Latest changes
Dec 31, 1969
Windows Edition
Pro
OS version
7601
System type
64-bit operating system; x64-based processor
Windows UAC
Do not dim desktop - Notify me only when programs try to make changes to my computer
Firewall protection
Microsoft Defender Firewall
Account privileges
Account type
Exposure to malware
No malware samples are downloaded
Real-time Malware protection
NVT EXE Radar Pro | Sandboxie
Periodic scanners
Zemana AntiMalware | HitmanPro | Malwarebytes Anti-Malware
Browser and Add-ons
Google Chrome - Netcraft Extension | Avira Browser Safety | uBlock Origin | uBlock Origin WebSocket | KB SSL Enforcer | Tunnello VPN | The Great Suspender | OneTab
chrome security settings
Send a DNT request | malicious site blocking enabled | 3rd Party cookies are blocked | Click-to-Play enabled | Flash is disabled
chrome://flags tweaks
Extension Content Verification = enforce strict | Reduce default 'referer' header granularity is enabled
Privacy tools and VPN
Custom Hosts | uBlock Origin
Password manager
KeePass Portable
Search engine
Google
Maintenance tools
CleanMem | Process Tamer | Auslogics DiskDefrag | CCleaner
Photos and Files backup
None
File Backup schedule
Backup and Restore
None
Backup schedule
No system backups
H

hjlbx

Added.......... VoodooShield Free
It makes no sense to run NVT ERP and Voodooshield together; the duplication can result in conflicts\malfunctions at worst and double alerts for the same things at best.

A better paranoid Default Deny config would be to combo a Software Restriction Policy with an Anti-Executable.

Freeware SRPs:
  • Bouncer
  • Simple Software Restriction Policy
A more well-rounded approach would be:
  • Anti-Executable or Software Restriction Policy (NVT ERP or Voodooshield or Bouncer or SSRP)
  • Adblocker (uBlock Origin)
  • Light Virtualization or Containment (Sandboxie (paid only) or Shadow Defender or ReHIPS)
  • System Rollback (Rollback RX Home or Reboot Restore RX [a combo with Sandboxie or Shadow Defender not needed])
  • Backup\Image Restore (Macrium Reflect)
 

Overkill

Level 31
Verified
Trusted
I am testing VS, because in the past it didn't run well on my laptop so I'm trying it out again. NVT is a bit different then VS is it not? I have never had any problems in the past with NVT and VS or NVT and SecureAPlus for example.
 
Last edited:
H

hjlbx

I am testing VS, because in the past it didn't run well on my laptop so I'm trying it out again. NVT is a bit different then VS is it not? I have never had any problems in the past with NVT and VS or NVT and SecureAPlus for example.
There isn't much difference between the cores of NVT ERP and VS - except NVT ERP does not have auto-lookup for file reputation, Ai, local sandbox and Cuckoo Sandbox.

Just sayin'... running two anti-executables simultaneously on a system makes no sense. You're not going to get a higher level of protection by running two AEs at the same time - just double alerts - which in itself can cause problems and\or lead to a user mistake.
 
H

hjlbx

Now that I think about it, what's the difference in using NVT with Appguard (I know some people have used this combo) and NVT with VS?
NVT ERP is an anti-executable that has the ability to monitor and whitelist rundll32 command lines and create a custom list of monitored Windows vulnerable processes.

VS is an anti-executable that has the ability to monitor and whitelist rundll32 command lines, but the list of monitored Windows vulnerable processes is hard-coded and not customizable. NOTE: You'd have to ask Dan about the full list of hard-coded Windows vulnerable processes.

AppGuard is software restriction policy soft:
  • It blocks execution of files from User Space
  • It blocks execution of the most vulnerable file types by default
  • It runs default and user-specified vulnerable processes with limited access rights (non-Admin)
  • It provides inter-process (side-by-side) memory protections
  • User can create custom list of blocked\allowed vulnerable Windows processes
 

Overkill

Level 31
Verified
Trusted
NVT ERP is an anti-executable that has the ability to monitor and whitelist rundll32 command lines and create a custom list of monitored Windows vulnerable processes.

VS is an anti-executable that has the ability to monitor and whitelist rundll32 command lines, but the list of monitored Windows vulnerable processes is hard-coded and not customizable. NOTE: You'd have to ask Dan about the full list of hard-coded Windows vulnerable processes.

AppGuard is software restriction policy soft:
  • It blocks execution of files from User Space
  • It blocks execution of the most vulnerable file types
  • It runs vulnerable processes with limited access rights (non-Admin)
  • It provides inter-process (side-by-side) memory protections
  • User can create custom list of blocked\allowed vulnerable Windows processes
So what is the advantage of using NVTERP with Appguard? When I tried it a long time ago I never got any alerts at all from NVT.
 
H

hjlbx

So what is the advantage of using NVTERP with Appguard? When I tried it a long time ago I never got any alerts at all from NVT.
Why some combo NVT ERP and AppGuard ?
  • It is paranoid Default-Deny config and satisfies those that are paranoid
  • It is two different classes of protection and they each compliment and supplement each other
  • When disable AppGuard for soft updates or installs, NVT ERP continues to monitor entire system
It would be rather difficult to get physical system persistently infected with both NVT ERP and AppGuard installed on system

* * * * *

If you did not get any alerts from NVT ERP when you tried it, that is surefire indication something wasn't right. Perhaps it was stuck in Learning Mode or Off ?
 

Overkill

Level 31
Verified
Trusted
Why some combo NVT ERP and AppGuard ?
  • It is paranoid Default-Deny config and satisfies those that are paranoid
  • It is two different classes of protection and they each compliment and supplement each other
  • When disable AppGuard for soft updates or installs, NVT ERP continues to monitor entire system
It would be rather difficult to get physical system persistently infected with both NVT ERP and AppGuard installed on system

* * * * *

If you did not get any alerts from NVT ERP when you tried it, that is surefire indication something wasn't right. Perhaps it was stuck in Learning Mode or Off ?
Nope, both were active but no erp alerts... anyways, i am testing VS for a few days to maybe a week and if I decide to keep it for awhile I will either uninstall or disable ERP.
 
Last edited:

Overkill

Level 31
Verified
Trusted
Well, due to some lag in responsiveness that I can't deal with for very long, I had to remove Voodooshield even though I love the program... I am back to my favorite anti-exe NVTERP (light as a feather on all my systems) and I have reinstalled keyscrambler...I think I have the most finicky laptop on the planet! :mad:
 
Last edited:
H

hjlbx

Well due to some lag in responsiveness that I can't deal with for very long, I had to remove Voodooshield even though I love the program... I am back to my favorite anti-exe NVTERP (light as a feather on all my systems) and I have reinstalled keyscrambler...I think I have the most finicky laptop on the planet! :mad:
It's probably not your laptop.

NVT ERP is gold.
 
Top