I have almost forgotten. You can add the below extension:No problems yet. Thanks!
SETTINGCONTENT-MS
to the Designated File Types list (it is a long extension all in violet).
Hard_Configurator - Windows Hardening Configurator
- Thread starter Andy Ful
- Start date
SETTINGCONTENT-MS
to the Designated File Types list (it is a long extension all in violet).
I have almost forgotten. You can add the below extension:
SETTINGCONTENT-MS
to the Designated File Types list (it is a long extension all in violet).
OK, done. I will take my time to explore all the features, etc. in the documentation to learn as much as possible. Maybe I will even get beyond basic user!
You are on the right way.OK, done. I will take my time to explore all the features, etc. in the documentation to learn as much as possible. Maybe I will even get beyond basic user!
@Andy Ful - I have the "Run As SmartScreen" in right click context menu but neither "RAS" or "Run by SmartScreen" in Explorer context menu. I'm sure there was a post(s) on this issue but I'm unable to find it in the 35 pages of this thread. :emoji_disappointed:
Evjl's Rain the last pack of malware was pretty strong (8/8) all AV's failed.But the most disappointed results was from WD (max settings) and SHP, the last days in hub.I expected more from this two.sorry but I don't understand what you said about Runbysmartscreen
I use it because I don't want to upload everything to a website and download them 1 by 1 so I right-click and "Run-by-smartscreen" with anything I can, except the extensions you give the warning sign of SS being not supported => ignore because SS by default won't show any warning like that => to simulate a real-world scenario
I don't look at the icon, I look at the extensions. If it has .exe or anything SS supports, I will Run-by-smartscreen
I want to test WD at max settings and smartscreen but not the app Run-by-smartscreen and I also want to test WD without SS because there are so many ways to ignore SS lookup. Sorry for the confusion
I should have clarified it in the test
I think I disagree with that. It's true in theory, I guess
however, during my test with the high settings, WD allowed everything to run -> analyzed and blocked if they were malicious, if not, no notification from the beginning. It worked like a BB but not BB
I noticed some files were running for 10s and then disappeared. At the same time, the CPU usage of WD process was significantly increased -> a sign of it analyzing the files -> then WD showed a noti. with malwares were detected
WD is quite aggressive as it uploaded files even when I was right-clicking the undetected samples
it consumed >100MB of my VPN bandwidth. Once in the past, WD used to consumed all of my 200MB daily limit
- Apr 18, 2016
- 3,676
- 28,872
- 4,599
I, instead, never expect them to perform well because according to my experience, they never give a clean result especially for sophos
Their signatures are so bad that is a reason for infection. If they signatures are better, they would have had better results
also, I was disappointed with WD VPN bandwidth consumption. It consumed 150MB yesterday while bitdefender free only consumed 15MB, sophos 18MB
During the test, WD uploaded everything to the cloud => privacy concern???
I think there are some ways to get a clean result in this test
- avast hardened mode + syshardener/H_C blocking all scripts
- Block all scripts + Run everything .exe with smartscreen
- any anti-exe, comodo firewall (not preferred as they always work)
- Kaspersky's trusted application mode
Last edited:
With CF,CIS, CS settings or not,or VS with any free AV, i believe will do the job!
If you are using Trusted Vendor list in Comodo, then any malware signed by the vendor from that list will be allowed. VoodooShield in AutoPilot mode will allow all true 0-day malware.
Using AV with CF/VS is OK, but it has also some cons:
- a potential problem with system stability,
- many false positives from CF or VS.
You will find nothing about that issue. Some other application changed the default Explorer settings.@Andy Ful - I have the "Run As SmartScreen" in right click context menu but neither "RAS" or "Run by SmartScreen" in Explorer context menu. I'm sure there was a post(s) on this issue but I'm unable to find it in the 35 pages of this thread. :emoji_disappointed:
Yep, no solution is perfect,the real strength is to eliminate the possibilities to be infected,Today in hub there was a signed malware,maybe CF will not sandbox it,but the case here is if it will catch it through HIPS or FW,i believe it will.
If the signer is honored by Comodo, the malware will fly by the protection, and not just the autocontainment protection, but also the HIPS and firewall. All these components honor digital sigs, and granted "trusted" status to the file.
But you can hope that the signed malware is just a dropper -- it usually is-- and the payload is unsigned. However, if that is the case, you don't need Comodo to stop it. SRP will stop it even faster, and in fact, speed is very important if the payload runs after a reboot.
I do have RunAsSmartscreen in Explorer context menu. I think I had mistakenly toggled it off. But should RunBySmartscreen be there as well? I do not have that.
I had much more trouble understanding CF FPs than VS, so I ditched it. I currently use VS in Always On mode. Being a non-advanced user I don't have issues with it. No FPs except for an occasional familiar file already on the computer, which is not a problem for me.
- Aug 17, 2014
- 12,726
- 123,827
- 8,399
Run By SmartScreen is here in the explorer-context-menu if you had changed the settings via "Recommended Restrictions"
"Recommended Restrictions" => "Run As SmartScreen" = "Standard User"
Run As SmartScreen is in the explorer-context-menu if the settings are default via "Recommended Restrictions"
"Recommended Restrictions" => "Run As SmartScreen" = "Administrator"
Edit: I'm using "Recommended SRP" + "Recommended Restrictions" -> Run As Smartscreen = Administrator. I installed H_C from SUA.
No Run By SmartScreen in Explorer
Last edited:
No. Only one of them should be present in Explorer context menu. 'Run As SmartScreen' is related to default-deny SRP and 'Run By SmartScreen' to default-allow SRP.
Default-allow can be set when <Default Security Level> = Unrestricted.
I have now read enough of the Manual that I'm finally understanding it better. Now all set and comfortable with my configuration.
Windows Defender
Hard_Configurator
Tinywall
VoodooShield Pro
Thanks to all for your help!
It is a very good setup. Personally, I would skip VoodooShield for the better stability, or would keep WD + VoodooShield which is more user-friendly than Hard_Configurator.
Hard_Configurator is not dependent on the developer's website functioning properly. It just works. I call that user-friendly.or would keep WD + VoodooShield which is more user-friendly than Hard_Configurator.
It is a very good setup. Personally, I would skip VoodooShield for the better stability, or would keep WD + VoodooShield which is more user-friendly than Hard_Configurator.
I have H_C set at your 'set and forget" settings which is OK for me. Also, I do not foresee installing any new software since I have tried enough here on the forum. VS also is no problem for me as my system appears stable and snappy. BTW, I really like Edge - aside from a couple of annoying bugs. I guess one could say I've come over to the Dark side since I am now quite fond of Windows.
You may also like...
-
Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware- Started by Parkinsond
- Replies: 22
-
Windows 11 Patch Tuesday December 2025 (KB5072033, KB5071417)- Started by silversurfer
- Replies: 11
-
-
New Multi-Stage Windows Malware Disables Microsoft Defender Before Dropping Malicious Payloads- Started by Brownie2019
- Replies: 4
