1. Program whitelist

  • Posted by petelomax Sep 06, 2010
  • 1268 views

Any ideas for a program whitelist program, ie I set something running, in the background, then go clicking on various menu entries or directly on executables in Windows Explorer. It would let say C:\Windows\notepad.exe run fine, but pop up an error on say C:\windows\regedit.exe. I'd want to configure the list on a per-user basis, but that's not the hard part. Anything open source would do, including C, but of course a pure Eu solution (maybe with a dash of assembly) would be neat.

Regards, Pete

new topic     » topic index » view message » categorize

2. Re: Program whitelist

  • Posted by mattlewis (admin) Sep 06, 2010
  • 1339 views
petelomax said...

Any ideas for a program whitelist program, ie I set something running, in the background, then go clicking on various menu entries or directly on executables in Windows Explorer. It would let say C:\Windows\notepad.exe run fine, but pop up an error on say C:\windows\regedit.exe. I'd want to configure the list on a per-user basis, but that's not the hard part. Anything open source would do, including C, but of course a pure Eu solution (maybe with a dash of assembly) would be neat.

I suppose you could put together something like that with EnumProcesses and TerminateProcess. These guys have some ideas for monitoring process starts.

Matt

new topic     » goto parent     » topic index » view message » categorize

3. Re: Program whitelist

  • Posted by useless Sep 06, 2010
  • 1254 views


Someone did a popup blocker years ago which sat on the OS (windoze) and listened for windows being instanciated, and killed them. It's in the archives.

useless

new topic     » goto parent     » topic index » view message » categorize

4. Re: Program whitelist

  • Posted by ChrisB (moderator) Sep 07, 2010
  • 1291 views

Hi

Yes, this is how some Trojans take control of your system.

You need to edit the registry (there is an eu program to do this in the archive)

Here is a ref to the entries to modify

http://www.freelists.org/post/regtips/Preventing-Programs-from-Running

There are probably others too.

Chris

new topic     » goto parent     » topic index » view message » categorize

5. Re: Program whitelist

  • Posted by ghaberek (admin) Sep 11, 2010
  • 1210 views
useless said...


Someone did a popup blocker years ago which sat on the OS (windoze) and listened for windows being instanciated, and killed them. It's in the archives.

There's Robert Swiston's Popup Eliminator and my Popup Gorilla. Both of these are over 5 years old but express a similar concept of scan-and-kill. It's a good method, but certainly not the best. A primary advantage to my Popup Gorilla is the ability to scan windows by class name and/or title.

-Greg

new topic     » goto parent     » topic index » view message » categorize

Search



Quick Links

User menu

Not signed in.

Misc Menu