Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
ConfigureDefender utility for Windows 10/11
Message
<blockquote data-quote="Andy Ful" data-source="post: 925622" data-attributes="member: 32260"><p>It seems that people still can have a problem with the ASR prevalence rule:</p><p>[URL unfurl="true"]https://www.wilderssecurity.com/threads/windows-defender-is-becoming-the-powerful-antivirus-that-windows-10-needs.383448/page-126#post-2983078[/URL]</p><p></p><p>The solution described by [USER=23015]@Nightwalker[/USER] is not optimal:</p><p>[URL unfurl="true"]https://www.wilderssecurity.com/threads/windows-defender-is-becoming-the-powerful-antivirus-that-windows-10-needs.383448/page-126#post-2983082[/URL]</p><p></p><p>I would like to recall the easy procedure to bypass this rule if it is necessary:</p><ol> <li data-xf-list-type="ol">Run ConfigureDefender and temporarily set the ASR rule "Block executable files from running unless they meet a prevalence, age, or trusted list criteria" to <strong><span style="color: rgb(184, 49, 47)">Audit </span></strong>(do not choose Disabled).</li> <li data-xf-list-type="ol">Run the blocked application. If it is an installer then run the installer and next run the installed application.</li> <li data-xf-list-type="ol">Set the ASR rule to <strong><span style="color: rgb(0, 168, 133)">ON</span></strong>. WD will automatically remember that the application has to be allowed locally, so it will not be blocked again by this ASR rule on this particular computer.</li> </ol><p>A similar thing cannot be done by disabling the ASR rule, because after enabling this rule the file will be blocked again. When disabling the rule the application executable has to be additionally excluded by using <Manage ASR Exclusions> in ConfigureDefender and Windows has to be also restarted (changing ON<--->Audit does not require restarting). This procedure is more complicated than the procedure described in points 1-3. <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /> <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite130" alt="(y)" title="Thumbs up (y)" loading="lazy" data-shortname="(y)" /></p></blockquote><p></p>
[QUOTE="Andy Ful, post: 925622, member: 32260"] It seems that people still can have a problem with the ASR prevalence rule: [URL unfurl="true"]https://www.wilderssecurity.com/threads/windows-defender-is-becoming-the-powerful-antivirus-that-windows-10-needs.383448/page-126#post-2983078[/URL] The solution described by [USER=23015]@Nightwalker[/USER] is not optimal: [URL unfurl="true"]https://www.wilderssecurity.com/threads/windows-defender-is-becoming-the-powerful-antivirus-that-windows-10-needs.383448/page-126#post-2983082[/URL] I would like to recall the easy procedure to bypass this rule if it is necessary: [LIST=1] [*]Run ConfigureDefender and temporarily set the ASR rule "Block executable files from running unless they meet a prevalence, age, or trusted list criteria" to [B][COLOR=rgb(184, 49, 47)]Audit [/COLOR][/B](do not choose Disabled). [*]Run the blocked application. If it is an installer then run the installer and next run the installed application. [*]Set the ASR rule to [B][COLOR=rgb(0, 168, 133)]ON[/COLOR][/B]. WD will automatically remember that the application has to be allowed locally, so it will not be blocked again by this ASR rule on this particular computer. [/LIST] A similar thing cannot be done by disabling the ASR rule, because after enabling this rule the file will be blocked again. When disabling the rule the application executable has to be additionally excluded by using <Manage ASR Exclusions> in ConfigureDefender and Windows has to be also restarted (changing ON<--->Audit does not require restarting). This procedure is more complicated than the procedure described in points 1-3. :) (y) [/QUOTE]
Insert quotes…
Verification
Post reply
Top
