The’re lots of solutions to stop viruses on Windows, but many are only focussing on the definitions of these viruses.  You can block the process at the base for some of them. There are many viruses or malware that install blithely in “Appdata” directory, a default hidden folder in the files of the administration account or in the one of the user.

This directory is very prolific for spywares, keyloggers and other malwares. It is possible for you to prevent the creation of new directories, files, and block executable for that specific folder.

We’ll see the procedure to block .EXE files in that directory:

1. Right-click the WIndows icon at the bottom left of the screen.

2. Select “Run”.

3. Type: gpedit.msc and ENTER to open the Group Policy Editor.

This editor allows you to create custom rules to prevent viruses from using the directory “Appdata”.

4. In the “Computer Configuration” section, click “Windows Settings”

5. Click the “Security Settings” tab, then “Software Restriction Policies”

6. Right click on “Additional Rules” and “New Path Rule” for all following rules. Do not forget to press the “Apply” button to save your rules.

We will create 6 custom rules in total in this section. For each rule, you do step 6.

Rule 1:

Path: % AppData% Local \ *. Exe

Security level: Not permitted

Description: Do not allow executables in Appdata

Rule 2:

Path: % LOCALAPPDATA% \ * \ *. Exe

Security level: Not permitted

Description: Do not allow executables in subdirectories of Appdata

Rule 3:

Path: % LOCALAPPDATA% \ Temp \ * zip \ *. Exe.

Security level: Not permitted

Description: Prevent executable .ZIP archive files attached to emails using the space of the user.

Rule 4:

Path: % LOCALAPPDATA% \ Temp \ 7z * \ *. Exe

Security level: Not permitted

Description: Prevent executable archived files attached to emails .7z to use the space of the user.

Rule 5:

Path: % LOCALAPPDATA% \ Temp \ Rar * \ *. Exe

Security level: Not permitted

Description: Prevent executable files RAR archive attached to emails using the space of the user.

Rule 6:

Path: % LOCALAPPDATA% \ Temp \ wz * \ *. Exe

Security level: Not permitted

Description: Prevent executable files Winzip annexed to archived emails using the space of the user.

We believe that this additional rules will make your computer more secure but you must keep your antivirus.

Also, consider these steps to properly secure your computer:

– Software: Malwarebytes Anti-Exploit
– Software: KeyScrambler
– Enable Windows Firewall
– Do your updates regularly for WIndows or for the virus definitions
– Do not surf on insecure sites or file sharing websites (P2P). If you can not stop you from using them, then use a second computer dedicated solely to these tasks or use a virtualization space on your computer, it will be effective against the spread of viruses and if you are infected, then you destroy this virtual space.