Community discussion forum

Back to discussion

EMAIL FROM MICROSOFT

Last post was 08 Feb 2008 at 10:03
Tags: United Kingdom
  • 6 years ago

    Did anyone just receive an email from microsoft with a file called Passwords.pif or something close to that? what does the file do? what is it? there was no information supplied with the email.

    Report abuse
  • 6 years ago

    sounds like a virus or something dodgy.


    how big is the pif file? small enough to post on here so i can have a look?

    Report abuse
  • 6 years ago

    If it is indeed a virus, then posting it to this board would NOT be a good idea. I can guarantee that Microsoft has not and will never send you files via email (especially pifs), so if it appears to be from them then it is almost certainly malicious.


    Delete it and don't worry about it.


    PS. you might want to start using a virus scanner, it will eliminate a lot of potential problems when it comes to unknown files.

    Report abuse
  • 6 years ago

    lol yes obviously if it was malicious then i wouldnt have wanted him to post it!! hehe


    sorry if i wasn't clear

    Report abuse
  • 6 years ago

    i think a pif is come kind of dos script, like a bat file,

    Report abuse
  • 6 years ago

    yep, it's the dos version of .exe

    Report abuse
  • 6 years ago

    http://www.webopedia.com/TERM/P/PIF_file.html

    Report abuse
  • 6 years ago

    haha! yes, i just got that too as a matter of fact...
    the virus (assuming it is a virus) just does some very basic
    e-mail spoofing/just changing the from address to "support@microsoft.com".

    Report abuse
  • 6 years ago

    Well i got a few more, and just after i posted here, i looked on the MSN download page thingy, and the online virus checker said it was clear, and so did my personal virus checker... so i opened it... and for some reason my computer seems slower than normal how would i clear it if it was a virus, my checkers aren't picking it up...

    Report abuse
  • 6 years ago

    yeah... i've received about 5 emails from "support@microsoft.com" with viruses in.

    Report abuse
  • 6 years ago

    yeah they also originate from:


    support@microsoft.co.uk
    oem@microsoft.com
    sales@microsoft.com
    register@microsoft.com


    any extension with:


    .exe
    .pif
    .bat
    .scr
    .com


    should be scanned before executing. get a virus scanner (Symantec is gahay!) that integrates itself into outlook... cause i'm using Office 11 my PC-Cillin wont scan many things... so its done on our mailservers...

    Report abuse
  • 6 years ago

    this is a new virus: http://www.f-secure.com/v-descs/palyh.shtml


    http://www.symantec.com/avcenter/venc/data/w32.hllw.mankx@mm.html

    Report abuse
  • 6 years ago

    omg! it made c|net!
    http://news.com.com/2100-1002_3-1007603.html

    Report abuse
  • 6 years ago

    Support@Microsoft.com Worm Makes the Rounds


    It's an old trick, but a good (and nasty) one. A new mass mailing worm
    spoofs Microsoft's domain name to deliver a payload disguised as an
    attachment from Microsoft. The worm was discovered by anti-virus
    vendors over the weekend and it picked up momentum today as users fired
    up their mailboxes for the work week.


    The worm is known as W32.Sobig.B@mm or W32.HLLW.Mankx@mm by Symantec,
    W32/Palyh@MM by McAfee, W32/Palyh-A by Sophos and WORM_PALYH.A by Trend
    Micro. The messages all purport to  come from support@microsoft.com.
    Subject lines include "Your password," "Your details," "Approved (Ref:
    38446-263)," "Re: Approved (Ref: 3394-65467)," "Re: My details,"
    "Screensaver," "Cool screensaver," and "Re: Movie."


    The attachment has at least nine names, all ending in .pif. The worm
    copies itself to the Windows installation folder, creates several files
    and makes some changes to the registry, among other things. After that,
    it uses its own SMTP engine to send itself to all the contacts it finds
    on the victim's system. It will activate only until May 31, according
    to Symantec and others.


    In addition to warning your users about this particular worm, it's a
    good idea to remind them that Microsoft never sends out security
    patches or attachments. Microsoft's stuff always links back to a Web
    download page.


    There's a tool for removing this worm on Symantec's Security Response
    site:
    http://securityresponse.symantec.com/


    A Microsoft warning for users about the recurring problem with
    attackers sending out fake security bulletins and attachments that look
    like they're from Microsoft:
    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

    Report abuse
  • 6 years ago

    why do they never tell you what worms and viruses actually do?


    like, they tell you technical stuff like getting into autoexec.bat and the registry and mailing itself


    but is that all it does?


    doesn't it do anything to p!$$ you off like delete your hard disk or make ur pc not turn on or pop up annoying naked germans everywhere?


    how boring.....

    Report abuse
  • 6 years ago

    the virii that dont do anything are the ones that spread best, cos 1) no1 notices them 2) they dont damage the machine there on,so they can sit there mass mailing all they like.


    although virii are so annoying, the "good" ones are fasinating.


    i got the assembly source for 1 that i realy admired, its sumthing stupid like only 250 bytes when compiled, so it can move Very quickly and silently wihtout being noticed, and.. what reeealy impressed me, was that the virus encrypted itself with a random key each time it moved.


    so the binary machine code changed. except for a few lines that encrypted one line of machine code, jumped execution to it, then encrypted the instruction again, and then did the same with the next line of code.


    AMAZING !!! makes it hard find, as only 5% of the porgram stayed the same, the rest was continuously mutating, but always doing the same thing.


    anyway. Grrr, hate virii. but,, wow.

    Report abuse
  • 6 years ago

    Quote:
    why do they never tell you what worms and viruses actually do?


    like, they tell you technical stuff like getting into autoexec.bat and the registry and mailing itself


    but is that all it does?


    doesn't it do anything to p!$$ you off like delete your hard disk or make ur pc not turn on or pop up annoying naked germans everywhere?


    how boring.....

    According to the article, this particular worm has no payload except to propagate itself until the end of the month.

    Report abuse
  • 6 years ago

    your own BBC has an article:


    http://news.bbc.co.uk/2/hi/technology/3040247.stm

    Quote:

    People users are being warned about a new e-mail virus that disguises itself as a message from Microsoft. Anti-security firms have told people to be on the look out for the e-mail worm which pretends to come from support@microsoft.com.


    The message comes with a variety of subject lines but the attachment should not be opened because it will infect users with a worm known as Palyh. Palyh will then copy itself into to the Windows folder, and begins sending itself to all e-mail addresses it finds on a computer.


    Virus writers are always on the lookout for ways to trip up unsuspecting computer users and disguising a worm as a message from the world's best known software firm is the latest in a line of cunning tricks.


    "Microsoft technical support does not send out files in this way, and users should think twice before they click", said Graham Cluley, Senior Technology Consultant for Sophos.


    The file comes with a .pif extension, a file name that may be less familiar to users. The virus is "out there in big numbers" according to Sophos and struck at around midnight, meaning Australia and New Zealand have seen the most cases so far.


    BBC News Online's own Technology inbox has received about a dozen of copies of Palyh.


    Report abuse
  • 6 years ago

    of course, since it can update itself, the virus could turn itself into something that would piss you off...

    Report abuse
  • 6 years ago

    yes, i got the mail from support@microsoft.com with the attached "program.pif"
    and mr "i´m the toughest in town" Norton AV said it was a virus before it finished
    to be saved in my HD.


    (I was saving it on HD so I could give it a look when I wouldnt be connected, I do this
    everytime I´m not sure about a file, but I´m not even sure if that works... )


    well... if you see it, delete it.


    DrNo.

    Report abuse
  • 6 years ago

    i haven't got it yet, i feel all left out


    (i used to get like 3 virii every day but managed to kill them off, so im glad really)


    PC-Cillin rocks!!

    Report abuse
  • 6 years ago

    Indeed PC-Cillin rocks...

    Report abuse
  • 6 years ago

    i had pc-cillin.
    but for some reason, i could never download the virii identification updates (whatever there called)


    so now i use a free 1,, AVG

    Report abuse
  • 6 years ago

    lol, i use norton, but only because it is the best in terms of coverage (they have so many users that they have to update fast).


    yesterday i was usin kazaa and i got 7 virii in a row (different downloads each time). lol!

    Report abuse
  • 6 years ago

    things kza's good for other than the obvious:


    A) downloading viruses
    B) Downloading an apparent copy of a recent unreleased-movie which turns out to be:
        a) a japanese p0rn flick
        b) other p0rn flick
        c) black screen that does nothing with no sound
        d) a movie you reaally hated like The Royal Tenenmbaums or Vanilla Sky
    C) downloading fake files


    or finally:


    D) Downloading pictures of britney spears only to find a guy instead (a friend did that... funny!)


    NOTE: I do not recommend the use of such p2p applications... BIG COUGH

    Report abuse
  • 6 years ago

    http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SOBIG.B

    Report abuse
  • 6 years ago

    KaZaA (and no i'm not putting stars in cos it's perfectly legitimate software if you use it within the terms and conditions) is wicked.


    for downloading /\/\ |_| $ ! C...... errrr i mean tunes that other users have created and want to share with the world


    my @udio collection would not be half as large if it wasnt for the samples of other peoples own work i've got


    and also nice videos... hmmmmmmmm

    Report abuse
  • 6 years ago

    lol nice, errr i havnt a virus scanner installed and never have had one (bout 8 years), apart from kazaa, all u have to do is be carefull with wat u click on on the net, im pretty sure ive got a virus from kazza tho

    Report abuse
  • 6 years ago

    lol nice, errr i havnt a virus scanner installed and never have had one (bout 8 years), apart from kazaa, all u have to do is be carefull with wat u click on on the net, im pretty sure ive got a virus from kazza tho but whenever i check with the free trials, none are detected.........

    Report abuse
  • 6 years ago

    download the trial of PC Cillin 2000 and i'll give you the code to put in


    (i have it legitimately, it came with my motherboard)

    Report abuse
  • 6 years ago

    hey, rollershade, you do know that kazaa comes with a free virus scanner for your kazaa files only, right?

    Report abuse
  • 6 years ago

    Quote:
    [1]Posted by paulfp on 22 May 2003 01:24 PM[/1]
    download the trial of PC Cillin 2000 and i'll give you the code to put in


    (i have it legitimately, it came with my motherboard)



    go buy cough? PC-Cillin 2003 cause its got a faster engine and a better firewall and email scanner...

    Report abuse
  • 6 years ago

    I only found my first virus a few months ago, and i've been on the net for years.
    Norton ain't that good, I noticed some dodgy files (brazil.exe scrsvr.scr marco.exe etc) scanned with Norton, nothin. Although it did find another virus, got rid of that tho. Had to manually exterminate the first, was fun.
    Clever buger tho, uses a glitch in windows (can you believe it? A glitch!) and reduced the password length to 1 char, go through the ASCII and your in. Then i suppose, all virii are clever, otherwise we wouldn't bother with anti-virus programs.

    Report abuse
  • 6 years ago

    That is rather smart for something so dumb.
    How weird that this has a time limit tho. Probably planning to auto-update by then.
    Hehe, someone once tried to send me a virus on AIM. I knew them, so I downloaded the 2 files. Slideshow.com and archer.asm. Lol, that came back to bite him in the ass for so many reasons.
    1) You don't send a hacker a .asm file and expect them not to read it.
    2) And when said asm file makes several references to routines called Infect and Virus, people get suspicious. (Besides, anyone who's worked with any sort of ASM knows no program is going to need its own source code.)
    3) Especially when it has a description at the top.
    4) Slideshow.com? Please. And only ~2KB, wow, that's some good compression.
    5) This ancient virus is as effective on NTFS as a match is in the water.
    6) Antivirus, duh!
    Hehe, it was funny watching his reaction. "How did you know?" XD


    I did get a virus once. I made the mistake of trusting McAfee since it was pre-installed, and having just got my PC I was using IE. Some naughy JS snuck in and MacRapfee basically just said "There's a virus with this filename, better do something!" not even telling me where the file was. -_- Good old DOS helped there.


    Hehe, DOS - the best tool for both increasing security and compromising it.

    Report abuse
  • 6 years ago

    Updated my defenitions yesterday, this topic made me nervous
    Virii are facinating, wouldn't mind programming some of my own Like they'd survive!
    Why did the said person send you the ASM file? The com file wouldn't need it, would it? Or was it a sort script kiddie that found the files and thought they went together?

    Report abuse
  • 6 years ago

    lol, mcafee sux...

    Report abuse
  • 6 years ago

    Least my Norton tells you everything you need to know. And the autoprotect is damn handy if explorer gets overwriten, loads before and can clean out the virus before explorer loads.

    Report abuse
  • 6 years ago

    yeah, and it detects viruses on kazaa before they finish downloading...

    Report abuse
  • 6 years ago

    Norton does?
    I don't use Auto Protect all the time. Only if it's picked up a virus.
    But it wont matter 'cos I don't download software, only music.
    Wonder if there's music viri?

    Report abuse
  • 6 years ago

    yes, a little while ago there was a vulnerability found in XP that meant that virii could be embedded inside a dodgy mp3 file, and as soon as you select it in windows explorer, the code would run (cos of the immediate file information it gives, lenght, bitrate etc.)


    i just scan stuff off kazaa before running it (except music, i play that as it downloads)

    Report abuse
  • 6 years ago

    I should be ok, I run good old 98. Wouldn't mind 2000 but I can't get it.
    I will be more carefull from now on.


    What does AutoProtect scan? Is it just exe's when you load them or any file?

    Report abuse
  • 6 years ago

    Yep got a few of them delete them most pif files are viruses

    Report abuse
  • 6 years ago

    Havent' encountered any.
    I'll leave it for now. Can't be ar$d.

    Report abuse
  • 6 years ago

    hey i just got the virus! at last!


    i'm so happy, i dont feel left out anymore.


    PC Cillin killed it the moment it entered through my port 80


    it was sent to the email address i use for MSN messenger only.... how odd......

    Report abuse
  • 6 years ago

    hey smile005, just so u know, the software is where most of the viruses are! actually, i haven't gotten a virus from anything else...


    oh yah, autoprotect works by scanning a file every time it is modified. that means that as a byte is written to the file u r downloadin, it scans it. thats how it picks it up.

    Report abuse
  • 6 years ago

    I don't download software from Kazaa, although I would scan it if I did.
    Thanks for the autoprotect info. Weren't sure if it only scanned programs or all files.

    Report abuse
  • 6 years ago

    wow, you don't use kazaa? you're the first person i know who doesn't...

    Report abuse
  • 6 years ago

    To download software? Nope. I never needed too. Plus i'm on dial-up so I can download whole games or anything.
    Although I do download music.

    Report abuse
  • 6 years ago

    yay yay yay!
    just got the virii from support@microsoft.com  it's in a file called movie.pi
    (is it unusual to be so happy to get a virii?)
    the subject says Re:Movie, and i was like, i never sent any email to support@microsoft.com, and then i remember the geeks at devFusion talking about the virii that comes from support@microsoft.com  cheers!

    Report abuse
  • 6 years ago

    Quote:
    [1]Posted by bladeMaster on 28 May 2003 08:29 PM[/1]
    then i remember the geeks at devFusion talking about the virii that comes from support@microsoft.com  cheers!


    geeks? who? us? really? i thought we were known as the elite programmers at DF, ohhh wait... yeah okay... hmmmm DOH!

    Report abuse
  • 6 years ago

    hmmm lol im no geek, not intelligant enough thushan, my m8s 21st yesterday night, so didnt get a chance, i thought i had some time until i got yanked down the pub

    Report abuse
  • 6 years ago

    blademaster, u don't thank people and then call them geeks...

    Report abuse
  • 6 years ago

    Quote:
    [1]Posted by rollershade on 29 May 2003 04:20 AM[/1]
    thushan, my m8s 21st yesterday night, so didnt get a chance, i thought i had some time until i got yanked down the pub

    no worries...

    Report abuse
  • 1 year ago

     I may be wrong here, but I'm almost sure you can't do this... ??

    Joe 

    Report abuse

Post a reply

Enter your message below

Sign in or Join us (it's free).

Related articles

Quick links

Recent activity

Languages

Web Development

Frameworks & Architecture

Other major sections

Cancel
Want to stay in touch with what's going on? Follow us on twitter!