I was just thinking, is there a way to have CIS recognize apps by certain vendors (signed or unsigned, certified or uncertified, or the application’s “internal file description, product name, etc” that can be found in file properties > Details tab) and block them even if Defense+ is set to Training Mode or Installation Mode?
Perhaps CIS would monitor what directory an application is going to create in the Program Files folder and especially any Registry item or directory with one or more certain names and then produce an alert saying this program has been blocked because it’s from a known vile software vendor and maybe why? (I doubt the dev team will have to write many differing reasons since all these vendors would be blacklisted for nearly the same reason.) Also, perhaps the blacklist could be updated like virus signatures and maybe even viewable like an entry in a virus encyclopedia.
I’m not sure if I should even bring this up since I feel rather selfish writing this and I’m personally irked when I see installations of stuff like/from “MyWebSearch, Freeze.com, CursorMaina, Smiley Central” various famous sites that deliver sugar-coated crapware.
This and the WOT browser addon set to block sites with poor ratings (to disable downloading the file in the first place) would be quite the deadly combo, I’ll say. :comodojiggy: