruling coalition.
That's because you are doing it wrong. If you wait for them to come to you, you'll only hear from the ones who were lucky enough to run into your e-mail address and who happen to know what a reliable partner you'd make. Instead, you've got to take action: get a Nigerian phonebook and contact each businessman in the country, looking for partners. That's how I got lots of new financial partners. They are each going to give me a share of a million dollars. I had to pay them a few fees to get the deal started, and they are taking a little longer than I expected to give me my big payback, but I'm sure the checks are in the (e-)mail.mkrishnan said:Yeah, I have yet to get even one *legitimate* offer from a Nigerian beaurocrat-in-hiding who wants to transfer a million dollars into my account to use it as a shield to protect cabinet members in his party from the ruling coalition.