Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
SpyShelter 12.1 Released
Message
<blockquote data-quote="ichito" data-source="post: 877595" data-attributes="member: 15835"><p>OK...is not easy to answer but as I think everything depends on:</p><p>- kind of launched file/app</p><p>- way of launching - protection level, existed rules, using or not "installation mode", automatic allowing for some controlled actions (the list of monitored actions)</p><p>I don't remember if there exist...was discussed...something like full list of allowed/blocked actions in scenario we currently talking about...I think there is no rules that we can prepare in this matter. Your question was so interresting that I've prepared some "test" to check what will happen when we create folders as blocked. Below some info and observation:</p><p>- I tested things using SS Firewall (I don't have SS Free installed) - no rules for tested files, no actions for signers allowed, no own added signers, log tab empty, "ask user" level of protection</p><p>- two folders created - one for portable apps, second for installation files...the list of apps below</p><p></p><p><strong>Lenny_Fox_test portable:</strong></p><p>AnvirTask Manager</p><p>Autoruns</p><p>Everything-1.4.1.935</p><p>Privazer</p><p>RevoUninstaller_Portable</p><p></p><p><strong>Lenny_Fox_test install</strong></p><p>1by1_194.exe</p><p>SetPoint6.69.126_smart.exe</p><p>mbae-setup-1.13.1.164.exe</p><p>tfinstall.exe</p><p>TinyWall-v3-Installer.msi</p><p></p><p>It's hard to separate all allowed-blocked actions, list them here and add some comment because we have a lot of entries in log file. Below you have copy of log. A few words of summary:</p><p>- actions "allowed" were made mostly manualy to get the expected result of launching/working</p><p>- in case of security apps (MBAE, ThreatFire, TinyWall) I decided to set "installation mode" in first alert</p><p>- actions "blocked" were made automaticaly</p><p>- it seams that portable apps were mostly blocked in its actions</p><p>- installation file were mostly allowed especialy in case of security app.</p></blockquote><p></p>
[QUOTE="ichito, post: 877595, member: 15835"] OK...is not easy to answer but as I think everything depends on: - kind of launched file/app - way of launching - protection level, existed rules, using or not "installation mode", automatic allowing for some controlled actions (the list of monitored actions) I don't remember if there exist...was discussed...something like full list of allowed/blocked actions in scenario we currently talking about...I think there is no rules that we can prepare in this matter. Your question was so interresting that I've prepared some "test" to check what will happen when we create folders as blocked. Below some info and observation: - I tested things using SS Firewall (I don't have SS Free installed) - no rules for tested files, no actions for signers allowed, no own added signers, log tab empty, "ask user" level of protection - two folders created - one for portable apps, second for installation files...the list of apps below [B]Lenny_Fox_test portable:[/B] AnvirTask Manager Autoruns Everything-1.4.1.935 Privazer RevoUninstaller_Portable [B]Lenny_Fox_test install[/B] 1by1_194.exe SetPoint6.69.126_smart.exe mbae-setup-1.13.1.164.exe tfinstall.exe TinyWall-v3-Installer.msi It's hard to separate all allowed-blocked actions, list them here and add some comment because we have a lot of entries in log file. Below you have copy of log. A few words of summary: - actions "allowed" were made mostly manualy to get the expected result of launching/working - in case of security apps (MBAE, ThreatFire, TinyWall) I decided to set "installation mode" in first alert - actions "blocked" were made automaticaly - it seams that portable apps were mostly blocked in its actions - installation file were mostly allowed especialy in case of security app. [/QUOTE]
Insert quotes…
Verification
Post reply
Top