Discussion:
Is .pif a known dangerous file type?
(too old to reply)
Daniel Prince
2004-06-30 03:10:54 UTC
Permalink
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
--
I just heard a TV commercial about an automobile that has a rear
entertainment system. I immediately wondered exactly how would an
automobile entertain one's rear and would it be safe to drive while
one's rear was being entertained.
Cyrus Afzali
2004-06-30 03:17:29 UTC
Permalink
On Wed, 30 Jun 2004 03:10:54 GMT, Daniel Prince
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
In and of itself, no. It's an image file type. However, I would never
open a file transmitted by someone I didn't know.
/betty/
2004-06-30 03:45:22 UTC
Permalink
Post by Cyrus Afzali
On Wed, 30 Jun 2004 03:10:54 GMT, Daniel Prince
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
In and of itself, no. It's an image file type.
^^^^^^^^^^^^^^^^^^^^^^^
Yeah and pigs can fly too.
--
/betty/ [2004-06-30 13:43:08]
Damaeus
2004-06-30 06:31:34 UTC
Permalink
In news:alt.usenet.offline-reader.forte-agent, Cyrus Afzali
Post by Cyrus Afzali
On Wed, 30 Jun 2004 03:10:54 GMT, Daniel Prince
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
In and of itself, no. It's an image file type. However, I would never
open a file transmitted by someone I didn't know.
A PIF file is a Program Information File. They were used commonly in
Windows 3.1 (but still work in XP) when DOS applications were still pretty
popular. IT basically tells Windows how to handle a program that normally
doesn't run under Windows.

Damaeus
DevilsPGD
2004-06-30 07:42:21 UTC
Permalink
Post by Cyrus Afzali
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
In and of itself, no. It's an image file type.
Umm no... Thinking of TIF or PIC?
--
Who is General Failure and why is he reading my disk?
Cyrus Afzali
2004-06-30 11:55:43 UTC
Permalink
On Wed, 30 Jun 2004 07:42:21 GMT, DevilsPGD
Post by DevilsPGD
Post by Cyrus Afzali
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
In and of itself, no. It's an image file type.
Umm no... Thinking of TIF or PIC?
Sorry, misread it to be .tif
Dirk G. Straka
2004-06-30 14:36:50 UTC
Permalink
Hi Cyrus,

thus spoke Cyrus Afzali:
[...pif]
Post by Cyrus Afzali
Post by DevilsPGD
Post by Cyrus Afzali
In and of itself, no. It's an image file type.
Umm no... Thinking of TIF or PIC?
Sorry, misread it to be .tif
That's the way it works ... q. e. d.

Greets, Dirk
Alex Heney
2004-06-30 21:52:59 UTC
Permalink
Post by Cyrus Afzali
On Wed, 30 Jun 2004 03:10:54 GMT, Daniel Prince
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
In and of itself, no. It's an image file type. However, I would never
open a file transmitted by someone I didn't know.
RUBBISH.

.pif is almost always a virus. The only times you are likely to get a
.pif in an email for any valid reason isb in an internal email within
a corporate network, where they want everybody to have the same
shortcut to something.
--
Alex Heney, Global Villager
Folks who think they know it all bug those of us who do

To reply by email, my address is aDOTjDOTheneyATbtinternetDOTcom
XYZ Files
2004-07-01 00:11:07 UTC
Permalink
Post by Cyrus Afzali
On Wed, 30 Jun 2004 03:10:54 GMT, Daniel Prince
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
In and of itself, no. It's an image file type. However, I would never
open a file transmitted by someone I didn't know.
Wrong, it's a DOS 'program info file', AND it's executable in Windows.

VERY dangerous, especially when you don't even
Damaeus
2004-07-03 10:21:26 UTC
Permalink
Post by XYZ Files
Wrong, it's a DOS 'program info file', AND it's executable in Windows.
VERY dangerous, especially when you don't even KNOW it's executable!
But it isn't really a PIF file. It's an executable named something like:

innocence.pif.exe

Oftentimes people don't bother to change the default in Windows to actually
show extensions for all file types. So innocence.pif.exe looks like
innocnence.pif or innocence.jpg, or innocence.txt.exe.

And... a PIF file can also be just that -- harmless on its own, but perhaps
pointing to a program previously planted by a hacker, which will run in
DOS, perhaps without opening a console.

Damaeus
Ralph Fox
2004-07-03 13:16:03 UTC
Permalink
On Sat, 03 Jul 2004 10:21:26 GMT, in message
Post by Damaeus
But it isn't really a PIF file.
Indeed, it most likely is not.
Post by Damaeus
innocence.pif.exe
More likely the file name has no .exe extension.

More likely it is an exe "innocence.exe" which
has been renamed to "innocence.jpg.pif".
Post by Damaeus
Oftentimes people don't bother to change the default in Windows to actually
show extensions for all file types. So innocence.pif.exe looks like
innocnence.pif or innocence.jpg, or innocence.txt.exe.
Windows still hides ".pif" extensions, even when you change the
default in Windows to actually show extensions for all file types.

So in Windows, "innocence.jpg.pif" still looks like "innocence.jpg"
even after you change the default.

Fortunately Agent itself does not hide any extensions.
Post by Damaeus
And... a PIF file can also be just that -- harmless on its own, but perhaps
pointing to a program previously planted by a hacker, which will run in
DOS, perhaps without opening a console.
Worse still, a file whose extension is .pif can _be_ an executable.
Simply rename "innocence.exe" to "innocence.jpg.pif"
The .pif extension is enough to let the .exe launch.


If someone double-clicks on a file which appears to them as
being named "innocence.jpg" but really is named "innocence.jpg.pif"
(and is a renamed "innocence.exe"), Windows will run it as a exe file.
--
Cheers,
Ralph

Change is inevitable. Progress is optional.
Jim Higgins
2004-07-03 16:02:15 UTC
Permalink
On Sat, 03 Jul 2004 13:16:03 +0000, in
Post by Ralph Fox
On Sat, 03 Jul 2004 10:21:26 GMT, in message
Post by Damaeus
But it isn't really a PIF file.
Indeed, it most likely is not.
Post by Damaeus
innocence.pif.exe
More likely the file name has no .exe extension.
More likely it is an exe "innocence.exe" which
has been renamed to "innocence.jpg.pif".
Post by Damaeus
Oftentimes people don't bother to change the default in Windows to actually
show extensions for all file types. So innocence.pif.exe looks like
innocnence.pif or innocence.jpg, or innocence.txt.exe.
Windows still hides ".pif" extensions, even when you change the
default in Windows to actually show extensions for all file types.
So in Windows, "innocence.jpg.pif" still looks like "innocence.jpg"
even after you change the default.
Fortunately Agent itself does not hide any extensions.
Post by Damaeus
And... a PIF file can also be just that -- harmless on its own, but perhaps
pointing to a program previously planted by a hacker, which will run in
DOS, perhaps without opening a console.
Worse still, a file whose extension is .pif can _be_ an executable.
Simply rename "innocence.exe" to "innocence.jpg.pif"
The .pif extension is enough to let the .exe launch.
If someone double-clicks on a file which appears to them as
being named "innocence.jpg" but really is named "innocence.jpg.pif"
(and is a renamed "innocence.exe"), Windows will run it as a exe file.
Isn't that wonderful? Instead of inspecting the file extension,
AND the file header and THEN making sure the two match before
executing the file, Windows examines the extension and if
executable, then inspects the header and executes per the header.
Of course, this is in the interest of making Windows "user
friendly." ;-(
Randall Bart
2004-07-03 20:22:18 UTC
Permalink
'Twas Sat, 03 Jul 2004 10:21:26 GMT when all
alt.usenet.offline-reader.forte-agent stood in awe as Damaeus
Post by Damaeus
innocence.pif.exe
Buy a clue. The extension ".pif" is every bit as executable as ".exe" or
".com" or ".scr".
--
RB |\ © Randall Bart
aa |/ ***@RandallBart.spam.com ***@att.spam.net
nr |\ Please reply without spam I LOVE YOU 1-917-715-0831
dt ||\ Wasteland: http://chernobyl.brainthru.com
a |/ How ugly is that flag: http://flaggrades.brainthru.com
l |\ DOT-HS-808-065 The Church Of The Unauthorized Truth:
l |/ MS^7=6/28/107 http://yg.cotut.com mailto:***@cotut.com
Damaeus
2004-07-04 00:05:52 UTC
Permalink
In news:alt.usenet.offline-reader.forte-agent, Randall Bart
Post by Randall Bart
'Twas Sat, 03 Jul 2004 10:21:26 GMT when all
alt.usenet.offline-reader.forte-agent stood in awe as Damaeus
Post by Damaeus
innocence.pif.exe
Buy a clue. The extension ".pif" is every bit as executable as ".exe" or
".com" or ".scr".
I only said that was one part of a possibility. And even if one little
smidgen of my post is in error, it doesn't make my whole post a complete
example of retardism.
T***@Agent.two.sucks
2004-07-04 00:28:21 UTC
Permalink
Post by Damaeus
In news:alt.usenet.offline-reader.forte-agent, Randall Bart
Post by Randall Bart
'Twas Sat, 03 Jul 2004 10:21:26 GMT when all
alt.usenet.offline-reader.forte-agent stood in awe as Damaeus
Post by Damaeus
innocence.pif.exe
Buy a clue. The extension ".pif" is every bit as executable as ".exe" or
".com" or ".scr".
I only said that was one part of a possibility. And even if one little
smidgen of my post is in error, it doesn't make my whole post a complete
example of retardism.
I hope you were jerking off when you made this post.
Because I can't see the bandwidth used serving any other purpose.
Damaeus
2004-07-04 09:44:30 UTC
Permalink
Post by T***@Agent.two.sucks
I hope you were jerking off when you made this post.
Yeah, and I was thinking about you when I was doing it.
T***@Agent.two.sucks
2004-07-04 14:40:38 UTC
Permalink
Post by Damaeus
Post by T***@Agent.two.sucks
I hope you were jerking off when you made this post.
Yeah, and I was thinking about you when I was doing it.
No doubt.
You're not alone, several other posters in this group have a TylerRusty fetish
as well.
I'm considering setting up a website to sell my used Jockey shorts.
Would you like yours with or without crust?<g>

XYZ Files
2004-07-04 07:58:34 UTC
Permalink
Post by Damaeus
innocence.pif.exe
That's possible, but not
mailmanx
2004-07-03 12:28:18 UTC
Permalink
Post by XYZ Files
Post by Cyrus Afzali
On Wed, 30 Jun 2004 03:10:54 GMT, Daniel Prince
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
In and of itself, no. It's an image file type. However, I would never
open a file transmitted by someone I didn't know.
Wrong, it's a DOS 'program info file', AND it's executable in Windows.
VERY dangerous, especially when you don't even KNOW it's executable!
I acidentally downloaded one as an email atttachment and got the
beagle or bagel virus whatever. Had to waste about 4 hours trackng it
down and getting rid of it.
/betty/
2004-06-30 03:36:48 UTC
Permalink
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
Only if you meet one in a dark alley at night.
--
/betty/ [2004-06-30 13:32:02]
Zombie Elvis
2004-06-30 04:27:48 UTC
Permalink
It was a time of great turmoil. The strong preyed on the weak, dogs
and cats lived together. One voice cried out in the wilderness: Daniel
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
It's a file that is used to launch DOS programs in Windows. Because of
this it's an executable file. And because of that, virus writers like
to wrap viruses (or virii as the script kiddies call them) in them. In
other words, yes.

--
Roberto Castillo
***@ameritech.net
http://www.freewebs.com/robertocastillo/
JanR
2004-06-30 05:07:59 UTC
Permalink
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
A .pif file is a Program Information File (not to be confused by .pic
which is a image file). It is a leftover from the early 16 bit Windows
(like 3.1) and DOS. One of the main uses was to allow DOS programs to
run under Windows. These days, it would be very rare to use them,
except of course, to pass along malware. It is an executable (or at
least points to an executable) and can be dangerous. I would say that
99.9999% of those transmitted are malware.

Jan
--
JanR
Anti Spam address is in effect
*** Email sent this address automatically goes to trash unread
Post here, read here
BoB
2004-07-01 01:21:31 UTC
Permalink
On Wed, 30 Jun 2004 01:07:59 -0400, JanR
Post by JanR
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
A .pif file is a Program Information File (not to be confused by .pic
which is a image file). It is a leftover from the early 16 bit Windows
(like 3.1) and DOS. One of the main uses was to allow DOS programs to
run under Windows. These days, it would be very rare to use them,
except of course, to pass along malware. It is an executable (or at
least points to an executable) and can be dangerous. I would say that
99.9999% of those transmitted are malware.
Jan
As Jan and Ralph said, they 'can' be dangerous. Lest anyone,
goes deleting all their .pif files willy nilly, I have 25
different .pif files that I use in DOS under Win98SE.

For example, I have a small program that will open a DOS prompt
in the directory/folder I am presently viewing in Explorer, via
the right-click menu. This is a real time saver for me.

You should not have .pif files whose origin is 'unknown' to you.

BoB
/betty/
2004-07-01 03:03:47 UTC
Permalink
Post by BoB
For example, I have a small program that will open a DOS prompt
in the directory/folder I am presently viewing in Explorer, via
the right-click menu. This is a real time saver for me.
Is a bit archaic using a .pif Shortcut for that when 2 simple .reg
entries accomplishes it more efficiently.
Is not win3 land you know, '98 features a win32 OO based I/F. ;-)

Fwiw; the following has been publicly available since 1996, as part of
MS free "Powertoys".

The one to suit your platform is DOSHERE.INF incl in this SFX package,
extract it and R-click>Merge to install:

http://www.microsoft.com/windows95/downloads/contents/wutoys/w95pwrtoysset/default.asp

There are countless other 3rd party variants of it available on the web
too if you prefer a non-MS solution.
--
/betty/ [2004-07-01 12:20:55]
Nick Spalding
2004-07-01 07:19:58 UTC
Permalink
Post by /betty/
Post by BoB
For example, I have a small program that will open a DOS prompt
in the directory/folder I am presently viewing in Explorer, via
the right-click menu. This is a real time saver for me.
Is a bit archaic using a .pif Shortcut for that when 2 simple .reg
entries accomplishes it more efficiently.
Is not win3 land you know, '98 features a win32 OO based I/F. ;-)
Fwiw; the following has been publicly available since 1996, as part of
MS free "Powertoys".
The one to suit your platform is DOSHERE.INF incl in this SFX package,
http://www.microsoft.com/windows95/downloads/contents/wutoys/w95pwrtoysset/default.asp
There are countless other 3rd party variants of it available on the web
too if you prefer a non-MS solution.
A .pif can be very easily created without faffing around with the <spit>
registry by simply right-click drag from the .exe to make a shortcut.
Editing the shortcut's properties allows you to tailor the resulting
MSDOS window to exactly how you want it to look.
--
Nick Spalding
CyberDroog
2004-07-01 15:04:57 UTC
Permalink
On Thu, 1 Jul 2004 13:03:47 +1000, /betty/
Post by /betty/
Post by BoB
For example, I have a small program that will open a DOS prompt
in the directory/folder I am presently viewing in Explorer, via
the right-click menu. This is a real time saver for me.
Is a bit archaic using a .pif Shortcut for that when 2 simple .reg
entries accomplishes it more efficiently.
Is not win3 land you know, '98 features a win32 OO based I/F. ;-)
Fwiw; the following has been publicly available since 1996, as part of
MS free "Powertoys".
The one to suit your platform is DOSHERE.INF incl in this SFX package,
http://www.microsoft.com/windows95/downloads/contents/wutoys/w95pwrtoysset/default.asp
There are countless other 3rd party variants of it available on the web
too if you prefer a non-MS solution.
A simple registry hack to create a right-click menu item doesn't do the
same things a .pif file can. The .pif file controls various parameters for
how the DOS program runs.

--
REBEL, n. A proponent of a new misrule who has failed to establish it.

- Ambrose Bierce
Damaeus
2004-07-03 10:22:10 UTC
Permalink
Post by BoB
For example, I have a small program that will open a DOS prompt
in the directory/folder I am presently viewing in Explorer, via
the right-click menu. This is a real time saver for me.
Would you mind sharing?

Damaeus
Ralph Fox
2004-07-03 11:40:20 UTC
Permalink
On Sat, 03 Jul 2004 10:22:10 GMT, in message
Post by Damaeus
Post by BoB
For example, I have a small program that will open a DOS prompt
in the directory/folder I am presently viewing in Explorer, via
the right-click menu. This is a real time saver for me.
Would you mind sharing?
XP version: Go to
http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx
and look for "Open Command Window Here".


Win95 version (also works on Win98, WinNT): Go to
http://www.microsoft.com/windows95/downloads/contents/WUToys/W95PwrToysSet/Default.asp
and look for "Command Prompt". Note: While this Win95 PowerToy is
compatible with Win98 and WinNT, other Win95 PowerToys may not be compatible.
--
Cheers,
Ralph

Change is inevitable. Progress is optional.
Damaeus
2004-07-04 09:43:40 UTC
Permalink
In news:alt.usenet.offline-reader.forte-agent, Ralph Fox
Post by Ralph Fox
XP version: Go to
http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx
and look for "Open Command Window Here".
Thanks! Lots of handy stuff here. :-)
Ralph Fox
2004-07-04 09:47:31 UTC
Permalink
On Sun, 04 Jul 2004 09:43:40 GMT, in message
Post by Damaeus
Thanks!
You're welcome.
Post by Damaeus
Lots of handy stuff here. :-)
Indeed!
Ralph Fox
2004-06-30 08:08:29 UTC
Permalink
On Wed, 30 Jun 2004 03:10:54 GMT, in message
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
Absolutely yes -- .pif is indeed a dangerous file type.

A .exe file (dangerous) renamed to a .pif file will still
launch and run as if it was a .exe file.

Some virus authors send their malware renamed to .pif files. They are
betting that, while many people know that .exe files can be dangerous,
many of these people will launch .pif files.
--
Cheers,
Ralph

Change is inevitable. Progress is optional.
/betty/
2004-06-30 15:13:25 UTC
Permalink
Post by Ralph Fox
Some virus authors send their malware renamed to .pif files. They are
betting that, while many people know that .exe files can be dangerous,
many of these people will launch .pif files.
Is not for humans. The target audience of these things wouldn't even
know what a file extension or an executable was.

The reasons that is done is; 1. to thwart things like Doubtlook and lame
AV-ware which, in some variants, simply blanket the 'standard'
executable extensions, like .exe .com .bat, and pretend that they've got
The Problem covered.
2. .pif is also a default hidden extension, even IF show hidden is
enable in the shell, assisting popular commsware like O/OE will cover
any hideous visual indicators even in non richtext venues -- furthering
MS's social engineering goals.

Probably the most interesting aspect of all is that the list of 'shell
executable' filetypes in Windows grows version by version, "by design".
I certainly hope the malware authors offer due debts of gratitude to
Microsoft for provided such capabilities to their demands.
--
/betty - who also reserves the right to innovate/ [2004-07-01 00:30:27]
Noel
2004-06-30 09:57:41 UTC
Permalink
On Wed, 30 Jun 2004 03:10:54 GMT, Daniel Prince
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
It may be a genuine PIF file, as described by others here. But
because PIF is an executable file type, it is possible that it is in
reality an EXE file with the file extension renamed to PIF. It is, in
few words, very dangerous.
Alex Nichol
2004-06-30 10:15:33 UTC
Permalink
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
Very much so. It is a shortcut to a DOS program, but the standard
file association of Windows treats it as directly executable. So a
nasty program renamed as
Lovely Picture.jpg .pif
(hoping you won't notice the pif) gets run if you launch it.

Similarly .lnk (windows shortcut) .scr (screensaver) and .bat as well
as .exe and .com themselves
--
Alex Nichol
Bournemouth, U.K.
***@mvps.org
Bob Henson
2004-06-30 18:04:23 UTC
Permalink
On Wed, 30 Jun 2004 03:10:54 GMT, Daniel Prince
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
It figures in the file name of a lot of viruses which have multiple
file extensions. I'm not very techie, but I think it enables the virus
to run under some circumstances. Either way round, don't run anything
that has it as an extension, particularly if the file has multiple
extensions - the probability is that they are malicious.

Regards

Bob

Remove "x" from address to reply by email
Peter H. Granzeau
2004-06-30 18:39:52 UTC
Permalink
On Wed, 30 Jun 2004 03:10:54 GMT, Daniel Prince
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
No more dangerous than any other executable file.
Alex Heney
2004-06-30 21:57:34 UTC
Permalink
On Wed, 30 Jun 2004 03:10:54 GMT, Daniel Prince
Post by Daniel Prince
Is .pif file a known dangerous file type? (I strongly suspect it is but
i want to make sure.) Thank you in advance for all replies.
Very much so.

You get a .pif file in an email from an unknown source, it WILL be a
virus. Probability in excess of .9999.
--
Alex Heney, Global Villager
Not many people realize just how well known I am.

To reply by email, my address is aDOTjDOTheneyATbtinternetDOTcom
Loading...