SecureAPlus Forum

Forum Support => Software Problems and Questions => Topic started by: bellgamin on March 20, 2020, 02:10:13 PM

Title: SecureAPlus versus Scriptors
Post by: bellgamin on March 20, 2020, 02:10:13 PM
At Wilders forum's thread about SecureAPlus (https://www.wilderssecurity.com/threads/secureaplus-vs-voodoo-shield.376396/page-3#post-2903657) (SAP), it is alleged that:
A) SAP is somewhat weak against Scriptors (e.g. worms).
B) SAP does not check those areas of the computer where persistent values might exist that cause malware to restart on computer reboot. (That is, areas like the Registry, or Roaming, etc).

QUESTIONS:
1) What protection does SAP now provide against Scriptors?
2) What surveillance & protection does SAP now exercise relative to start-up entries in Registry & Roaming, etc.?
3) Does SAP plan to increase its level of protection relative to the issues listed in paragraphs A & B above? If so, approximately when will this occur?
Title: Re: SecureAPlus versus Scriptors
Post by: hendy on March 20, 2020, 04:33:13 PM
1) SAP has protection against script, and it is configurable.
    You may refer to: https://support.secureaplus.com/how-do-i-choose-to-associate-file-script-extension-types-to-script-interpreter/
2) Although SAP doesn't protect the registry directly, but it can protect a malware that register as start-up.
    Here is the example: http://secureaplus.secureage.com/download/Winrar.zip
    It is based on true vulnerability found in Winrar, which allow the attacker to put his code as a startup program:
    https://www.slashgear.com/19-years-old-winrar-vulnerability-leads-to-over-100-malware-exploits-16569928/
Title: Re: SecureAPlus versus Scriptors
Post by: bellgamin on March 21, 2020, 10:29:57 AM
Thanks, hendy!!! Excellent links. Very reassuring.