There are many executables in System32 and SysWOW64 that most users probably don't need, but that could be used for malicious purposes, for stealing data through some script or exploit. At a glance, something like ftp.exe or mobsync.exe or wscript.exe or Powershell...
Is there a more comprehensive list of such files somewhere, with descriptions of what they do?
The purpose is to blacklist such files with SRP or similar, or, if they're needed for some critical function, block them with a firewall.
Any real-life reports of breakage would also be appreciated.
Is there a more comprehensive list of such files somewhere, with descriptions of what they do?
The purpose is to blacklist such files with SRP or similar, or, if they're needed for some critical function, block them with a firewall.
Any real-life reports of breakage would also be appreciated.