SecureAPlus Freemium

Discussion in 'other anti-virus software' started by sinlam, Jul 24, 2013.

  1. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    210
    Location:
    VPN city
    I've seen it block DLL's before. I don't know about (dot)SYS files though. Maybe someone from SecureAge can answer that question.

    I would be shocked if SAP had literally nothing to protect against a malicious driver being installed. From what I understand, something like a DLL or an SYS needs to be injected by something else for it to be able to do anything.

    So if your script and command line protection is good and your protection against malicious EXE's is good, like it is with SAP, then I don't know if there's anything to worry about.

    Although, I think you also need the whitelisting application to consider the parent processes of things too for that to work properly. And as far as I'm aware, SAP does monitor parent processes of things.
     
  2. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,744
    Location:
    Hawaii
    REGARDING SAP's GUI>AppSettings>Application Whitelising>Advanced Settings>Restricted Applications

    In SAP website's Knowledge Base, I could find no information about using this Restricted Applications panel.

    I notice that the list of Restricted Applications is NOT activated by default when SAP is installed.

    QUESTIONS: Should I check all boxes for the entire list? Add to the list? Or.......?
     
  3. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    210
    Location:
    VPN city
    They have checkboxes like that in case you'd ever want to delete a whole bunch of them at once.
     
  4. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,744
    Location:
    Hawaii
    Thanks. Interesting info but it doesn't answer my questions in Post #2127. Ergo, I shall post these questions at the SAP Forum.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    EDIT: My post at SAP Forum was quickly answered, in detail. The reply is HERE.
     
    Last edited: Jan 13, 2020
  5. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    210
    Location:
    VPN city
    Oh. Any files created by everything on the restricted apps list will never be automatically trusted by the whitelisting mechanism. I added all of the EXE's of my daily used applications to that list. You probably WON'T want to add the exe's of other security software though. Even if it's just a scanner.
     
  6. hendy

    hendy Registered Member

    Joined:
    Sep 15, 2014
    Posts:
    259
    It monitors all files that has PE header (https://en.wikipedia.org/wiki/Portable_Executable), including drivers (.sys), .dll, ocx, .exe, .scr, etc.
     
  7. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,744
    Location:
    Hawaii
  8. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    210
    Location:
    VPN city
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.