Azure

Level 23
Content Creator
Verified
OS: Windows 10 - latest version
Full product name: Windows Defender(Cloud based protection and automatic sample submission must be enable) + UAC at Max
Special testing requirement: Must be on a SUA account. Click "No" on every UAC alert that the malware sample gives.
 
D

Deleted member 178

Yes i want to see a test against Win10 native security.

Part 1

- SUA with UAC At max
- Smartscreen set to warn block
- allow softwares from Appstore only
- malware must be downloaded in the test system, not imported from other sources (that must be shown during the test).
- click "no" to any prompts.

Part 2

Using this reg tweak (implemented on Admin Account)

Blocking Unsigned Elevation :
90% of malware are unsigned and will request an elevation from UAC, this trick will block the request.
Create a registry file with this lines :

Code:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ValidateAdminCodeSignatures"=dword:00000001
If successfully implemented, the next unsigned process/program; won't be allow to execute, and you will have a error box.
To re-enabled unsigned elevation , use the same line but with "dword:00000000"
 
Last edited by a moderator: