Guide | How To Easy Application Control on Windows

The associated guide may contain user-generated or external content.

cartaphilus

Level 7
Verified
Well-known
Mar 17, 2023
333
App Install Control - Easy Application Control on Windows
Post updated/corrected 05.05.2024

  1. Can be easily applied in a few seconds (on Windows 11 the Smart App Control must be set to OFF).
  2. Blocks files originating from the Internet Zone (files downloaded from the Internet - files with MotW).
    Default Block List includes over 100 file types (executables, scripts, scriptlets, shortcuts, etc.).
  3. Allows popular documents, media files, and other files usually downloaded by home users (except application installers).
  4. Does not affect already installed applications and software auto-updates.
  5. Cannot break anything (installed software, Windows Updates, etc.).
  6. No whitelisting, but the blocked file can be easily unblocked from the right-click Explorer context menu.
  7. Allows application installations from Microsoft Store and gaming platforms (Steam, Epic Games, etc.).
  8. Does not protect from malware distributed via removable drives shared with other people.

Default list of blocked file types (Windows 11):
.ade, .adp, .app, .appref-ms, .asp, .bas, .bat, .cer, .chm, .cmd, .cnt, .com, .cpl, .crt, .csh, .der, .exe, .fxp, .gadget, .grp, .hlp, .hpj, .hta, .img, .inf, .ins, .iso, .isp, .its, .js, .jse, .ksh, .lnk, .mad, .maf, .mag, .mam, .maq, .mar, .mas, .mat, .mau, .mav, .maw, .mcf, .mda, .mdb, .mde, .mdt, .mdw, .mdz, .msc, .msh, .msh1, .msh1xml, .msh2, .msh2xml, .mshxml, .msi, .msp, .mst, .msu, .ops, .pcd, .pif, .pl, .plg, .prf, .prg, .printerexport, .ps1, .ps1xml, .ps2, .ps2xml, .psc1, .psc2, .psd1, .psm1, .pst, .reg, .scf, .scr, .sct, .shb, .shs, .slk, .theme, .tmp, .vb, .vbp, .vbs, .vhd, .vhdx, .vsmacros, .vsw, .webpnp, .website, .ws, .wsc, .wsf, .wsh, .xnk

Those files are probably related to the IE Unsafe File List:
https://learn.microsoft.com/en-us/t...rivacy/information-about-the-unsafe-file-list

It is possible to extend the Block List to include other filetypes by editing the Registry key:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\safer\CodeIdentifiers
Details can be found in the post:
https://malwaretips.com/threads/easy-application-control-on-windows.130803/post-1085791

It would be recommended to add:
.accda, .accdu, .cab, .csv, .diagcab, .dqy, .ecf, .elf, .fon, .ime, .iqy, .jar, .mdf, .mdn, .oqy, .pa, .ppa, .ppam, .rqy, .rtf, .settingcontent-ms, .wll, .wwl, .xla, .xll, .xlm


View attachment 283170



How to tweak it.

View attachment 283169


How to unblock the file.

View attachment 283168

Easy Application Control can cover almost all initial attack vectors at home if one uses Microsoft Defender + ConfigureDefender, Windows built-in applications (archiver, email-client, etc.), and MS Office. See also:
https://malwaretips.com/threads/easy-application-control-on-windows.130803/post-1085906
If one is using ESET instead of defender then does this security setting still block attacks? What is lost by not using defender?

Thank you
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,259
If one is using ESET instead of defender then does this security setting still block attacks?

Yes.

What is lost by not using defender?

Defender.:)

The advantage of using Microsoft Defender over Eset is when you use Defender with advanced settings (ASR rules, Network Protection), especially with Microsoft Office and Adobe Acrobat Reader.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top