Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Does oneself really need an Antivirus?
Message
<blockquote data-quote="Andy Ful" data-source="post: 738466" data-attributes="member: 32260"><p>Yes, I found it (Ask User), but this is only for <span style="color: rgb(65, 168, 95)"><strong>Certified applications</strong></span>, and the user will be alerted only for the suspicious applications (not for all applications). This feature is not for blocking the malware, but rather for avoiding blocking the legal applications.</p><p>.</p><p>Anyway, I found one useful feature related to folders:</p><p><strong><span style="color: rgb(41, 105, 176)">"<em>Exclude existing files and any future files in this folder </em></span></strong><em>- This option will exclude all currently existing files in the folder as well as all future files. It is less safe than first option; however, it might be useful for users who often modify files.</em>"</p><p>.</p><p>The above can be used for whitelisting/blacklisting folders.</p><p>There is an option 'Make it denied", that will apply all SpyShelter rules to this folder (I think). This would work as default-deny for suspicious applications. Yet, if the malware can behave like the legal software, then SpyShelter HIPS (deny template) can be bypassed, so this kind of security is only close to default-deny. The alerts can be suppressed by ticking the option 'Auto-block suspicious behaviour'.</p><p>One should test such setup to know how strong it can be.</p><p>.</p><p>Edit.</p><p>I think that the same thing can be done with Sandboxie (paid), by sandboxing disks or folders in a highly restricted sandbox.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 738466, member: 32260"] Yes, I found it (Ask User), but this is only for [COLOR=rgb(65, 168, 95)][B]Certified applications[/B][/COLOR], and the user will be alerted only for the suspicious applications (not for all applications). This feature is not for blocking the malware, but rather for avoiding blocking the legal applications. . Anyway, I found one useful feature related to folders: [B][COLOR=rgb(41, 105, 176)]"[I]Exclude existing files and any future files in this folder [/I][/COLOR][/B][I]- This option will exclude all currently existing files in the folder as well as all future files. It is less safe than first option; however, it might be useful for users who often modify files.[/I]" . The above can be used for whitelisting/blacklisting folders. There is an option 'Make it denied", that will apply all SpyShelter rules to this folder (I think). This would work as default-deny for suspicious applications. Yet, if the malware can behave like the legal software, then SpyShelter HIPS (deny template) can be bypassed, so this kind of security is only close to default-deny. The alerts can be suppressed by ticking the option 'Auto-block suspicious behaviour'. One should test such setup to know how strong it can be. . Edit. I think that the same thing can be done with Sandboxie (paid), by sandboxing disks or folders in a highly restricted sandbox. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
