October 22, 2015 at 14:59We get rid of Amigo, MailUpdater, Yandex.Browser and other
The whole story is that it is possible in principle to prohibit the installation of programs in a domain using GPO, and in this case, the installation will require the login / password of an account with the necessary rights. But here's the problem - programs like the articles indicated in the title (+ browser manager, Unity Player, etc.) are installed in the user’s folder and successfully work in the system. Found a very simple (article on 1 page) way to get rid of Amigo once and for all! Who cares, please, under the cat.
Google on this topic issues articles that describe the algorithm for banning the installation of programs according to the publisher’s certificate. The method is good, but time-consuming, and the certificates can change, and getting them out of the installer is problematic ... in the end, I never managed to implement it. My algorithm is very simple:
We know that the programs “loved” by all admins are installed in the c: \ Users \% username% \ AppData \ Local folder (correct if there are still hidden places). That came into my head the idea that if you create a folder with the names of ourselves unnecessary programs and remove themnafig all ntfs right, it turns out that the program simply can not be established in the desired folder.
So this script:
As you can see, the list of programs in the example is small (Mail.Ru and MailRu are from mail and satellite games, UnityPlayer, Amigo, Apps - I saw something bad there).
The list can be replenished with any noticed programs that create your own folder, the main thing is to know the name of such a folder. There is still a bunch of nasty things like the Browser Manager, nichrome, bromium and more. While this did not get to us, I can’t find out the names of the folders, but everything is in your hands!
Then everything is simple - we put the launch of this file in the logon scripts, or in the assigned tasks (for the user when entering the system), and enjoy the result! Works in Win7 100%, Amigo, for example, does not even produce any errors, it simply does not install.
ps Amigo and other rubbish may start earlier than the script, thereby preventing it from deleting its folder. To make everything clear, you need to rewrite the script so that it scans all the folders of all users of the computer for “bad” ones and put it to execution when the computer starts. Emotions overwhelm me, I rather wanted to write an article, so finish the script yourself to the desired state.
pss Please do not say that the script isshittyly written ugly, and everything can be done in a loop by sorting through the list of folders, etc. ... It is facilitated to make the idea of the idea as a whole simple.
Google on this topic issues articles that describe the algorithm for banning the installation of programs according to the publisher’s certificate. The method is good, but time-consuming, and the certificates can change, and getting them out of the installer is problematic ... in the end, I never managed to implement it. My algorithm is very simple:
We know that the programs “loved” by all admins are installed in the c: \ Users \% username% \ AppData \ Local folder (correct if there are still hidden places). That came into my head the idea that if you create a folder with the names of ourselves unnecessary programs and remove them
So this script:
::удаляем папки если они уже есть
rmdir c:\Users\%username%\AppData\Local\Mail.Ru /s /q
rmdir c:\Users\%username%\AppData\Local\MailRu /s /q
rmdir c:\Users\%username%\AppData\Local\Unity /s /q
rmdir c:\Users\%username%\AppData\Local\Amigo /s /q
rmdir c:\Users\%username%\AppData\Local\Apps /s /q
::создаем папки
mkdir c:\Users\%username%\AppData\Local\Mail.Ru
mkdir c:\Users\%username%\AppData\Local\MailRu
mkdir c:\Users\%username%\AppData\Local\Unity
mkdir c:\Users\%username%\AppData\Local\Amigo
mkdir c:\Users\%username%\AppData\Local\Apps
::устанавливаем права (заменяем все существующие на новые)
echo y|cacls c:\Users\%username%\AppData\Local\Mail.Ru /C /G domain.ru\adminuser:F
echo y|cacls c:\Users\%username%\AppData\Local\MailRu /C /G domain.ru\adminuser:F
echo y|cacls c:\Users\%username%\AppData\Local\Unity /C /G domain.ru\adminuser:F
echo y|cacls c:\Users\%username%\AppData\Local\Amigo /C /G domain.ru\adminuser:F
echo y|cacls c:\Users\%username%\AppData\Local\Apps /C /G domain.ru\adminuser:F
As you can see, the list of programs in the example is small (Mail.Ru and MailRu are from mail and satellite games, UnityPlayer, Amigo, Apps - I saw something bad there).
The list can be replenished with any noticed programs that create your own folder, the main thing is to know the name of such a folder. There is still a bunch of nasty things like the Browser Manager, nichrome, bromium and more. While this did not get to us, I can’t find out the names of the folders, but everything is in your hands!
Then everything is simple - we put the launch of this file in the logon scripts, or in the assigned tasks (for the user when entering the system), and enjoy the result! Works in Win7 100%, Amigo, for example, does not even produce any errors, it simply does not install.
ps Amigo and other rubbish may start earlier than the script, thereby preventing it from deleting its folder. To make everything clear, you need to rewrite the script so that it scans all the folders of all users of the computer for “bad” ones and put it to execution when the computer starts. Emotions overwhelm me, I rather wanted to write an article, so finish the script yourself to the desired state.
pss Please do not say that the script is