With the popularity of computers and the Internet, various viruses and Trojans are also increasing, especially some new viruses and Trojans, often before antivirus software provides effective killing methods. It has already caused serious damage to the user's interests, and the computer security issue is even more important when more and more important data and information are stored in the computer.
in Windows7 them, we can use the system comes with AppLocker functionality to further enhance the security of the system, usually do not affect the normal operation, and can effectively prevent malicious programs run!
do not forget to run AppLocker is enabled services
first, right-click on the computer, select "management → services", find "ApplicationIdentity" service and set to start automatically. This step is very important because AppLocker will only take effect if it is set to autostart.
then enter in the Start menu search box "gpedit.msc" start Group Policy Editor. Expand Computer Configuration→Windows Settings→Security Settings→Application Control Policy, and you will see a related setting item called AppLocker. After
select the setting item, in the right window you can see three types of "executable rule", "Windows Installer rules" and "script rules." You can create a new rule by right-clicking on each rule, and you can create a corresponding action rule according to your needs.
Tip: first use of AppLocker, after the completion of the configuration must restart the computer to make the policy effective.
chopper small scale so that the virus can not do anything flash
Usually we often use flash memory, use some file transfer or share it. But now the flash virus is very rampant and often causes our system to be repeatedly poisoned. At this point we can use AppLocker to create a corresponding rule to avoid the destruction of the system by the flash virus. One of the key files for flash virus propagation is "AutoRun.inf", so you only need to disable this file from running.
First we checked the list in the left window "script rules", then right-click to select "Create new rule" command in the right window, then the system will pop up "to create a script rule" window . Select "Reject" in the "Action" of the window, then select "Everyone" in "Users or Groups", and then click the "Next" button. Then select the "Path" option in the creation conditions of the window, and then click "Next". Then type "?:AutoRun.inf" in the "Path" box (as shown in Figure 2), and then continue to click the "Next" button. Since there are no other required operations in the back, just click the "Create" button to complete the creation of the rule. Now plug in the flash, it will not be poisoned by the automatic operation of the flash.
Tip: With the above settings, auto-run functionality flash memory and CD-ROM will be disabled, if you want to disable the auto-run flash function, only need to specify the drive letter to the flash memory. In addition, AppLocker can use the relative path or system variable of a file or folder in addition to the absolute path of the file or folder. For example, "%WINDIR%" represents the location of the operating system directory, and "%TEMP%" represents the current system default temporary directory.
advanced file security application protection system
now but pervasive computer virus, even if their care may also be caught again. Many viruses use Windows to "over-trust" files in their own directories to run or infect system files, so we can write a rule that prohibits virus executables from running in the system directory. The principle is very simple, you only need to prohibit other program files in the Windows directory except the system executable file.
same, or create a new executable rules in the right window. First select "Reject" in the "Action" of the window, select "Everyone" in "User or Group", click the "Next" button, select the "Path" option in the creation condition of the window, and then in the "Path" box Enter "%WINDIR%*.exe", then select "Publisher" in the "Exceptions" window and click the "Add" button. Click the "Browse" button in the pop-up window. Feel free to select a Microsoft program file from the pop-up window, then move the slider to the "Publisher" position (as shown in Figure 3), then click the "OK" button in the window to confirm the relevant settings. That's it. At this time, you can see the publisher's information in the "Exceptions" list, and finally click the "Create" button to complete the rule creation.
Tip: Since Microsoft has released an exceptional person, so the system directory among all the system comes with software that can be run properly, but even if a virus or Trojan horse "sneak into" the system directory can not run, of course, It is impossible to tamper with system files, and it cannot harm the security of the system and users. At the same time, the path or file name in the rule can also use wildcards, which makes it easy to set a certain type of file, such as "?:*.exe", which means any executable file in any directory, "D: *" means any file under the D drive. But this operation requires a certain computer-based, novice with caution!
limit extension application program running
known fact AppLocker addition to the virus active defense capabilities, but also can be used to limit known run the program software!
such as the need to limit a child to run a game, you can create a rule by AppLocker, stop running the game. If the game doesn't need to be installed, then using the "path" to judge, obviously can't avoid the problem that the child can run the game to other directories, but it doesn't matter, just create a "file hash" type rule. This way, no matter where the game moves, the rule will stop the file hash as long as it finds that the file hash is the same value.
In addition, our computer which will store some important documents, in order to prevent others from freely modified, can be used to create AppLocker rules will protect up these files. The method is very simple, just temporarily disable the software program that opens these files.
by the previous introduction we can understand, use AppLocker can well protect the system files, thus avoiding computer viruses cause damage to the system files. As long as the system files are intact, even if the virus infects certain applications, it will not affect the normal operation of the system. In this case, you can use the anti-virus software to easily get the virus. how about it? Give it a try and quickly
Comments:! AppLocker is a new feature among Win7, and there is no option to do this among the control panel, so many users do not understand its function, do not even know it presence. In fact, the flexible use of AppLocker can effectively manage how users run all types of application files, including executable files, script files, program installation files and dynamic link library files, etc., and can well protect system file security, not afraid of unknown viruses. damage. In addition, the flexibility to use AppLocker's rule combination can also achieve more features. For example, only users with certain permissions are allowed to run a certain program, and only a certain user can run certain software or existing software in a certain directory.
AppLockerQ & A
Q: how do if my main program is not installed in the system directory, but they also want to add protection?
A: Simply put, create a rule, will add in your program, or the program installation directory, and then carry out specific settings can be based on the need to "reject" and "exceptional" among the list.
Q: Some software is not among the allowed directory, or is not an exception among the list of how to do?
A: Again very simple, click with the right mouse button and run it as an administrator.
Q: Some of the software itself requires write access to files, or generate new files (eg download), how to do?
Answer: Give relevant directories and files "AuthenticatedUsers" full control permissions to users.