Am I using SuRun + SRP correctly on Win 7?

Discussion in 'malware problems & news' started by connect4, Mar 25, 2012.

Thread Status:
Not open for further replies.
  1. connect4

    connect4 Registered Member

    Joined:
    May 20, 2008
    Posts:
    101
    I am upgrading from Windows XP to Win 7.

    Using newest version (1.2.1.0), and I've created a Standard Account named as "standard user". I add "standard user" to SuRunners Group. Then I turn on SRP.

    Everything seems to work as I can't run programs without Admin rights or SRP rules. Did I set this up correctly?

    Also does anyone know if there is a KAFU for windows 7? (Kafu for windows XP will deny all auto start locations)
    https://www.wilderssecurity.com/showpost.php?p=1156834&postcount=25


    Thank you in advance!
     
  2. connect4

    connect4 Registered Member

    Joined:
    May 20, 2008
    Posts:
    101
    I guess what I am really asking is, how do we verify and make sure that SuRun/LUA and SRP is really working? (where programs running in standard account can't write/modify admin files/programs/etc). Is the only way to just test the explorer on your standard user account?
     
  3. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    I am sorry to disappoint you, but KAFU does not block all autostart locations (only the most common common). You could use these http://tcpmonitor.altervista.org/startupeye-monitor-registry-startup/ (unsigned program, simular to KAFU) or officially signed program (http://www.skyrecon.com/en/StormShield-Personal-Edition) and http://www.xyvos.com/free-antivirus.htm. Stormshield also looks at some keyboard hooks (not enough to be protected against key loggers, but when running LUA, you will be fine). Xyvos looks at autostart entries (some more than Kafu) and has some extra's (over stormshield).
     
    Last edited: Mar 30, 2012
Loading...
Thread Status:
Not open for further replies.