How to fix problem security protect running .exe and .cmd

Question

Hi every one,
I have problems with Window 11 Pro Version 22H2, Window Refusing to run the .cmd script if commands are issued through an .exe program, such as the Setup.exe of an application. If there is an attempt to execute a .cmd file, an error notification will be displayed, stating:

Unable to execute file:
C:/path/file.cmd

CreateProcess failed; code 225.
Opeation did not complete successfully because the file

contains a virus or potentially unwanted software.

Including Windows applications that are developed to utilize other .exe files via the command System.Diagnostics.Process.Start(path, args); path (string filename) represents the location of the .exe file and args (string argument) is an array sent to that .exe for processing.

However, the Windows system might mistakenly perceive this as a virus, leading to the following error message:

"Operation did not complete successfully because the file contains a virus or potentially unwanted software."

All the issues mentioned do not occur on any Windows versions except for Windows 11 Pro. Windows 7, Windows 10 Pro, and Windows 11 Home can all run this particular window application without any problems whatsoever.

As a preliminary measure, I have already closed the Windows firewall and turned off real-time protection,
Win + R to change gpedit.msc in subject Windows Defender SmartScreen, yet the issue remains the same.

Answer 1

Hello there,

It seems like you're asking about security measures to protect the execution of .exe and .cmd files. To enhance security and prevent unauthorized execution of these types of files, you can take several steps:

User Permissions:

Ensure that users only have the necessary permissions to execute .exe and .cmd files. Limiting access to these files can help prevent unauthorized execution. Use file system permissions to control who can access and execute these files.

Whitelisting and Application Control:

Implement whitelisting solutions or application control mechanisms. This involves specifying a list of approved .exe and .cmd files that can be executed. Any attempts to run files not on the whitelist are blocked.

Antivirus and Anti-Malware:

Use reputable antivirus and anti-malware software to scan and monitor files for malicious content. These tools can help detect and prevent the execution of harmful .exe and .cmd files.

Group Policies:

If you're in a corporate environment, use Group Policies (on Windows systems) to restrict the execution of .exe and .cmd files in specific directories or for specific user groups.

Software Restriction Policies (SRP) or AppLocker:

On Windows systems, you can use Software Restriction Policies or AppLocker to control which applications are allowed to run based on rules you define. This can prevent the execution of unauthorized .exe and .cmd files.

File Integrity Monitoring:

Set up file integrity monitoring tools that can detect changes to critical .exe and .cmd files. If any unauthorized modifications are detected, the system can take appropriate action, such as alerting administrators or rolling back changes.

Implementing Execution Policies:

PowerShell scripts and batch files can also pose security risks. Set PowerShell execution policies to prevent the execution of unsigned scripts or scripts from remote sources without explicit approval.

I used AI provided by ChatGPT to formulate part of this response. I have verified that the information is accurate before sharing it with you.

Hope this resolves your Query !!

--If the reply is helpful, please Upvote and Accept it as an answer--