Third, right-click on the "executable program rules", "installer rules", "script rules", create a default rule, you can.
The meaning of the default rules:
1, any user can run c:\\Windows\\* and C:\\ProgramFiles\\* (if it is a 64-bit system, it contains C:\\ProgramFiles (86)\\*) All executable files and scripts;
2. After the authorization, the administrator can run the program at any location.
Note: Under this default rule, you can double-click any program in the non-c:\\Windows\\* and C:\\ProgramFiles\\* locations, the program can't run, you can only run right as an administrator.
Four, most people's programs are not installed under C:\\ProgramFiles\\*, what should I do? In the "executable rules", "script rules" (installer rules remain the default) right click → new rule, select allow or deny, the user keeps the default Everyone (ie any user) → next, browse to the path Your program or directory (preferably a directory, just a rule, such as d:\\ProgramFiles\\*) → create.
V. The first time you use AppLocker, after setting the above, you must restart the machine (cannot log out) to make the policy take effect.
Six, you're done, now use IE on any website, double-click any virus, as long as you don't put the virus in the path allowed above.
VII. Questions? Netma copy itself to the system directory? impossible. In the state where UAC is turned on, the current user and the program that it runs cannot read the bottom disk in the so-called AD behavior in HIPS. You cannot write the registry entries in the RD rules of the mainstream HIPS in this forum. You cannot write USER. System removal outside the directory, it can be said that UAC is a strict HIPS.
Eight, doubt: I have some green software that is not commonly used, such as registration machine, MD5 verification program, etc., not in the program installation directory, I have not created permission rules in AppLocker, then I want to use it Will it be very troublesome? The answer is: no trouble at all, right click on the administrator to run.
Win7 has a self-evident advantage compared with the previous generation of Vista, taking up
In the Windows 7 environment, the computer has no sound, what should I do? Often, there are many rea
At present, the most popular Win7 has a much larger memory footprint than the previous XP system. Ma
No matter how powerful your computer configuration is, even if you use the latest Windows7 system th
Win7 Method for removing Windows services
Win 7 desktop set shortcuts one-button lock hibernation
Windows 7 Comic Album: Display the desktop button
4 secret technology to make Windows7 start acceleration
Let the Win 7 right-click menu always show all content
Explain the power management features of Win7
What can I do if the U disk is not recognized on Win7
How to make the Win7 system recovery tool function become stronger
Modify the Windows 7 system registry to improve the startup speed (1)
The difference between Windows 7 multi-monitor and multi-display (2)
Wonderful use of the library in Win7 to efficiently organize your documents
Win8 system bearer network settings
How to remove the search box above IE? (1)
Simplified and simplified Microsoft Windows Start Menu Evolution History
Windows 2000 installation diagram
Installed Window7 in IDE mode and changed back to achi
Win10 system open task scheduler prompt "task object version is not supported or invalid" solution
Design and create personalized Windows 8 system start screen
Method for adjusting screen refresh rate under Linux system
The general solution for the pea pod and the mobile phone can not be connected