[Esa-l] Problem Virus

Brett Glass brett at lariat.org
Tue Oct 31 05:06:29 PST 2000

At 05:25 AM 10/31/2000, Floyd Pierce wrote:

>Yesterday, I had a regional controller who showed up with this:
>I can't say whether it got through the procmail-filter or not
>but I would suggest taking a look at it. If I had the machine
>in hand, it probably wouldn't be impossible to fix, but it did
>enough damage that I'll probably have to have him fed-ex the
>machine in to get it fixed (probably a re-load).
>I think there is fodder for the poisoned list here:


The recommended "poisoned" list already includes *.pif. It does
not include *.scr. "scr" is a type normally reserved for
Windows screen savers. one renames an "exe" file to have this
extension and places it in the C:\WINDOWS\SYSTEM directory
to make it available as one of the options in the list of
screen savers. Because it can be executed with a click, it
is already on the default mangling list and should probably
be "poisoned" too.


More information about the esd-l mailing list