Solved Possible rootkit infection?

[Callender]

Don't disable anything and run the installer - it should work but if you get a UAC pop up or Avast pop up asking if you want to run the file then choose to allow.

 

[Callender]

Will try to list settings here. When installation and initial scan is complete right click the icon in the system tray and "Open Secure Aplus"

Choose the "Settings" button.



Choose "Update" and configure it to "Manual Update" then it won't update to the latest version which comes with extras that you won't need.



AV Settings - uncheck everything and "Apply"



Application Whitelisting settings - choose "Interactive Mode" and "Apply"



Advanced Mode settings - trust by digital signature - then you won't be bothered when trusted signed files attempt to run.



Will post more in a little while.

 

[Callender]

Then head for the "Advanced Settings"



There's not much to do except add the executable file names for any internet facing apps that are not already on the list. Stuff like any additional installed browsers. PDF readers, email clients, anything you use to unzip files (like winzip), any office apps and so on.



That's about it really. The only time that you might want to right click the icon in the system tray and switch to "Trust All" mode is when you're installing software that you are 100% certain is safe to install.

 

[gabe22]

Thanks I'll try it out and post back how it goes.


BTW about update .. if I set it to manual, as you suggested I don't need the latest version; how would I know if I need to update this software?

 

[Callender]

Update to latest version?

Well you can update if you wish but be aware that the new version will also install "Everything Search" and leave the service running in the background all the time. I can't see why it's needed so I don't use it.

You can keep an eye on the latest releases but there's no need to update unless it actually stops working.

You can also just try it for a while and it probably won't bother you much but if you see a pop up with a detected threat then just block the file and investigate.

 

[gabe22]

I see .. ok I'll give it a try