Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Simple Windows Hardening
Message
<blockquote data-quote="Andy Ful" data-source="post: 975173" data-attributes="member: 32260"><p>I had in mind SmartScreen for Explorer. You can see the SmartScreen prompt when the EXE/MSI files (and some others) are downloaded directly from the Internet by any popular web browser, and then executed from the file Explorer or Desktop. For example:</p><p></p><p>[ATTACH]264298[/ATTACH]</p><p></p><p>If you can see this alert, then simply do not run the file, but inspect it via Virus Total or wait one day - give the chance to someone else to be infected, so the AV could detect the malware. Your actions should depend on how strong is the AV protection against EXE files. If you use Defender with ConfigureDefender MAX settings or Avast Hardened Mode, then you can ignore this alert for EXE files. Some AVs can be highly tweaked (like KIS) and then SWH is not needed at all.</p><p></p><p>Of course, SWH can be useful with any AV, but only to support the AV protection against the attacks that use fileless methods as an initial attack vector (weaponized documents, scripts, etc.). So, even if the full attack uses EXE payload(s), SWH can break the infection chain before the EXE malware could be downloaded/dropped/executed.</p><p>But, if one wants to install pirated/cracked software (EXE installer) which is malware, then SWH will not help much.</p><p></p><p>As [USER=71262]@oldschool[/USER] mentioned in his post, the SmartScreen for Explorer can be enhanced by using RunBySmartscreen tool.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 975173, member: 32260"] I had in mind SmartScreen for Explorer. You can see the SmartScreen prompt when the EXE/MSI files (and some others) are downloaded directly from the Internet by any popular web browser, and then executed from the file Explorer or Desktop. For example: [ATTACH]264298[/ATTACH] If you can see this alert, then simply do not run the file, but inspect it via Virus Total or wait one day - give the chance to someone else to be infected, so the AV could detect the malware. Your actions should depend on how strong is the AV protection against EXE files. If you use Defender with ConfigureDefender MAX settings or Avast Hardened Mode, then you can ignore this alert for EXE files. Some AVs can be highly tweaked (like KIS) and then SWH is not needed at all. Of course, SWH can be useful with any AV, but only to support the AV protection against the attacks that use fileless methods as an initial attack vector (weaponized documents, scripts, etc.). So, even if the full attack uses EXE payload(s), SWH can break the infection chain before the EXE malware could be downloaded/dropped/executed. But, if one wants to install pirated/cracked software (EXE installer) which is malware, then SWH will not help much. As [USER=71262]@oldschool[/USER] mentioned in his post, the SmartScreen for Explorer can be enhanced by using RunBySmartscreen tool. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
