Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Does oneself really need an Antivirus?
Message
<blockquote data-quote="ichito" data-source="post: 739109" data-attributes="member: 15835"><p>Hi...here are my observations after making some short test connected to level protection of SS and "default deny/allow" feature...each one made with enabled "Auto-block suspicious behaviour" option and empty list of rules (in "Aplication Execution Control" also)</p><p>- "Ask user" level - with no rules nothing can be launched...you can't run any process including system/MS processes e.g. Control Panel and you can't even switch-off the system (of course you can power-off phisical machine), every rule added to the list is "block". In this context I don't think that "Certified applications" can play some role...for me they are useless in such settings.</p><p>- "Auto allow - high..." - known apps can be launched but SS automaticaly creates "block" rules for some specific (suspicious for SS) actions/behaviours...here trusted signers can play the role by allowing to run apps and acting only "non-critical" actions</p><p>- "Auto allow - medium..." similar to mentioned abowe but most of actions are automaticaly allowed without adding to the list of rules...I noticed only blocked (and added to the list) actions that are "very critical" for system like #26,48,50</p><p>- Allow Microsoft" - I didn't noticed blocked actions of diferent apps/processes but only automaticaly allowed and added to the list...maybe such processes don't present suspicious behaviour?</p></blockquote><p></p>
[QUOTE="ichito, post: 739109, member: 15835"] Hi...here are my observations after making some short test connected to level protection of SS and "default deny/allow" feature...each one made with enabled "Auto-block suspicious behaviour" option and empty list of rules (in "Aplication Execution Control" also) - "Ask user" level - with no rules nothing can be launched...you can't run any process including system/MS processes e.g. Control Panel and you can't even switch-off the system (of course you can power-off phisical machine), every rule added to the list is "block". In this context I don't think that "Certified applications" can play some role...for me they are useless in such settings. - "Auto allow - high..." - known apps can be launched but SS automaticaly creates "block" rules for some specific (suspicious for SS) actions/behaviours...here trusted signers can play the role by allowing to run apps and acting only "non-critical" actions - "Auto allow - medium..." similar to mentioned abowe but most of actions are automaticaly allowed without adding to the list of rules...I noticed only blocked (and added to the list) actions that are "very critical" for system like #26,48,50 - Allow Microsoft" - I didn't noticed blocked actions of diferent apps/processes but only automaticaly allowed and added to the list...maybe such processes don't present suspicious behaviour? [/QUOTE]
Insert quotes…
Verification
Post reply
Top