Block specific files from running?

Discussion in 'ProcessGuard' started by rolfie, Sep 8, 2006.

Thread Status:
Not open for further replies.
  1. rolfie

    rolfie Registered Member

    Sep 8, 2006
    Hi all,

    I have a question for you, its it possible with PG to stop certain files from running, like .exe and .bat?
    And is that also possible to block that files only from a specific location?
    And do i need the full version for that or is free enough?
    And is that also possible with older vesions like 3.1.* ?

    Thnx in advance.

  2. tonyjl

    tonyjl Registered Member

    May 25, 2004
    Hi Rolfie.

    You can block specific .exe's from running by launching it yourself (double-click on it),when you get the alert from PG,select 'Always Deny'.

    You can't block .bat files by name as it's the cmd prompt (cmd.exe) that does the work,blocking cmd.exe will block ALL .bat files,so to block the specific ones you want,when they launch you'll get an alert for cmd.exe,if you look at the 'cmd-line' portion of the alert,you'll see something like:

    "c:\windows\system32\cmd.exe" "c:\some folder\some file.bat"

    If you don't want that .bat file running,just select 'Deny',you'll have do it as and when those .bat files launch.

    No you can't block files by folder name,you'll just have to launch them one by one selecting 'Always Deny'.

    The reason you can't do what you want at the mo' is because PG can't be configured to allow/deny files based on the cmd-lines used. I hope DCS will add this feature to future releases. If that sort of feature is high on your agenda or you can't wait untill it's added to PG,then have a look at 'AppDefend' from Ghost Security It very similar to PG but protects slightly different areas. I use both with no problems.
  3. Paranoid2000

    Paranoid2000 Registered Member

    May 2, 2004
    North West, United Kingdom
    Also PG and similar programs will not catch out all *.com files since these are run by NTVDM - see (this SysSafety thread provides details on the underlying problem).
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.