eXcessive Software proudly presents first generation of PIF file execution protection ;)

PIF Protect gives you a fast and easy way to protect from annoying PIF based malware circulating via e-mail. Files with PIF extension are MS-DOS shortcuts which are obsolete under Windows 2000/XP systems, but still used for popular e-mail worms. Disabling execution of such files won't do any harm to latest NT based systems while preventing majority of e-mail worms from executing in the first place.

IMPORTANT BETA NOTES:
- Windows NT 3 and 4 still not supported (if you can tell me if the PIF execution under these OS is the same (meant as obsolete file type) as under Win2000/XP,mail me about it or tell me here)
- Windows 9x based OS not supported (and will never be) because these OSs still use MS-DOS to execute many applications. Disabling it could break many legitim programs (which are not malware).

It's not perfect,but it should help alot. This protection will make files with PIF extension perfectly useless (double-clicking them won't execute PIF files).

VERY IMPORTANT:
All beta tester,please backup your entire HKEY_CLASSES_ROOT registry hive before using this program (if you want you can backup entire registry). It shouldn't cause any problems,but backup it just in case.
Don't blame me if something goes wrong and you have no backup!

PIF Protect BETA download:
http://freeweb.siol.net/razor256/downloads/PIF_Protect.zip

Any comments,suggesstions recommended :) Also help me with grammar errors ;)

Best regards
RejZoR - eXcessive Software

You can use this file as test sample:
http://freeweb.siol.net/razor256/downloads/PIF_PROTECT_TEST.zip

File is harmless and it just contains string:
PIF-PROTECT-TEST

Looking good, RejZoR!

EDIT: Tried the test file after running the PIF disabeling file on my WinXP SP2 machine. Extraction to the desktop shows PIF_PROTECT_TEST.pif that, when clicked, does nothing! Very nice.

Can you tell me which OS do you have. Windows 2000 maybe? I have tested only on XP. But it appears that PIF Protect works ok. PIF execution was prevented.

I love you, RejZoR :o :D

Ok,i'll remove the block for Win9x OS. But i'm busy now,so you'll have to wait a bit.

RejZoR-
two questions about PIF Protect:
1. my system is winxp sp2. after i installed the program, I click on the test file, then my txt editor open it and show the string. is it the way the program works?

2. How do I uninstall the program?

Spanner intheWorks-
I also try the way you described, using script defender to prevent the pif execution. but the pop-up alert doesn't shows up. txt editor directly display the string. However, it works for txt file.

I wonder why everyone think that my programs install themself. They look like installers,but there is certanly no installation process going on.
Checkbox is autodetected depending in which state the protection is.
Unchecking it disables PIF Protection.

About Notepad opening...
I have seen this on my PC too. If you used Notepad before to open files without any associated program to open,Notepad might automatically be selected by the OS to open unknow files (like this one).
Basically this was the first idea to block PIF files (to open their content in Notepad instead of executing it),but i ran into some complications due to MS-DOS Shortcut deep integration (PIF files do not appear on extension list).
Technically there could be 3 different situations:
1) PIFs opening in Notepad
2) PIFs not executing at all (nothing happens on double-clicking them)
3) Explorer asks you which program to use for this unassociated file

Unfortunatelly this can be rather random on different machines where i can't control all factors. It might sound funny,but in the end PIFs are again not executed.

an update for pif open in txt editor,

my previous default txt editor is editpad lite. the test file is open in it. Then i uninstall editpad lite and make notepad as the default one. nothing happens by double-click on the test file.

Hm,it appears that your secondary "notepad" associates itself automatically with it. Funny :o