Question: Is it possible to disallow the execution of a process?
Soulfate24 opened this issue · 5 comments
Hi everyone,
I want to prevent the execution of a process, for example "Unwanted.exe" on Windows 11. I've tried Group Policies and the Registry, but apart from directly changing the permissions of the executable file, nothing works. Is it possible to prevent the execution of "Unwanted.exe" from System Informer, which is always open in the background, without modifying permissions of the "Unwanted.exe" file?
Many thanks :)
The hard native way: in the registry, create a key in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options named Unwanted.exe and inside that key, create a new REG_SZ value named Debugger and set the data to /
Applications can bypass/ignore the IFEO debugger key:
NtCurrentPeb()->ReadImageFileExecOptions = FALSE;- calling ShellExecute() or CreateProcess()
Is it possible to prevent the execution of "Unwanted.exe" from System Informer,
Yes, but we haven't added the configuration to manage the feature.
Thank you both for this information. I no longer wish to use Process Lasso or install it on the concerned computer. I haven't restarted my machine for the registry hack but it doesn't seem to work. In my case, it's a Windows process made useless by the use of Open-Shell.
I'll be looking forward to a future update!
Cheer up
@Soulfate24 Please try Fort Firewall to prevent the execution of process ("Kill Process" action).
@Soulfate24 Please try Fort Firewall to prevent the execution of process ("Kill Process" action).
Thank you very much. I've installed and configured it. Windows is now functional using only 2 GB on the 32 GB on my computer :)
I just need to temporary disable Fort Firewall filters to install a Store app.
