|
The virus itself is not a PIF file. The programmer obviously wanted to make the file look like one, but he made the mistake of putting a second extension onto the file. This is a characteristic trademark of a virus if it's downloadable. Otherwise, the only other files that have double extensions are Internet files. THis would make the virus easier to circulate on the Internet.
For the sake of this lecture, let's make an example out of "Book1.xls.pif". Now, the way a PIF file could infect a PC is such that the PIF contains data that would define a program hidden in the XLS part of the file. This would effectively turn the file into an internal duplicate, or a file within a file. And yes, this is possible. I've done it with C++. It makes a BIG mess of the file, but when you put a PIF into the mess, you get calculated instructions as to how the file operates. So, as the file is being read, it can also be running a background program at the same time designed to fubar your computer. That's why it's easy to identify viruses as a file having double extensions that have no business being on the Internet, such as XLS and PIF.
Moral of the Story: Don't download a file that has double extensions! Especially ones like "filename.jpg.gif"! Any file which has two extensions from picture files, like "filename.jpg.gif", is definitely a virus, unless someone forced a double extension in their file system, which is highly unlikely.
Hope I have been helpful.
__________________
|