I would recommend using alert mode, at least at first, so you can have a say about what is being blocked. After you have trained ERP, then you can switch to lockdown, if you wish.Hey,
Quick question: is Lockdown Mode the recommended protection mode? Or should I just use Alert Mode?
Regardless of possible bypass, I think it's necessary to allow "Microsoft Windows system protected processes". If not, you may end up in an unstable or unbootable OS.Please explain settings: Allow microsoft windows system protected process
It has to do with the fact of the signed malware could bypass novirustnx. recommending turned on or off, thanks.
you actually have three ways of dealing with that issue:Regardless of possible bypass, I think it's necessary to allow "Microsoft Windows system protected processes". If not, you may end up in an unstable or unbootable OS.
in fact it is the best method, then after you can stay on Lockdown Mode for ever without issues.CLARIFICATION:
In my last post, I did not mean that you should whitelist the windows folder under the file locations tab. That is not so secure.
I meant to do it under the Applications tab. That way, only the current contents of the folder will be whitelisted.
Of course, you should not do this unless you are confident that your computer is clean.
first screenshot is right.
Neither I have a clue. I did a quick search for the IPs ERP is currently trying to reach:I have no clue why NVT ERP is calling back home. But you can block it without negative results. NVT ERP is not cloud-based.