Q&A NoVirusThanks EXE Radar Pro

vaccineboy

Level 2
Sep 5, 2018
77
If one wants to use it with H_C, then there is a predefined setting profile for that, that allows EXE files globally: Windows_10_Avast_Hardened_Mode_Aggressive.
It can be an interesting combination for some users. NVT ERP will cover the EXE files, and H_C will allow EXE and take care of the rest. If the EXE application installer is blocked by NVT ERP, then forced SmartScreen (the H_C feature) can be used to safely install the application. (y)
NVT ERP can whitelist applications by the Signer, which can be sometimes more convenient as compared to SRP whitelisting in the home environment.
Hi @Andy Ful, maybe you can consider renaming that Avast Hardened Aggressive profile into something generic such as Anti Executable or 3rd Party Default Deny? I'm using H_C at that profile with Comodo IS at CruelSister setting with great compatibility here.
 

Andy Ful

Level 66
Verified
Trusted
Content Creator
Dec 23, 2014
5,591
Hi @Andy Ful, maybe you can consider renaming that Avast Hardened Aggressive profile into something generic such as Anti Executable or 3rd Party Default Deny? I'm using H_C at that profile with Comodo IS at CruelSister setting with great compatibility here.
I do not know a good name for this profile. It can be used with any security solution that has a strong anti-exe module (can be a strong Sandbox, too), but it does not have to be the Anti-EXE solution. The purpose of using it with Anti-EXE is reducing alerts by the possibility of whitelisting some scripts (unsafe files) by path (hash), but still blocking the rest of scripts (unsafe files) in UserSpace.

But, the main intention is to work with an application that protects EXE files by file reputation lookup to cloud backend. This can be Comodo Firewall, Avast, VoodooShield, etc. Comodo Firewall and VoodooShield can live without H_C, although it can be used with any of them depending on settings and user habits. AVast protection can gain more.
 
Last edited:

Spawn

Administrator
Verified
Staff member
Jan 8, 2011
20,680
Windows_10_Avast_Hardened_Mode_Aggressive

I do not know a good name for this profile.

The purpose of using it with Anti-EXE is reducing alerts by the possibility of whitelisting some scripts (unsafe files) by path (hash), but still blocking the rest of scripts (unsafe files) in UserSpace.
Throwing out some ideas
Windows 10 *3P* AntiEXE Alert Reducer
Windows 10 *3P* AntiEXE Suppressor Passive Mode
 

Andy Ful

Level 66
Verified
Trusted
Content Creator
Dec 23, 2014
5,591
Throwing out some ideas
Windows 10 *3P* AntiEXE Alert Reducer
Windows 10 *3P* AntiEXE Suppressor Passive Mode
It would be hard to guess that the main purpose is to work with a security application that uses a reputation file lookup for EXE files.:unsure:
Working with Anti-EXE is possible, but it is not the main purpose.
Avast (HM) + H_C is intended to be smart-default-deny (small number of alerts). Anti-EXE + H_C will still have many alerts for EXE files, although less as compared to Anti-EXE alone.

Generally, SRP can reduce alerts when Anti-EXE monitors system executables. For example, SRP can whitelist the .bat files needed by the user and block other .bat files. Anti-EXE will alert any .bat file (cannot be whitelisted) when cmd.exe is monitored.
 
Last edited:

simmerskool

Level 9
Verified
Malware Tester
Apr 16, 2017
410
I do not know a good name for this profile.. This can be Comodo Firewall, Avast, VoodooShield, etc. Comodo Firewall and VoodooShield can live without H_C, although it can be used with any of them depending on settings and user habits. AVast protection can gain more.

fwiw I just reinstalled Voodooshield 5.78 after not running VS for a few weeks, and just changed the profile to the Avast Hardened... seems smooth so far.
 

Andy Ful

Level 66
Verified
Trusted
Content Creator
Dec 23, 2014
5,591
fwiw I just reinstalled Voodooshield 5.78 after not running VS for a few weeks, and just changed the profile to the Avast Hardened... seems smooth so far.
You have to remember to use "Install By SmartScreen" for MSI installers. The VS is not an Anti-EXE (although it has such capability) and detects more file types - MSI installers too. So, you can also use the H_C Windows_10_Basic_Recommended profile or SimpleWindowsHardening application.
 
Last edited:

simmerskool

Level 9
Verified
Malware Tester
Apr 16, 2017
410
You have to remember to use "Install By SmartScreen" for MSI installers. The VS is not an Anti-EXE (although it has such capability) and detects more file types - MSI installers too. So, you can also use the H_C Windows_10_Basic_Recommended profile or SimpleWindowsHardening application.

ok! thanks!! I've been using install_by_smartscreen since installing H_C several months ago. Also long time user of VS so your profiling them for compatibility is excellent.
 

shmu26

Level 85
Verified
Trusted
Content Creator
Jul 3, 2015
7,967
Anyone using the latest NVT EXE Pro 4.0 Beta? Working as good as a stable version? I am thinking of using it alongside Avast Free in default alert mode out of the box or should I change to another protection mode? It reminds me of VS.
It is as solid as stable version. I tried it recently. It is much more geeky and complicated than VS, there is a learning curve.
 
Top