Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Simple Windows Hardening
Message
<blockquote data-quote="Andy Ful" data-source="post: 945947" data-attributes="member: 32260"><p>Yes. In H_C one can still use Advanced logging. I left this option for users who would like to block also DLLs by SRP via the reg tweak. The H_C Log can also filter the logged DLLs to show only DLLs blocked by SRP in the User Space (many system DLLs are skipped for clarity).</p><p>Anyway, in the Home environment, I prefer the security model which can efficiently block the malware before it could load/run malicious DLLs or use LOLBins. It is much easier (and more efficient) to block malware in the early infection stage. Furthermore, such protection is simpler and easier to understand.</p><p></p><p>Edit</p><p>This idea is also true for SWH, except that EXE and MSI files must be efficiently protected by the AV, SmartScreen, or a kind of file reputation service in the cloud. The cautious users can be simply cautious with EXE or MSI files.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 945947, member: 32260"] Yes. In H_C one can still use Advanced logging. I left this option for users who would like to block also DLLs by SRP via the reg tweak. The H_C Log can also filter the logged DLLs to show only DLLs blocked by SRP in the User Space (many system DLLs are skipped for clarity). Anyway, in the Home environment, I prefer the security model which can efficiently block the malware before it could load/run malicious DLLs or use LOLBins. It is much easier (and more efficient) to block malware in the early infection stage. Furthermore, such protection is simpler and easier to understand. Edit This idea is also true for SWH, except that EXE and MSI files must be efficiently protected by the AV, SmartScreen, or a kind of file reputation service in the cloud. The cautious users can be simply cautious with EXE or MSI files. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
