Advanced Plus Security Evjl's Rain's Security Config 2019

Last updated
Jul 28, 2019
Windows Edition
Pro
Security updates
Check for updates and Notify
User Access Control
Notify me only when programs try to make changes to my computer (do not dim my desktop)
Real-time security
WiseVector StopX + Syshardener (checked almost everything)

Extra: Windows smartscreen, RunBySmartscreen, blocked inbound connections for most used apps, Bandizip adding zone.identifier for archives
Firewall security
Microsoft Defender Firewall
About custom security
Syshardener:
Periodic malware scanners
Zemana Portable
Norton Power Eraser
HitmanPro
Emsisoft Emergency Kit
ESET Online Scanner (rarely used, only for PUPs, super time-consuming)
Malware sample testing
Browser(s) and extensions
Chromium portable (Woolyss, full options)
Extensions: ublock origin, Windows Defender Browser Protection, Bitdefender Trafficlight, Checker Plus for Gmail, Google Translate, h264ify, Enhancer for Youtube
Maintenance tools
CCleaner (enhanced), Wise Disk/Registry cleaners, HDCleaner, Dism++, Everything, Firewall App Blocker, Softperfect RAMdisk, Windscribe, SumatraPDF, Notepad++, Sandboxie, Bandizip,...
File and Photo backup
Google Drive, Google Photos, Dropbox, MEGA
System recovery
Macrium Reflect
Risk factors
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
    • Downloading malware samples
Computer specs
i7-3630QM, 8GB RAM, GT650M, SSD Crucial 240GB

Evjl's Rain

Level 47
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Have you read the news about SecureAPlus?
They are making a Lite version that will be free forever and without nags :)
I used secureAplus in the past and didn't like it for several reasons. It felt kinda slow and buggy
it used Everything search engine for indexing files. When I disabled Everything, SAP stopped working
the scanning speed was super slow and the same for upload speed
there was no way I could disable Application Whitelisting. I don't like whitelisting

The APEX engine was useless at that time. Now it is improved but still can't compete with cylance and WiseVector's engines

I might give it a try but I don't expect much from it
Wisevector and Virustotal might be a better combo
 

imuade

Level 12
Verified
Top Poster
Well-known
Jul 29, 2018
566
I used secureAplus in the past and didn't like it for several reasons. It felt kinda slow and buggy
it used Everything search engine for indexing files. When I disabled Everything, SAP stopped working
the scanning speed was super slow and the same for upload speed
there was no way I could disable Application Whitelisting. I don't like whitelisting

The APEX engine was useless at that time. Now it is improved but still can't compete with cylance and WiseVector's engines

I might give it a try but I don't expect much from it
Wisevector and Virustotal might be a better combo
When I tried it (something like a couple of years ago, before APEX was implemented), I found it very light, but with too many FP.
Once Lite version is launched, I'll give it another try :)
 

imuade

Level 12
Verified
Top Poster
Well-known
Jul 29, 2018
566
APEX still only detects malware in exe files :unsure: and agree with @Evjl's Rain still is far compared to WV...
I think you are right, but SecureAPlus is not just APEX, it also uses application control & whitelisting and a cloud-based multi-engine scanner :)
If you use them all, you get great results from both users and testing labs :)
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,601
I tested Bandizip. It does a good job with transferring MOTW from ZIP archive to compressed EXE files. (y)
Most compressed EXE files will trigger SmartScreen, except when the EXE with MOTW is run indirectly via non-EXE loader, for example:
  • shortcut with script interpreter,
  • script file (.bat, .vbs, .js)
  • document with macro, etc.
any of these also included in the same archive as the EXE payload.

The above methods were already used in the wild. The EXE payload usually has a hidden file attribute or changed file extension. When the EXE payload is in the archive together with non-EXE loader, then the loader does not have to download it from the Internet.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top