lets say you download a new program and go to install it. Since D+ give tons of popups about registry,and whatever, you set it to install mode. What if the program you were installing in install mode had a virus or other malware. Since you gave it permission to install, would the malware/virus also be installed or would it somehow be stopped.
I may have to turn down my settings for what D+ detects because getting dozens of warnings about registry entries gets annoying. As annoying as it is, do you all think its important to be allerted to or is it safe to disable warnings from registry alterations?
I forget what all D+ can alert you to (global hooks, windows messages, ect) so for the average user what is suggested that D+ alerts you to and what is ok to ignore?
I install stuff that I trust in Installation mode. Stuff that I get from the Dark Side I will monitor; f.e. a key generator wanting to add a run key or trying to install something at driver level that’s where a bell should be ringing…
So, D+ will not catch something if it is in installation mode?
I turned off warnings about reg editing because, unless you use installation mode, you can get 30 or more popups. That is really annoying and that is not counting all the other popups from other warnings.
While in “Installation Mode”, D+ will only give that installation power to applications set as “Installer or Updater”. If an unknown program not in your D+ policy tries to run in Installation Mode, you will still be alerted.
In order to reduce the number of pop ups to a manageable level, I was thinking about removing “protected reg keys” and “protected files/folders” from D+. Mainly because of the massive number of pop ups, and I don’t know what most of the warning from the regs keys means anyway.
Would this be a bad Idea/security risk? Would I sill have a good amout of protection if I had all the other options active except reg keys, and files/folders?
IMO you would lose a considerable amount of protection.
Malware could add itself to critical reg keys like \Software\Microsoft\Windows\CurrentVersion\Run or web browser keys as well as have access to windows/system32 and all its contents. It’s like opening up a back door in your system, like I said IMO.