Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Avast
My experience of Avast One Free as a new user
Message
<blockquote data-quote="ForgottenSeer 97327" data-source="post: 1043406"><p>As posted here (<a href="https://malwaretips.com/threads/double-cloud-based-whitelist-protection-for-free.123384/" target="_blank">Double cloud whitelist protection</a>) I have AVAST One free in hardened mode (on my wife's Windows11 laptop) running without any problems with</p><p>- Smart Application Control enabled (allowing only trusted EXE and MSI programs to run)</p><p>- Software Restriction Policies using Hard_Configurator with AVAST profile (allowing EXE, MSI and TMP) with all hardening enabled and sponsors blocked (scriptors + enhanced)</p><p>- Blocked CMD, CSCRIPT, MSHTA, MSRA, MSTSC and WMIC by enabling all protections in MD Exploit Protection for those programs (trick first posted by Oerlink).</p><p></p><p>I have set AVAST to silently resolve everything (in silent mode but you need to disable prompt for USB connection scan).</p><p></p><p>Really happy with AVAST free <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite130" alt="(y)" title="Thumbs up (y)" loading="lazy" data-shortname="(y)" /><img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite130" alt="(y)" title="Thumbs up (y)" loading="lazy" data-shortname="(y)" /><img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite130" alt="(y)" title="Thumbs up (y)" loading="lazy" data-shortname="(y)" /> I only removed the web-protection (because it did not seem to block anything when I was playing with <a href="https://malwaretips.com/threads/free-available-malware-url-lists.119549/" target="_blank">malware URL's</a> )</p><p></p><p>I thought when Microsoft Defender and Avast perform very well in both professional lab tests and [USER=92939]@Shadowra[/USER] tests in blacklist mode (blocking bad) , the combination of these two in cloud whitelist mode (allowing only known good) must be a Fort Knox secure setup. Microsoft promises that SAC can run alongside any third-party AntiVirus solution. This provides a super safe double whitelist protection for average PC users without the hassle and limitations of zero trust solutions (still running admin with ability to run programs outside UAC protected folders).</p><p></p><p>Thanks to [USER=32260]@Andy Ful[/USER] hard work and predefined settings H_C in Simple Windows Hardening mode is a proven and zero problem atack surface reduction (blocking risky file extensions in user folders which could contain scripts or code). SRP blocking sponsors for standard users is a best practice which has proven itself as problem free for years. Except for CMD the executables blocked with MD exploit protection are also in the Microsoft Recommended Block list for WDAC (so disabling them for admin should not give any problems either).</p><p></p><p>The only unproven hardening is the disabling of CMD and CSCRIPT, but I have disabled CMD and CSCRIPT on my Windows10 desktop since 2019 without any problems, so I figured that it would be safe to kill this dinosaurus. After all CMD/CSCRIPT dates back to the introduction of Windows Windows 3.1. That was in 1993, that is 30 years ago!</p><p></p><p>With above setting the monthly Windows update and Avast update succeeded without problems as well as an update of a program installed in user space (a photobook program).</p></blockquote><p></p>
[QUOTE="ForgottenSeer 97327, post: 1043406"] As posted here ([URL='https://malwaretips.com/threads/double-cloud-based-whitelist-protection-for-free.123384/']Double cloud whitelist protection[/URL]) I have AVAST One free in hardened mode (on my wife's Windows11 laptop) running without any problems with - Smart Application Control enabled (allowing only trusted EXE and MSI programs to run) - Software Restriction Policies using Hard_Configurator with AVAST profile (allowing EXE, MSI and TMP) with all hardening enabled and sponsors blocked (scriptors + enhanced) - Blocked CMD, CSCRIPT, MSHTA, MSRA, MSTSC and WMIC by enabling all protections in MD Exploit Protection for those programs (trick first posted by Oerlink). I have set AVAST to silently resolve everything (in silent mode but you need to disable prompt for USB connection scan). Really happy with AVAST free (y)(y)(y) I only removed the web-protection (because it did not seem to block anything when I was playing with [URL='https://malwaretips.com/threads/free-available-malware-url-lists.119549/']malware URL's[/URL] ) I thought when Microsoft Defender and Avast perform very well in both professional lab tests and [USER=92939]@Shadowra[/USER] tests in blacklist mode (blocking bad) , the combination of these two in cloud whitelist mode (allowing only known good) must be a Fort Knox secure setup. Microsoft promises that SAC can run alongside any third-party AntiVirus solution. This provides a super safe double whitelist protection for average PC users without the hassle and limitations of zero trust solutions (still running admin with ability to run programs outside UAC protected folders). Thanks to [USER=32260]@Andy Ful[/USER] hard work and predefined settings H_C in Simple Windows Hardening mode is a proven and zero problem atack surface reduction (blocking risky file extensions in user folders which could contain scripts or code). SRP blocking sponsors for standard users is a best practice which has proven itself as problem free for years. Except for CMD the executables blocked with MD exploit protection are also in the Microsoft Recommended Block list for WDAC (so disabling them for admin should not give any problems either). The only unproven hardening is the disabling of CMD and CSCRIPT, but I have disabled CMD and CSCRIPT on my Windows10 desktop since 2019 without any problems, so I figured that it would be safe to kill this dinosaurus. After all CMD/CSCRIPT dates back to the introduction of Windows Windows 3.1. That was in 1993, that is 30 years ago! With above setting the monthly Windows update and Avast update succeeded without problems as well as an update of a program installed in user space (a photobook program). [/QUOTE]
Insert quotes…
Verification
Post reply
Top
