How to test applocker

Discussion in 'other software & services' started by Essentials, May 7, 2011.

Thread Status:
Not open for further replies.
  1. Essentials

    Essentials Registered Member

    Joined:
    Mar 21, 2011
    Posts:
    49
    Hi all,

    I have just activated applocker with the default rules. I have already had to add a plublisher rule as my dropbox was not able to execute (I suppose this is because I dont have it installed in the program files directory).

    I would like to test applocker by downloading some exe file and trying to execute it somewhere in my PC, but in all of the cases UAC jumps and asks me for administrator credentials so I am not able to check if applocker would have blocked the file. What can I do to test applocker?

    Are the publisher rules safe? I mean, is malware capable to get signed by know signatures such as microsoft, google, or even dropbox for example?

    Thanks
     
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Copy .exe files in your whitelisted directories that don't have the UAC shield icon to other directories. Then execute them.

    Or you can download a portable program like VideoCacheView. Most installers require admin rights.
     
  3. Essentials

    Essentials Registered Member

    Joined:
    Mar 21, 2011
    Posts:
    49
    Thanks, I was able to test it now. Applocker is great.

    What about the signatures? Is malware able to be signed by known companies signatures?
     
  4. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    It is possible, and I don't think you need those rules anyhow.
     
  5. Essentials

    Essentials Registered Member

    Joined:
    Mar 21, 2011
    Posts:
    49
    With applocker and the publisher rules (which are based on signed software) things are much easier to configure. I dont have alL my programs installed in program files because I have a standard account, so if I set these rules programs will work independantly where they are installed. I would not set publisher rules for all companies but for microsoft, google (the big ones) why not.
     
  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    I'd just whitelist the Google installation directory (no clue why it's in Users) and whatever else, but it's your choice.
     
Loading...
Thread Status:
Not open for further replies.