ghacks Technology News

Prevent that unknown executables are started in Windows


Windows does not offer a way to prevent users from accessing executable files. While NTFS does offer a rights-system it is only valid of NTFS hard drives and does not come into effect if a user plugs in a USB drive, CD or floppy disk. Most computers get infected nowadays by executing email attachments followed by file downloads and Windows security holes.

Trust No Exe is a Windows security software that prevents any unknown executable from being started in Windows. It features a whitelist and blacklist and requires some time to fine tune the list so that no trusted programs get blocked from being started. The concept behind Trust No Exe is that it works as a content filter filtering all executable files even if they come with an unknown extension.

Trust-no-exe hooks into the operating systems routines for creating a process and loading it into memory. If the operating system attempts to load any compiled code into memory ready to give it execution as a process or thread, trust-no-exe will jump on it and prevent the code from being loaded into memory. Therefore trust-no-one doesn’t rely on the file extension and can not be easily fooled.

prevent executables from being started in Windows

The Windows folder and the Program Files folder is added by default because these contain files that need to be accessible for Windows to start. The next steps require some time, you should add additional locations that contain executables that are trustworthy.

A good tip that I found in the Trust no Exe manual was to set read only rights for folders that do not require write rights to prevent malicious code from slipping in one of those trusted folders where it can be executed.

It does catch email attachments and supports networks and cloning settings as well. Strange that I never heard about this gem before.




Tags: ,
Categories: Operating Systems, Windows, software

Previous Post: Windows Media Player Playlists not working anymore ?

Next Post: Looking for a Guest Blogger

Read Related Posts

  1. Prevent Blocks Basic Operations In Windows Prevent Blocks Basic Operations In Windows
  2. Windows XP File Security Extension Windows XP File Security Extension
  3. Windows Integrity Levels for extra security in Windows Vista Windows Integrity Levels for extra security in Windows Vista
  4. Lock Folders in Windows Lock Folders in Windows
  5. Protect Files in Windows by locking them Protect Files in Windows by locking them
  6. Monitor Folders In Windows Monitor Folders In Windows
  7. Windows Vista Take Ownership Extension Windows Vista Take Ownership Extension
  8. Convert Videos Into Executables Convert Videos Into Executables

Trackbacks/Pingbacks

  1. Trust No Exe… previene los ejecutables desconocidos que se inician en Windows : says:
    November 26, 2007 at 12:34 pm

    [...] Quizás tardemos un poco en afinar estas listas, pero una vez hecho es de seguro que es una gran utilidad para bloquear, por ejemplo, la ejecución de algunas aplicaciones malignas en nuestro PC, y poder combatir mejor contra ellas. [...]

    Reply
  2. Saugesnis kompiuteris su Trust-no-exe : nežinau.lt says:
    December 1, 2007 at 2:31 pm

    [...] Kur sužinoti daugiau? Išsamus aprašymas yra programos svetainėje, taip pat paskaitykite Ghacks apžvalgą. [...]

    Reply

Leave a Reply   Follow Ghacks   Subscribe To Comment Rss

Recent Posts

Popular Articles

Software Updates

by Appnews

Topics

Links

Popular Tags

Follow This Blog

Ghacks Full Feed Twitter  All Feeds

Information

About Ghacks

Ghacks is a technology blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular technology sites on the Internet with five authors and regular contributions from freelance writers.

 

Authors

Joe Anderson
Martin Brinkmann (Senior Editor)
Cheryl Correa
Orrett Morgan
Daniel Pataki
David Pierce
Jack Wallen

© 2005-2009 Ghacks.net. All Rights Reserved. Privacy Policy - About Us