How to Easily Prevent Ransomware and Malware with SRP

Software Restriction Policies (SRP) is one of the features of windows to roll out any application that can be run on a windows computer.

With SRP we can block viruses, ransomware, or malware that is accidentally triggered because of our activities in using the internet. Such as phishing emails or content that has been infected with malware/ransomware due to improper download habits.

For those of you who have young children, you can use SRP to block applications or games that are not useful.

There are 2 basic techniques for using SRP:

  1. White Listing,all applications are blocked except those in the list.
  2. Black Listing,as opposed, all applications are allowed except those on the list.

To prevent ransomware or malware, the most effective way is to use whitelisting techniques. For the black listing see here.

Steps to prevent ransomware or malware with SRP

  1. Open Group Policy Editor
    Click + R, type“gpedit.msc”
  1. Select Computer Configuration/Windows Settings/Security Settings/Software Restriction Policies. In the right column there will be a description of No Software Restriction Policies Defined if you have never created.
TOP TUTORIALS:  How to Check Indosat Number Quickly
  1. Then right-click and select New Software Restriction Policies
  1. Open Designated file types
  1. Find extension“LNK”and remove
  1. After that open“Additional Rule”,in the right column has been formed default rule. The first is permission for windows system (1) and permission for applications installed in program files (2).
  1. If you’re using windows x64, you need to add permissions for the program files folder (x86). How to right-click and select “New Path Rule” (1), in the popup window you can type the folder (2) or can click “Browse” and select the folder (3). Make sure the security level is “Unrestricted” (4). Then click OK.
  1. Not all applications are installed by default to the program files folder, such as Zoom. For the application it is necessary to add the location of the installation folder.
  1. As a final step, select Security Levels. In the right column and select“Disallowed”then right-click, then select“Set as default”

For those who experience difficulties in their use, please discuss in the comments field.

TOP TUTORIALS:  How to Rename a PC and Join a Windows 10 Domain

May be useful.

Leave a Comment

Your email address will not be published. Required fields are marked *