Latest Changes
Dec 31, 1969
Operating System
  • Windows 7 SP1
  • Windows Edition
    Pro
    Version or Build no.
    7601
    System type
    64-bit operating system; x64-based processor
    User Access Control
    No Dim Desktop
    Network Security (Firewall)
    Windows Defender Firewall
    User Account
    Sign-in Accounts
    Malware Testing
    I do not participate in downloading malware samples
    Real-time Web & Malware Protection
    NVT EXE Radar Pro | Sandboxie
    RTP - Custom security settings
  • Virus and Malware Removal Tools
    Zemana AntiMalware | HitmanPro | Malwarebytes Anti-Malware
    Browsers and Extensions
    Google Chrome - Netcraft Extension | Avira Browser Safety | uBlock Origin | uBlock Origin WebSocket | KB SSL Enforcer | Tunnello VPN | The Great Suspender | OneTab
    chrome security settings
    Send a DNT request | malicious site blocking enabled | 3rd Party cookies are blocked | Click-to-Play enabled | Flash is disabled
    chrome://flags tweaks
    Extension Content Verification = enforce strict | Reduce default 'referer' header granularity is enabled
    Privacy-focused Apps and Extensions
    Custom Hosts | uBlock Origin
    Password Managers
  • KeePass Portable
  • Web Search
  • Google
  • System Utilities
    CleanMem | Process Tamer | Auslogics DiskDefrag | CCleaner
    Data Backup
    None
    Frequency of Data backups
    System Backup
    None
    Frequency of System backups
    None
    H

    hjlbx

    Added.......... VoodooShield Free
    It makes no sense to run NVT ERP and Voodooshield together; the duplication can result in conflicts\malfunctions at worst and double alerts for the same things at best.

    A better paranoid Default Deny config would be to combo a Software Restriction Policy with an Anti-Executable.

    Freeware SRPs:
    • Bouncer
    • Simple Software Restriction Policy
    A more well-rounded approach would be:
    • Anti-Executable or Software Restriction Policy (NVT ERP or Voodooshield or Bouncer or SSRP)
    • Adblocker (uBlock Origin)
    • Light Virtualization or Containment (Sandboxie (paid only) or Shadow Defender or ReHIPS)
    • System Rollback (Rollback RX Home or Reboot Restore RX [a combo with Sandboxie or Shadow Defender not needed])
    • Backup\Image Restore (Macrium Reflect)
     

    Overkill

    Level 31
    Verified
    Trusted
    I am testing VS, because in the past it didn't run well on my laptop so I'm trying it out again. NVT is a bit different then VS is it not? I have never had any problems in the past with NVT and VS or NVT and SecureAPlus for example.
     
    Last edited:
    H

    hjlbx

    I am testing VS, because in the past it didn't run well on my laptop so I'm trying it out again. NVT is a bit different then VS is it not? I have never had any problems in the past with NVT and VS or NVT and SecureAPlus for example.
    There isn't much difference between the cores of NVT ERP and VS - except NVT ERP does not have auto-lookup for file reputation, Ai, local sandbox and Cuckoo Sandbox.

    Just sayin'... running two anti-executables simultaneously on a system makes no sense. You're not going to get a higher level of protection by running two AEs at the same time - just double alerts - which in itself can cause problems and\or lead to a user mistake.
     
    H

    hjlbx

    Now that I think about it, what's the difference in using NVT with Appguard (I know some people have used this combo) and NVT with VS?
    NVT ERP is an anti-executable that has the ability to monitor and whitelist rundll32 command lines and create a custom list of monitored Windows vulnerable processes.

    VS is an anti-executable that has the ability to monitor and whitelist rundll32 command lines, but the list of monitored Windows vulnerable processes is hard-coded and not customizable. NOTE: You'd have to ask Dan about the full list of hard-coded Windows vulnerable processes.

    AppGuard is software restriction policy soft:
    • It blocks execution of files from User Space
    • It blocks execution of the most vulnerable file types by default
    • It runs default and user-specified vulnerable processes with limited access rights (non-Admin)
    • It provides inter-process (side-by-side) memory protections
    • User can create custom list of blocked\allowed vulnerable Windows processes
     

    Overkill

    Level 31
    Verified
    Trusted
    NVT ERP is an anti-executable that has the ability to monitor and whitelist rundll32 command lines and create a custom list of monitored Windows vulnerable processes.

    VS is an anti-executable that has the ability to monitor and whitelist rundll32 command lines, but the list of monitored Windows vulnerable processes is hard-coded and not customizable. NOTE: You'd have to ask Dan about the full list of hard-coded Windows vulnerable processes.

    AppGuard is software restriction policy soft:
    • It blocks execution of files from User Space
    • It blocks execution of the most vulnerable file types
    • It runs vulnerable processes with limited access rights (non-Admin)
    • It provides inter-process (side-by-side) memory protections
    • User can create custom list of blocked\allowed vulnerable Windows processes
    So what is the advantage of using NVTERP with Appguard? When I tried it a long time ago I never got any alerts at all from NVT.
     
    • Like
    Reactions: Logethica
    H

    hjlbx

    So what is the advantage of using NVTERP with Appguard? When I tried it a long time ago I never got any alerts at all from NVT.
    Why some combo NVT ERP and AppGuard ?
    • It is paranoid Default-Deny config and satisfies those that are paranoid
    • It is two different classes of protection and they each compliment and supplement each other
    • When disable AppGuard for soft updates or installs, NVT ERP continues to monitor entire system
    It would be rather difficult to get physical system persistently infected with both NVT ERP and AppGuard installed on system

    * * * * *

    If you did not get any alerts from NVT ERP when you tried it, that is surefire indication something wasn't right. Perhaps it was stuck in Learning Mode or Off ?
     

    Overkill

    Level 31
    Verified
    Trusted
    Why some combo NVT ERP and AppGuard ?
    • It is paranoid Default-Deny config and satisfies those that are paranoid
    • It is two different classes of protection and they each compliment and supplement each other
    • When disable AppGuard for soft updates or installs, NVT ERP continues to monitor entire system
    It would be rather difficult to get physical system persistently infected with both NVT ERP and AppGuard installed on system

    * * * * *

    If you did not get any alerts from NVT ERP when you tried it, that is surefire indication something wasn't right. Perhaps it was stuck in Learning Mode or Off ?
    Nope, both were active but no erp alerts... anyways, i am testing VS for a few days to maybe a week and if I decide to keep it for awhile I will either uninstall or disable ERP.
     
    Last edited:
    • Like
    Reactions: Logethica

    Overkill

    Level 31
    Verified
    Trusted
    Well, due to some lag in responsiveness that I can't deal with for very long, I had to remove Voodooshield even though I love the program... I am back to my favorite anti-exe NVTERP (light as a feather on all my systems) and I have reinstalled keyscrambler...I think I have the most finicky laptop on the planet! :mad:
     
    Last edited:
    H

    hjlbx

    Well due to some lag in responsiveness that I can't deal with for very long, I had to remove Voodooshield even though I love the program... I am back to my favorite anti-exe NVTERP (light as a feather on all my systems) and I have reinstalled keyscrambler...I think I have the most finicky laptop on the planet! :mad:
    It's probably not your laptop.

    NVT ERP is gold.