Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Hard_Configurator - Windows Hardening Configurator
Message
<blockquote data-quote="Andy Ful" data-source="post: 755459" data-attributes="member: 32260"><p>Yes, you use some capabilities of 'Run By SmartScreen' to test forced SmartScreen - that is OK because you intended to use it that way. But, the recommended way for the average user, would be 'Run By SmartScreen' <span style="color: rgb(0, 0, 0)">all tested malware samples. That is why I wrote the note about 'Run By SmartScreen'. </span></p><p></p><p>I am not sure what happened. Some time ago I tested many malware samples against WD, and some files were locked for several minutes by WD - that depended on the number of samples. In the high settings each file can be locked for max 60s, but when it is recognized as malicious then the time can be substantially longer because WD is very slow to quarantine the files. If the file happened to be locked, and <span style="color: rgb(0, 0, 0)">'Run By SmartScreen'</span> was used before it has been quarantined, then it could be not checked by SmartScreen.</p><p><strong><span style="color: rgb(184, 49, 47)">So, when testing SmartScreen, it is better to turn off WD realtime protection.</span></strong></p><p></p><p>Edit (for Hard_Configurator users)</p><p><strong>Run By SmartScreen = forced SS (all supported files) + block dangerous files + allow other files</strong></p><p>It is recommended for running/opening all new files in the default-allow security setup.</p><p></p><p><strong>Run As SmartScreen = forced SS (only EXE, MSI) + Run as administrator (EXE, MSI) + block other files</strong></p><p>It is recommended only for the application installers (EXE, MSI) in SRP based setup (default-deny).</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 755459, member: 32260"] Yes, you use some capabilities of 'Run By SmartScreen' to test forced SmartScreen - that is OK because you intended to use it that way. But, the recommended way for the average user, would be 'Run By SmartScreen' [COLOR=rgb(0, 0, 0)]all tested malware samples. That is why I wrote the note about 'Run By SmartScreen'. [/COLOR] I am not sure what happened. Some time ago I tested many malware samples against WD, and some files were locked for several minutes by WD - that depended on the number of samples. In the high settings each file can be locked for max 60s, but when it is recognized as malicious then the time can be substantially longer because WD is very slow to quarantine the files. If the file happened to be locked, and [COLOR=rgb(0, 0, 0)]'Run By SmartScreen'[/COLOR] was used before it has been quarantined, then it could be not checked by SmartScreen. [B][COLOR=rgb(184, 49, 47)]So, when testing SmartScreen, it is better to turn off WD realtime protection.[/COLOR][/B] Edit (for Hard_Configurator users) [B]Run By SmartScreen = forced SS (all supported files) + block dangerous files + allow other files[/B] It is recommended for running/opening all new files in the default-allow security setup. [B]Run As SmartScreen = forced SS (only EXE, MSI) + Run as administrator (EXE, MSI) + block other files[/B] It is recommended only for the application installers (EXE, MSI) in SRP based setup (default-deny). [/QUOTE]
Insert quotes…
Verification
Post reply
Top
