Prevent that unknown executables are started on Windows - gHacks Tech News

Prevent that unknown executables are started on Windows

Windows does not offer options to prevent users from accessing executable files. While NTFS does offer a rights-system it is only valid on NTFS hard drives and does not come into effect if a user plugs in a USB drive, CD or floppy disk. Many computers get infected nowadays by users running software from USB Flash Drives, email attachments or Internet downloads.

While the majority of files run this way are probably clean, infected files get executed as well which infects the system and if things go really wrong, other devices on the network as well.

Trust No Exe is a Windows security software that prevents any unknown executable file from being started on a Windows system. It features a whitelist and blacklist and requires some time to fine tune the list so that no trusted programs get blocked from being started. The concept behind Trust No Exe is that it works as a content filter filtering all executable files even if they come with unknown or invalid extensions.

Trust-no-exe hooks into the operating systems routines for creating a process and loading it into memory. If the operating system attempts to load any compiled code into memory ready to give it execution as a process or thread, trust-no-exe will jump on it and prevent the code from being loaded into memory. Therefore trust-no-one doesn’t rely on the file extension and can not be easily fooled.

prevent executables from being started in Windows

The Windows folder and the Program Files folder are added by default because these contain files that need to be accessible for Windows to start. The next steps require some time, as you need to add additional locations that contain executables that you consider trustworthy to the program. This includes programs that are stored elsewhere for example.

A good tip that I found in the Trust no Exe manual was to set read only rights for folders that do not require write rights to prevent malicious code from slipping in one of those trusted folders where it can be executed.

It does catch email attachments and supports networks and cloning settings as well. Strange that I never heard about this gem before.

Update: The program is no longer listed on the developer website. We have uploaded the latest version of Trust No Exe to our own servers. You can download the program from here: Trust No Exe

Summary
software image
Author Rating
1star1star1star1star1star
no rating based on 0 votes
Software Name
Trust No Exe
Operating System
Windows

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

    Leave a Reply

    Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

    Please note that your comment may not appear immediately after you post it.