Reply To: Identity Theft

    No, not per se, but if a non-whitelisted executable is involved, then that will be detained for questioning.

    VS doesn’t normally care about the nature of the attack, but it is very anal about an exe’s right to work–no Green Card, no work.  I’m pretty sure Dan’s got this to cover scripting and stuff from browsing.  Many legit sites do have ads served from a service site, and those sites often get compromised 🙁

    You can make life even more boring (for yourself 😛 ) by using the Rules to lock down %appdata/user/local/temp% with a Silent Block.  Do this for every user on your box, which will be at least your LUA and your Admin account.  This will make life difficult when you want to install softs from lazy devs but.  Also do it for C:\Program Data, as nothing should ever be executed from that.

    I also recommend using Windows Firewall with Windows Firewall Control.  Malware that can’t phone home is the definition of impotence.


    Understanding the scope of the problem is the first step on the path to true panic. [Florence Ambrose, "Freefall"]