dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1376
share rss forum feed


Sentinel
Premium
join:2001-02-07
Florida
kudos:1

Can I stop apps from opening other apps?

Is it possible to stop programs from opening other programs? Specifically a browser? For example if you install IrfanView at the end of the installation it opens your browser and takes you to the IrfanView FAQ.

Is it possible to stop this behavior?
Is there a setting somewhere where you get a pop-up or notification or request before any program is allowed to access or launch another program without your prior specific permission?



therube

join:2004-11-11
Randallstown, MD
Reviews:
·Comcast
·Verizon Online DSL

1 recommendation

I'm not aware of a way to block access like that?

That said, perhaps a firewall or hips type program could have rules set such that if the parent process is not on an approved whitelist, the process is blocked?

In days of old, & since I virtually never use IE, I would have ZoneAlarm set to prompt on every invocation of IE, such that anytime IE was opened, by myself or otherwise, I would be prompted to allow or disallow the opening.

What I do currently, with a Mozilla browser is have it set by default to open its Profile Manager. So instead of the browser (fully) opening itself, all that loads is the Profile Manager, & by doing so, I'm afforded the opportunity to at that point to cancel any further loading of the browser. That is sufficiently effective for my needs.



Sentinel
Premium
join:2001-02-07
Florida
kudos:1

Hmm. That sounds like a good idea. How does one go about doing this, if you don't mind explaining please?
So you're saying that each time your browser opens it opens to the profile manager and then you can just close it before it opens any further and goes to a page or not?

Yes, I am using FF and the default Windows firewall in Windows 7.



porkpie
No Pork For 40 Days

join:2001-05-28
Cleveland, OH
reply to Sentinel

If you have a firewall like ZoneAlarm, when you first install it and you do something that will open a browser or some other program, it will ask you to allow or deny that action

It does that only when it is first learning what to do with each program

hope that this helps
--
Love my pork---Give me some skin Man!!



Sentinel
Premium
join:2001-02-07
Florida
kudos:1

I am aware of that with firewalls like that. But as I said I use Windows default internal firewall. It does not have that ability.



therube

join:2004-11-11
Randallstown, MD

1 recommendation

reply to therube

> How does one go about doing this?

Set StartWithLastProfile=0 in profiles.ini.

(I think that's all that is necessary.)



Sentinel
Premium
join:2001-02-07
Florida
kudos:1

Awesome!. Thank you.


Ravenheart

join:2006-02-10
Berkeley, CA
reply to Sentinel

Another option might be to install Sandboxie and then run IrfanView in a sandbox with no other programs allowed to start and run.


jp10558
Premium
join:2005-06-24
Willseyville, NY
reply to Sentinel

You just need a HIDS - Comodo has one for free, there probably are others... Depending on your version of Windows and how much knowledge you have, you might get by with Software Restriction Policies or AppLocker, but I don't know if you need a whole AD for that.
--
Opera 11.1; Windows XP Pro SP3;Intel C2Q6600; 3GB DDR2 1066; 1M/128k DSL; Comodo Internet Security 5.3;Proxomitron 4.5j Sidki 2009-06-06,GPG ID:0x0A1C6EE3



Sentinel
Premium
join:2001-02-07
Florida
kudos:1
reply to Ravenheart

It's not just irfanview. I was just using that as an example. The problem is that you never really know what program is going to do this. It could be a virus or malware that does it. Without knowing what program is going to do it it's hard to protect against it.

I think the idea of trying to get at it from the browser side might be a better one.



Sentinel
Premium
join:2001-02-07
Florida
kudos:1
reply to therube

said by therube:

> How does one go about doing this?

Set StartWithLastProfile=0 in profiles.ini.

(I think that's all that is necessary.)

I don't have that file. Is it because I have only 1 profile for FF?


ZZZZZZZ
Premium
join:2001-05-27
PARADISE
kudos:1

1 recommendation

reply to Sentinel

A good firewall should give you that option..........I use ONLINE ARMOR and it does.

But you have to be pretty specific on what you disallow cause it may affect the program itself.

For instance when you use Irfanview to find an image in a folder.........if you block it ,then it won't even open. :P
--
Sarcasm is the body's natural defense against stupidity.



kevin12345

@rr.com
reply to Sentinel

said by Sentinel:

said by therube:

> How does one go about doing this?

Set StartWithLastProfile=0 in profiles.ini.

(I think that's all that is necessary.)

I don't have that file. Is it because I have only 1 profile for FF?

You do have that file just look under users and also make sure you have your hidden files and folders checked.
c:\Users\your PC name here\AppData\Roaming\Mozilla\Firefox


Sentinel
Premium
join:2001-02-07
Florida
kudos:1
reply to ZZZZZZZ

zzzz,
As I said, I am using the default Windows firewall. It does not have that option.

kevin,
I do have that file in that place (roaming) but that is not where the link that rube sent me says it should be. I don't think that it is the correct file or place because I changed that setting in that file and it changed nothing. When I open FF it just opens. It does not open the profile manager.



norwegian
Premium
join:2005-02-15
Outback


What of not having a default browser at all?

On that note though, if you had a default browser then you would have to set specifics for the browser but then it could break your web viewing too.

Would blocking sites either in the browser of the hosts file stop communications back to home once you go to install software?

Would messing with cookie settings help?
Although I would think you would need to start white-listing sites and you would forget and sooner or later cause you more problems than it is worth.

I actually remember at one time I had Opera set to prompt for opening a new session, I would have to look again at what I did - a few years ago - but it would not allow the session to open without a prompt, I'm sure that could be applied via any browser and a registry setting or an .ini file.

Just a few thoughts.
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke



balloonshark
Lets Go Mountaineers

join:2006-08-11
WV
reply to Ravenheart

Or if you have the paid version of Sandboxie you can 'force' the browser (or other programs and folders) to run sandboxed. The browser would start but it would be sandboxed so all you would need to do is close the sandbox, delete the contents and go about your day.
--
If we quit voting, will they all just go away?



Sentinel
Premium
join:2001-02-07
Florida
kudos:1
reply to norwegian

said by norwegian:

What of not having a default browser at all?

Interesting. You may have something there. How does the offending app know to open FF instead of IE? If I can remove that link then it won't know what to open perhaps.

All this started when I deleted an email in my email program and, upon pressing delete, FF opened and went to a website. Of course I have NoScript and other stuff so it was just a blank page but you see what I'm getting at here.

redwolfe_98
Premium
join:2001-06-11
kudos:1
Reviews:
·Time Warner Cable
reply to Sentinel

you could send "irfanview" an email and tell them that you don't like the way that the program opens a browser-window at the end of the installation-process..

i don't like seeing those either, but more and more programs are doing that..

one thing that i think could work would be to use "ACL" to block a file from opening, using "command prompt" and the command "echo y| cacls firefox.exe /E /P everyone:N" (minus quotations)

however, you would need to know how to unblock "firefox.exe", using the command "cacls firefox.exe /E /R everyone" (minus quotations)..

the commands are for when using "windows xp".. i think they are different for "windows 7"..



Sentinel
Premium
join:2001-02-07
Florida
kudos:1

The problem is that it is not irfanview I have a problem with. I really don't care that it does that. I find it annoying and dumb because I close it immediately so if they are trying to get me to read something they are wasting their time and just making me angry But I basically trust them. The only reason that I brought that one up is because it is a perfect example of what I am talking about and one that I think a lot of people here are familiar with.



therube

join:2004-11-11
Randallstown, MD
Reviews:
·Comcast
·Verizon Online DSL
reply to Sentinel

quote:
I don't have that file. Is it because I have only 1 profile for FF?
If you have FF, you do have "profiles.ini".

Profile folder - Firefox


therube

join:2004-11-11
Randallstown, MD
Reviews:
·Comcast
·Verizon Online DSL
reply to Sentinel

Without having looked at it, I'm thinking this will not provide enough functionality, Process Blocker is a Brick Wall for Unwanted Windows Processes.


OZO
Premium
join:2003-01-17
kudos:2

1 recommendation

reply to therube

said by therube:

quote:
I don't have that file. Is it because I have only 1 profile for FF?
If you have FF, you do have "profiles.ini".

Profile folder - Firefox

Not necessarily. For example I don't have "profiles.ini" file at all, because I always launch FF from a shortcut, containing "-profile " option...



To OP. When I don't want an installer to communicate with Internet while it's running (you've mentioned one of the reasons, but there are others too...), I can simply yank off network cable from my laptop, run installer and then put network cable back... Very simple, but nevertheless effective way to prevent all unsolicited communications. If it's somehow difficult in your case, you can make two shortcuts: one to disable network adapter, and another - to restore it back.
--
Keep it simple, it'll become complex by itself...


therube

join:2004-11-11
Randallstown, MD
Reviews:
·Comcast
·Verizon Online DSL

quote:
Not necessarily. For example I don't have "profiles.ini" file at all, because I always launch FF from a shortcut, containing "-profile " option...

Ah, yes, you are correct about that.

Here's what I use for that, MOZHERE.BAT:

:: MOZpHERE (aka MOZ_HERE) open Mozilla with arbitrary PROFILE, HERE (in current directory)
 
@echo off
echo "Open MOZILLA starting with a (new or otherwise) PROFILE in: "
PWD
pause
 
set MOZ_NO_REMOTE=1
if exist "C:\Mozilla\SeaMonkey\seamonkey.exe" start "" "C:\Mozilla\SeaMonkey\seamonkey.exe" -profile . -no-remote
set MOZ_NO_REMOTE=0
 


Sentinel
Premium
join:2001-02-07
Florida
kudos:1
reply to OZO

That will work for things like installers or things where I know in advance that the offending program is going to attempt it. Good idea for those types of things and I will do that.

However, the problem we have is when we aren't expecting it. Using the example I used before: I had an email that, upon deletion opened a browser and attempted to go to a website. In that situation you have to have the internet on and accessible because you are reading your email.


OZO
Premium
join:2003-01-17
kudos:2

said by Sentinel:

I had an email that, upon deletion opened a browser and attempted to go to a website. In that situation you have to have the internet on and accessible because you are reading your email.

That's the big problem you have on your hands. Please fix it before you go any further.

Mail should not be active an any way!!! Deleting mail should never trigger any activity (especially connecting to the Internet). Receiving maul should not trigger connection to the Internet either... Make sure that your mail program doesn't download any images from the Internet (or any other files) without your permission. It's possible to do and it must be done before you start using it.

Regarding general approach with unloosened connections to the Internet, I'd suggest (as many did before) to install local outbound firewall, that will block all outbound connections that you do not approve. In all my computers there is no one program, that could connect to the Internet without my prior approval. That's the rule. And BTW, sue to that rule I don't need (and never use at all) antivirus programs... making computer run faster and virus-free for years
--
Keep it simple, it'll become complex by itself...


Sentinel
Premium
join:2001-02-07
Florida
kudos:1

I use Popcorn which is very secure. Until now It (usually) does not do html email. And even when it does it does not and cannot do images. So this must have been in the code of the email; not an image. Usually I read email in plain text. Increasingly many emails are html and cannot be read in plain text. Popcorn does do very limited html rendering. Apparently in this instance it was enough to trigger the browser opening.

Also, as I have said before numerous times, I do have an outbound firewall. Windows firewall in Win7 does do outbound. I have mine set up to block all outgoing internet unless there is a rule that I specifically set up. Of course that does nothing because I have a rule set up to allow my browser. Any firewall that I have I would have to have a rule to allow my browser.

The problem is not that the browser is getting out. The problem is that I cannot stop any application from opening the browser. There should be a way to limit what programs can open other programs.


Frodo

join:2006-05-05
reply to Sentinel

said by Sentinel:

Using the example I used before: I had an email that, upon deletion opened a browser ...

Me thinks that means you have javascript enabled in your email client. I don't have javascript enabled in email.


Sentinel
Premium
join:2001-02-07
Florida
kudos:1

As far as I know Popcorn is not capable of doing javascript. I cold be wrong though as it is an old program and no longer updated by its creator.



therube

join:2004-11-11
Randallstown, MD
reply to Sentinel

Popcorn_ReadMe.txt v1.99.3:

* Immune to all forms of email attachment and HTML viruses/scripts/trojans
  because it does not display or run received attachments and/or HTML.
 


Sentinel
Premium
join:2001-02-07
Florida
kudos:1

That is from the original read me file which I don't think he ever updated. Newer versions do limited html and does not open attachments but does allow you to save them.

I don't know about javascript ability though.