×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Contact US

*
*
*
*

Thanks. We have received your request and will respond promptly.

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Block process execution

thread713-1196024

Block process execution

Block process execution

(OP)
Are there any way to detect any attempt of process initialization and block it before?

RE: Block process execution

What user problem are you trying to solve?

Chip H.

____________________________________________________________________
If you want to get the best response to a question, please read FAQ222-2244 first

RE: Block process execution

(OP)
It's not a user problem, I want to make a program that detects an attempt of process inicialization, bring their information and block it (stop it).

RE: Block process execution

Do you want to detect another instance of the current program being started, or some other arbitrary program being started?

Chip H.

____________________________________________________________________
If you want to get the best response to a question, please read FAQ222-2244 first

RE: Block process execution

(OP)
Other arbitrary program

RE: Block process execution

Anti-virus!

RE: Block process execution

(OP)
Guys, I'm a programmer and I need to CREATE a software that detects attempts of process initialization and block it before running.

I'm searching this on Google for a week and nothing....so if somebody could really help me I would thank you.

RE: Block process execution

I've never tried this, and if you try it, be sure to do it inside a virtual machine so you don't hose your host OS.  Because if I'm wrong, you surely will make your Win32 subsystem unstartable.

But, if you add a registry key under:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

for Explorer.exe, and added a sub-key named Debugger, whose value points to a program you write, that program might be able to reject the startup of the app that was started via Windows Explorer.

I got this information from Inside Windows NT, 2nd Ed. in the section on process startup.

If you aren't already familiar with the contents of the book and/or the DDK, you might want to abandon this project.

Chip H.

____________________________________________________________________
If you want to get the best response to a question, please read FAQ222-2244 first

RE: Block process execution

PsSetCreateProcessNotifyRoutine

RE: Block process execution

(OP)
I got some information about API Hooking, so using this, I will intercept API calls that are made when a program tries to execute.

But I'll try your tips too.

RE: Block process execution

Good one, strongm.

Chip H.

____________________________________________________________________
If you want to get the best response to a question, please read FAQ222-2244 first

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login
Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close