Latest Changes
Jul 28, 2019
Operating System
  • Windows 8.1
  • Windows Edition
    Pro
    Version or Build no.
    9600
    System type
    64-bit operating system; x64-based processor
    Security Updates
    Manual Updates - User intervention required
    User Access Control
    No Dim Desktop
    Network Security (Firewall)
    Windows Defender Firewall
    Device Security
  • Windows Defender SmartScreen (Windows 10)
  • User Account
    Administrator
    Sign-in Accounts
    None
    Malware Testing
    I participate by downloading malware samples into an isolated VM environment
    Real-time Web & Malware Protection
    WiseVector StopX + Syshardener (checked almost everything)

    Extra: Windows smartscreen, RunBySmartscreen, blocked inbound connections for most used apps, Bandizip adding zone.identifier for archives
    RTP - Custom security settings
  • Major changes for Better performance
  • RTP - Details of Custom security settings
    Syshardener:
    Virus and Malware Removal Tools
    Zemana Portable
    Norton Power Eraser
    HitmanPro
    Emsisoft Emergency Kit
    ESET Online Scanner (rarely used, only for PUPs, super time-consuming)
    Browsers and Extensions
    Chromium portable (Woolyss, full options)
    Extensions: ublock origin, Windows Defender Browser Protection, Bitdefender Trafficlight, Checker Plus for Gmail, Google Translate, h264ify, Enhancer for Youtube
    Privacy-focused Apps and Extensions
    ublock origin custom filters
    Password Managers
  • Browser's default password manager
  • Web Search
  • Google, Duckduckgo
  • System Utilities
    CCleaner (enhanced), Wise Disk/Registry cleaners, HDCleaner, Dism++, Everything, Firewall App Blocker, Softperfect RAMdisk, Windscribe, SumatraPDF, Notepad++, Sandboxie, Bandizip,...
    Data Backup
    Google Drive, Google Photos, Dropbox, MEGA
    Frequency of Data backups
    Monthly
    System Backup
    Macrium Reflect
    Frequency of System backups
    Occasionally
    Computer Activity
  • Browsing web and email
  • Watch movies and other entertainment content on the Internet
  • Malware testing
  • Computer Specifications
    i7-3630QM, 8GB RAM, GT650M, SSD Crucial 240GB

    Evjl's Rain

    Level 43
    Verified
    Trusted
    Content Creator
    Malware Hunter
    Have you read the news about SecureAPlus?
    They are making a Lite version that will be free forever and without nags :)
    I used secureAplus in the past and didn't like it for several reasons. It felt kinda slow and buggy
    it used Everything search engine for indexing files. When I disabled Everything, SAP stopped working
    the scanning speed was super slow and the same for upload speed
    there was no way I could disable Application Whitelisting. I don't like whitelisting

    The APEX engine was useless at that time. Now it is improved but still can't compete with cylance and WiseVector's engines

    I might give it a try but I don't expect much from it
    Wisevector and Virustotal might be a better combo
     

    imuade

    Level 9
    Verified
    I used secureAplus in the past and didn't like it for several reasons. It felt kinda slow and buggy
    it used Everything search engine for indexing files. When I disabled Everything, SAP stopped working
    the scanning speed was super slow and the same for upload speed
    there was no way I could disable Application Whitelisting. I don't like whitelisting

    The APEX engine was useless at that time. Now it is improved but still can't compete with cylance and WiseVector's engines

    I might give it a try but I don't expect much from it
    Wisevector and Virustotal might be a better combo
    When I tried it (something like a couple of years ago, before APEX was implemented), I found it very light, but with too many FP.
    Once Lite version is launched, I'll give it another try :)
     

    Andy Ful

    Level 48
    Verified
    Trusted
    Content Creator
    I tested Bandizip. It does a good job with transferring MOTW from ZIP archive to compressed EXE files. (y)
    Most compressed EXE files will trigger SmartScreen, except when the EXE with MOTW is run indirectly via non-EXE loader, for example:
    • shortcut with script interpreter,
    • script file (.bat, .vbs, .js)
    • document with macro, etc.
    any of these also included in the same archive as the EXE payload.

    The above methods were already used in the wild. The EXE payload usually has a hidden file attribute or changed file extension. When the EXE payload is in the archive together with non-EXE loader, then the loader does not have to download it from the Internet.
     
    Last edited: