On Tue, 24 Jul 2001, Aarjav Trivedi wrote:
If i download a windows virus infected file onto a linux/windows dual boot box with linux after disabling access to my windows drives (unmounting them) is there any way this virus can cause harm to my
Even without unmounting your drives, there is nothing the virus can do to your windows system. You have to execute a virus for it to have any effect. You can also safely download it to your windows partition, and keep it there for as long as you want. It is ineffective unless you actually execute it.
computer. Specifically the w32.sircam virus with .pif files.
w32.sircam is a worm not a virus. Don't confuse the two. There are also trojans. The difference:
Virus - self replicates (capable of reproduction) infects executable files a virus cannot exist without a host
Worm - uses a carrier to transmit itself. Does not infect files but sends itself as a whole. A worm does not use, nor can it use a host.
Trojan - A program that pretends to be something it is not. Example if a program is supposed to be a calculator, but actually deletes your files, it is a trojan. format.com in dos erases everything on you hard disk. This is expected behaviour, so format.com is not a trojan.
what is a .pif file ?
program information file. All versions of windows have had pif files that store information about actual programs, eg, where the executable is, and what its working directory is. pif files are executable only in windows. After win95, these were replaced by .lnk files, which are generic shortcuts for any type of file. pif is now only used for DOS executables.
does it run under linux ?
no. it doesn't run in DOS either. In linux, many things can be run, if you have an interpreter for it. If someone were to write an interpreter for pif files, then these could be executed in linux too.
In windows, the extension of the file doesn't matter. That only tells windows if the file is executable or not. Windows will still scan the header of the file to find out what kind of binary it is. You can rename a .exe file to .pif, and it will still work. Same with .scr You can also rename .exe to .com
In linux, the header is always consulted, and file permissions are used to determine if a file is executable. Native linux executables follow the ELF binary format, and in some cases, the obsolete AOUT format.
Windows binaries are in neither of these formats.
Philip