If the test was performed with Hard_Configurator, then the settings are not the standard ones.Picture explains it all. In one of the test videos the testers response after this block is to run the sample as admin and passes SRP. And hard-configurator allows it (because it is set up that way). Next ransomware with admin rights destroys the system. What is the consensus of the members. Block or Fail
View attachment 211815
On Windows 8+ in the recommended H_C settings, the user cannot use "Run as administrator" option to run files with admin rights. The file can be "Run As SmartScreen", which means that is run as administrator only if it is accepted as safe by Windows SmartScreen Application Reputation filter. If the malware from the test managed to fool the SmartScreen and infect the system, then it should be counted as a fail. This is possible (very rarely), and there was one such case in @askalan tests for H_C (no AV setup) made in the period January-March 2019.
Disclaimer: Experimental setup for testing the effectiveness of Windows SmartScreen and script restrictions against 0-day malware samples. This test is suitable for users with more knowledge about Windows built-in security features. changed configuration from 7 January 2019: 1. Containment...
Containment: VirtualBox 5.1.38 Windows: 10 LTSB VPN: CyberGhost Product: Windows SmartScreen (activated by Hard_Configurator with recommended SRP and restrictions) Office: LibreOffice (standard settings) Disclaimer: Experimental setup for testing effectiveness of Windows SmartScreen and script...
Hard Configurator report for march 2019 Containment: VirtualBox 5.1.38 Windows: 10 LTSB VPN: CyberGhost Product: Windows SmartScreen (activated by Hard_Configurator with recommended SRP and restrictions) Office: LibreOffice (standard settings) al-khasar test results: link Disclaimer...