5 replies to this topic

[Nub]

Hi, I came from here and was referred to by Juliet in hopes I could seek advice on a decent setup for Group Policy setting that will pro-actively prevent viruses/malware from running in future. I know jack all about Group Policy, but I heard it's one way to proactively prevent viruses/malware from even running/installing into machines with these running.....

 

Here's a picture of my current(or was, not sure if it's changed now or not now that I've ran Tweak.com program to fix up some stuff if you've followed along that thread post I linked above), oh well I've attached the screenshot so you can check it there. I would also like to have these settings applicable to all and any of computers at home(and future builds), not just only my laptop please.

 

Ok, well from those settings, I have noticed these programs fail to load: cmd.exe, Windows Task Manager and Process Explorer. Any way to keep those settings but still enable these three programs to run? I guess cmd can be temporary, because I rarely use cmd for any of the stuff I do on my computers....but would disabling cmd also screw up some programs/games I use/play? Or should I be fine with cmd completely disabled?

 

And also if there's anything to improve/remove to make this work, that would be nice!

 

Thanks.

Attached Thumbnails

• 

Edited by Nub, 20 August 2016 - 05:26 AM.

[LDTate]

I don't believe anyone here works with Group Policies.
I'd suggest you work with Microsoft for that.

https://support.microsoft.com/en-us

[Nub]

I don't believe anyone here works with Group Policies.
I'd suggest you work with Microsoft for that.

https://support.microsoft.com/en-us

Oh, hi there and here I thought I was alone on my little island! hahaha

 

So no one here has any experience nor applies Group Policy settings (GPS) as a measure of defense against viruses/malware? That's...hard to believe actually(and you're the Root Admin so I'm guessing you're as high up as can be on this forum?), just when I read up on this and the various ways you can prevent malware from installing or running and even read forum posts from other forums(but they're for their own setup and probably won't work for me nor have they detailed what they've done in it either so I have no idea which is good and which is bad and how to allow specific programs/games to go past and block all unknowns) so I've just gotten a basic idea from an article I had read about using GPS....

 

So Juliet was wrong then to have referred me to a forum that has absolutely no knowledge of GPS? Perhaps he just googled for forums and happen to find this on the first page and thought this pace might know a thing or two about it... Actually, does anyone here even know Juliet from that Spybot forum...? Or is this really some random forum the guy picked from a google search? Heh

 

I guess I'll go take my leave here and post on another forum then......or maybe I need to go to a specialist forum?

 

Thanks for replying I guess.

Edited by Nub, 24 August 2016 - 03:25 PM.

[LDTate]

Yes we know Juliet.

The only time I've seen folks use Group Policies have been for a network and that has been for user specific issues.
You can limit users access in different ways besides GP's like Limited User Accounts (UAC)

Most normal setups do not need to use GP's. Using Anti-virus, Anti-Malware and a firewall takes care of most issues.
Don't open email attachments, don't use P2P software and most importantly, current backups.

Yes, I suggest you search out a specialist forum.

I take it you don't want to work with MS about GP's?

[Nub]

Yes we know Juliet.

The only time I've seen folks use Group Policies have been for a network and that has been for user specific issues.
You can limit users access in different ways besides GP's like Limited User Accounts (UAC)

Most normal setups do not need to use GP's. Using Anti-virus, Anti-Malware and a firewall takes care of most issues.
Don't open email attachments, don't use P2P software and most importantly, current backups.

Yes, I suggest you search out a specialist forum.

I take it you don't want to work with MS about GP's?

 

Ah I see...

 

Well the last time I contacted them, they took like forever to reply back about a question for an ancient computer I had running......and by the time they did reply back, I was no longer using said system anymore!

[LDTate]

I suggest you search out a specialist forum.