MS-DOS Prompt for Games.pif: A Virus
Since September 2004, wherein students started to be busy doing their projects and other requirements, a DOS-shortcut in PIF format started to occupy every folders found in the floppy drives even in the hard disk. At first I thought it was just an ordinary file created during the activation of any DOS files, but I noticed that it always leaves its copy to all folders that I am trying to open. It’s not normal Windows activity already.
So, I then started to investigate and study the behavior of this file. And I found out that this is the product of a malicious codes embedded in file folder.htt which is activated by the special file Desktop.ini.
This is just another modified variant of virus similar to that of what I called, Hedda Marie Virus. But this time, it uses another dummy file MS-DOS Prompt for Games.pif.
I tried to use my updated Norton antivirus software to identify the virus, but it seems my installed antivirus is not smart enough to identify it.
I need to deactivate this virus. So I tried to configure Windows Folder Option to Show All Files, and then I search for the files folder.htt, desktop.ini and *.pif. And then I deleted all found folder.htt, desktop.ini and MS-DOS Prompt for Games.pif files. After that, I restarted my computer.
I thought everything is already fine. But when I open a folder, this MS-DOS Prompt for Games.pif file is saving its copy to it. I have no choice but to disable the registry entry of folder.htt, and desktop.ini. After deleting it, I then restart again the computer, and the result is fine.
My computer is again running smoothly. But I need to delete the infected files to avoid infecting my computer again. So, I do the search of the 3 wanted files and I deleted them all. And now, its free again from virus.
So, I then started to investigate and study the behavior of this file. And I found out that this is the product of a malicious codes embedded in file folder.htt which is activated by the special file Desktop.ini.
This is just another modified variant of virus similar to that of what I called, Hedda Marie Virus. But this time, it uses another dummy file MS-DOS Prompt for Games.pif.
I tried to use my updated Norton antivirus software to identify the virus, but it seems my installed antivirus is not smart enough to identify it.
I need to deactivate this virus. So I tried to configure Windows Folder Option to Show All Files, and then I search for the files folder.htt, desktop.ini and *.pif. And then I deleted all found folder.htt, desktop.ini and MS-DOS Prompt for Games.pif files. After that, I restarted my computer.
I thought everything is already fine. But when I open a folder, this MS-DOS Prompt for Games.pif file is saving its copy to it. I have no choice but to disable the registry entry of folder.htt, and desktop.ini. After deleting it, I then restart again the computer, and the result is fine.
My computer is again running smoothly. But I need to delete the infected files to avoid infecting my computer again. So, I do the search of the 3 wanted files and I deleted them all. And now, its free again from virus.
-
Sign up for PayPal and start accepting credit card payments instantly.
As the world's number one online payment service, PayPal is the fastest way to open your doors to over 150 million member accounts worldwide.
