Advice Request NoVirusThanks EXE Radar Pro

Please provide comments and solutions that are helpful to the author of this topic.

vaccineboy

vaccineboy

Level 3
Verified
Well-known
Sep 5, 2018
134
Andy Ful said:
If one wants to use it with H_C, then there is a predefined setting profile for that, that allows EXE files globally: Windows_10_Avast_Hardened_Mode_Aggressive.
It can be an interesting combination for some users. NVT ERP will cover the EXE files, and H_C will allow EXE and take care of the rest. If the EXE application installer is blocked by NVT ERP, then forced SmartScreen (the H_C feature) can be used to safely install the application. (y)
NVT ERP can whitelist applications by the Signer, which can be sometimes more convenient as compared to SRP whitelisting in the home environment.
Click to expand...
Hi @Andy Ful, maybe you can consider renaming that Avast Hardened Aggressive profile into something generic such as Anti Executable or 3rd Party Default Deny? I'm using H_C at that profile with Comodo IS at CruelSister setting with great compatibility here.
 
  • Like
Reactions: Nevi, simmerskool, Protomartyr and 3 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,510
vaccineboy said:
Hi @Andy Ful, maybe you can consider renaming that Avast Hardened Aggressive profile into something generic such as Anti Executable or 3rd Party Default Deny? I'm using H_C at that profile with Comodo IS at CruelSister setting with great compatibility here.
Click to expand...
I do not know a good name for this profile. It can be used with any security solution that has a strong anti-exe module (can be a strong Sandbox, too), but it does not have to be the Anti-EXE solution. The purpose of using it with Anti-EXE is reducing alerts by the possibility of whitelisting some scripts (unsafe files) by path (hash), but still blocking the rest of scripts (unsafe files) in UserSpace.

But, the main intention is to work with an application that protects EXE files by file reputation lookup to cloud backend. This can be Comodo Firewall, Avast, VoodooShield, etc. Comodo Firewall and VoodooShield can live without H_C, although it can be used with any of them depending on settings and user habits. AVast protection can gain more.
 
Last edited:
  • Like
Reactions: Nevi, simmerskool, Protomartyr and 3 others
I

Ink

Administrator
Verified
Jan 8, 2011
22,490
Andy Ful said:
Windows_10_Avast_Hardened_Mode_Aggressive

I do not know a good name for this profile.

The purpose of using it with Anti-EXE is reducing alerts by the possibility of whitelisting some scripts (unsafe files) by path (hash), but still blocking the rest of scripts (unsafe files) in UserSpace.
Click to expand...
Throwing out some ideas
Windows 10 *3P* AntiEXE Alert Reducer
Windows 10 *3P* AntiEXE Suppressor Passive Mode
 
  • Like
Reactions: Nevi, Protomartyr, Gandalf_The_Grey and 2 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,510
Spawn said:
Throwing out some ideas
Windows 10 *3P* AntiEXE Alert Reducer
Windows 10 *3P* AntiEXE Suppressor Passive Mode
Click to expand...
It would be hard to guess that the main purpose is to work with a security application that uses a reputation file lookup for EXE files.:unsure:
Working with Anti-EXE is possible, but it is not the main purpose.
Avast (HM) + H_C is intended to be smart-default-deny (small number of alerts). Anti-EXE + H_C will still have many alerts for EXE files, although less as compared to Anti-EXE alone.

Generally, SRP can reduce alerts when Anti-EXE monitors system executables. For example, SRP can whitelist the .bat files needed by the user and block other .bat files. Anti-EXE will alert any .bat file (cannot be whitelisted) when cmd.exe is monitored.
 
Last edited:
  • Like
  • +Reputation
Reactions: Nevi, Protomartyr, oldschool and 2 others
simmerskool

simmerskool

Level 37
Verified
Top Poster
Well-known
Apr 16, 2017
2,610
Andy Ful said:
I do not know a good name for this profile.. This can be Comodo Firewall, Avast, VoodooShield, etc. Comodo Firewall and VoodooShield can live without H_C, although it can be used with any of them depending on settings and user habits. AVast protection can gain more.
Click to expand...

fwiw I just reinstalled Voodooshield 5.78 after not running VS for a few weeks, and just changed the profile to the Avast Hardened... seems smooth so far.
 
  • Like
Reactions: Nevi, plat, Protomartyr and 4 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,510
simmerskool said:
fwiw I just reinstalled Voodooshield 5.78 after not running VS for a few weeks, and just changed the profile to the Avast Hardened... seems smooth so far.
Click to expand...
You have to remember to use "Install By SmartScreen" for MSI installers. The VS is not an Anti-EXE (although it has such capability) and detects more file types - MSI installers too. So, you can also use the H_C Windows_10_Basic_Recommended profile or SimpleWindowsHardening application.
 
Last edited:
  • Like
Reactions: Nevi, simmerskool, Protomartyr and 2 others
simmerskool

simmerskool

Level 37
Verified
Top Poster
Well-known
Apr 16, 2017
2,610
Andy Ful said:
You have to remember to use "Install By SmartScreen" for MSI installers. The VS is not an Anti-EXE (although it has such capability) and detects more file types - MSI installers too. So, you can also use the H_C Windows_10_Basic_Recommended profile or SimpleWindowsHardening application.
Click to expand...

ok! thanks!! I've been using install_by_smartscreen since installing H_C several months ago. Also long time user of VS so your profiling them for compatibility is excellent.
 
  • Like
Reactions: Nevi, Protomartyr, Gandalf_The_Grey and 1 other person
Brahman

Brahman

Level 18
Verified
Top Poster
Well-known
Aug 22, 2013
886
shmu26 said:
It looks like Andreas took down the links to NVT ERP 4 beta. Anyone have a sharable link to the latest version of it?
Click to expand...
here you go. Filebin :: bin nzpm49til1gw3xvd
( I don't know whether this is the latest version or not. I have not checked it for a long time. But this file was with me, kindly have a look. )
 
Last edited:
  • Like
Reactions: Nevi, Gandalf_The_Grey and shmu26
shmu26

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
SearchLight said:
Anyone using the latest NVT EXE Pro 4.0 Beta? Working as good as a stable version? I am thinking of using it alongside Avast Free in default alert mode out of the box or should I change to another protection mode? It reminds me of VS.
Click to expand...
It is as solid as stable version. I tried it recently. It is much more geeky and complicated than VS, there is a learning curve.
 
  • Like
Reactions: Zartarra, Nevi, Sunshine-boy and 5 others
silversurfer

silversurfer

Super Moderator
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,111
ItsReallyMe said:
What is the difference of learning mode and alert mode?
Click to expand...

As far as I can recall, Learning Mode should be enabled only temporary to allow automatically known processes...
Alert Mode is default to be used permanently, but you have to allow or deny manually.

Note: Keep in mind this software may doesn't work properly, latest release was very long time ago ;)
 
  • Like
  • +Reputation
Reactions: Zartarra, shmu26, Nevi and 4 others
shmu26

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
silversurfer said:
As far as I can recall, Learning Mode should be enabled only temporary to allow automatically known processes...
Alert Mode is default to be used permanently, but you have to allow or deny manually.

Note: Keep in mind this software may doesn't work properly, latest release was very long time ago ;)
Click to expand...
+1
Learning mode makes an allow rule for everything that you do or that happens by itself on your system, so it is to be used with caution.
 
  • Like
  • +Reputation
Reactions: plat, silversurfer, Zartarra and 2 others
silversurfer

silversurfer

Super Moderator
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,111
  • Like
  • +Reputation
Reactions: Zartarra, Gandalf_The_Grey, harlan4096 and 1 other person

Similar threads

oldschool
    • +Reputation
    • Like
    • Applause
Privacy News Ghostery’s CEO says regulation won’t save us from ad trackers
Replies
8
Views
3,005
Security News
bazang
bazang
Brahman
    • Like
    • Wow
    • +Reputation
Security News Secure Boot is completely broken on 200+ models from 5 big device makers
Replies
0
Views
2,408
Security News
Brahman
Brahman
Morro
    • Like
    • Wow
    • Applause
Advice Request Looking for advice for new Desktop I will get. (Soon I hope.)
Replies
42
Views
3,795
General Security Discussions
Morro
Morro

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top