That was some time ago I tested two backup (Macrium and Aomei), SyncBackFree, three cleaners (Auslogic, Wise and CCleaner) Hwinfo and another system info tool and the benchmark program used on MT in which members can compare the power of their computer, and three secundary scanners (norton, sophos and malware bytes)If you will send me the links to the tested installers, I can test them against my ISG policy.
Ahh sorry yes I am using Avast Free with hardened mode, because then you have two cloud whitelist protections (ISG and Avast cloud).I installed Avast and repeated the same test. It looks like Avast uses ISG API because the results were the same as with MS Defender (Cloud-delivered protection enabled). Installation of Avast did not stop the services required by ISG. I did not test other AVs.
After uninstalling Avast I noticed that the services required by ISG has been stopped.
The ISG tests require using a Virtual Machine. Each test must be done on the fresh snapshot. This is required because when the file has been successfully executed in one test, the result is stored in the system and the file will be allowed also in another test (even if it would be normally blocked).
This is the reason we got different results. Thanks very much solving this mystery.
Does this discovery slightly opens the door to an extra ISG option in your Hybrid Windows Hardening
(the current implementation with only an extra option to enable ISG when WDAC is chosen)?
Last edited by a moderator: