AppLocker, which is built in to Windows 7 Enterprise and Windows 8, prevents unknown applications programs from running unless installed or otherwise pre-cleared by an admin first. This provides tremendous protection against malware. Even antivirus companies are publicly saying that antivirus provides little protection against current malware. Rather than attempt to enumerate what's bad, application whitelisting technologies like AppLocker enumerate what's good, and deny everything else. This turns out to be a lot easier than it sounds.
...