Advanced Plus Security Windows Security updated setup

Status
Not open for further replies.

Sunshine-boy

Level 28
Verified
Top Poster
Well-known
Apr 1, 2017
1,759
Don't copy this settings. Make your own! It will not work good.
You can copy only this:
C:\Users\*>*explorer.exe
C:\Users\*>*dllhost.exe
C:\Users\*>*rundll32.exe
C:\Users\*>*taskhost.exe
C:\Users\*>*dwm.exe
I know that lol
but i wanted to know about these lines
[LETHAL]
[#LOGGING]
[WHITELIST]
[DEFAULTALLOW]
 
  • Like
Reactions: SHvFl

Windows_Security

Level 24
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
Updated MemProtect.ini file (1.4 KB)

[LETHAL]
[#LOGGING]
[WHITELIST]
[DEFAULTALLOW]
# Allow caged programs program access to own folder
!*\Chromium\*>C:\Program Files\Chromium\*
!*\Microsoft Office\*>C:\Program Files\Microsoft Office\*
!*\Windows Media Player\*>C:\Program Files\Windows Media Player\*

# Allow caged programs to start printing and browsing
!C:\Program Files\*>*splwow64.exe
!C:\Program Files\*>*chrome.exe

[BLACKLIST]
# Block access to explorer from user folders
!C:\Users\*>*explorer.exe
!D:\*>*explorer.exe
!E:\*>*explorer.exe

# Block caged programs (injecting)starting (into)all other executables
*\Chromium\*>*
*\Microsoft Office\*>*
*\Windows Media Player\*>*
[EOF]

Updated SecureFolders (Trusted applications explorer.exe and syncbackfree.exe)
upload_2017-8-19_10-44-27.png
 

Handsome Recluse

Level 23
Verified
Top Poster
Well-known
Nov 17, 2016
1,242
What happened to the Shade Sandbox ABP$third-party Firefox, Adguard Spyware/own filter lists Chromium, anti-ransomware programs, Avast Hardened Mode/VoodooShield anti-executable techniques?
 
  • Like
Reactions: frogboy

Windows_Security

Level 24
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
They are on 'try out & play' images stored on backup NAS. To busy with business until December. When all goes as planned, have meeting 11 December with Florian of Excubits to combine MemProtect and Pumpernickel into preset zero configuration packages (e.g. Firefox sandbox, Office exploit mitigation).
 
Last edited:

Windows_Security

Level 24
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
That will be interesting

Well, there are still quite a few Firefox fans and people happy with Office 2007.

Office container would block exploits to affect or infect other programs and write protect windows and program files (except own Office installation folder).

Firefox sandbox would be similar except it would only have read rights to user folders with write access to Firefox appdata and download folder.

Feel free to post suggestions.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top