(imported topic written by SystemAdmin)
Hi,
Anyone have idea about how to block or stop specfic windows process by registry or windows scheduler jobs.
(imported comment written by tratz91)
If you are OK with a timed process to check for and stop a process (task scheduler) and you don’t need real-time process monitoring, you may want to consider simply deploying a fixlet action as a “policy” that re-applies each time it becomes relevant.
For example:
Relevance:
exists running application “limewire.exe”
Action:
taskkill /im limewire.exe
regset "
HKEY_LOCAL_MACHINE\Software\KEYNAMEHERE
" “LastKilledLimeWire”="{now}"
Doing this via BigFix will also enable you to collect metrics via a custom analysis, if desired, for how often the action had to fire and on which machines. If metrics are not needed, you can skip the regset command in the action example above.
I hope this helps.
Tom