SAFEPC

Publié le par kareldjag aka Michel




SafePC










SafePC is an asian product (from Singapore) which can help the user to manage and control applications and activities on his System.


SafePC has also the ability to monitor the registry (maximum 100 keys) and files/folders.














There is 2 paid licenses available:


-a pear year license for 19.90 dollars,

-a lifetime license for 39.90 dollars.







TEST:




Configuration: registry (with keys by default) and files monitoring (Documents And Settings) are enabled.






***Execution control with Leaktests:



SafePC is the winner.








***Process termination:



SafePC failed.













***Dll injection/implant:



-with Zapass: SafePC failed.









-with Copycat: SafePC failed.













***Process hijacking:



the test is not possible (safepc.exe is not on the list/has not internet access).





***API manipulation test:



-with APISpy: SafePC failed;



-with ExecuteHook demo: SafePC failed.




-with Kapimon: SafePC failed.




SafePC failed against API manipulation test.





***Finjan Tests:



-F.Demo: SafePC failed;


-F.VBS: SafePC failed;


-F.JPG: SafePCfailed (detect the packager but not the creation of the folder).


SafePC failed against Finjan tests.





***Registry tests:


-with Regtest: SafePC failed against the 2 tests;







-with Scoundrel Simulator : SafePC can only detect the startup registry key.

SafePC failed.



SafePC failed against registry test.


NB. For a more effective protection of the registry, it's suited to add others registry keys and group to monitor.






*** Simulate a trojan with Trojan Simulator:



SafePc is the winner.









***Memory manipulation test:



-with UH: SafePC failed.







-Access to physical device memory with Physmem: SafePC failed.



SafePC failed against memory manipulation test.





***Data theft with Trojan Demo:



SafePC failed (no alert from the file monitor).










***Service/driver manipulation:



-installation: SafePC is the winner.







-service termination: SafePC failed.


-driver modification: could not be specified (but can be removed with EkinX).


-unloading a driver: SafePC failed.



SafePC failed against service/driver manipulation.





***CDROM autorun:



SafePC is the winner.





***Fakes/jokes:



-open/close the CDRom drive: SafePC failed;


-launch several windows applications: SafePC failed.



SafePC failed against Jokes test.





***Buffer/Heap Overflow test:



SafePC failed against the 2 tests.





***Deactivation methods:



-trashcan: SafePC failed.





-blacklisting: SafePC failed.






SafePC failed against deactivation method.









CONCLUSION:














***The pros:





-efficient activity control,



-runs as a service,






-easy configuration of applications, process etc,



-choices for answering to the alerts (accept/unaccept, run now, for this session only, installer/uninstaller...),



-registry and files monitoring features,



-good value for money (lifetime license),



-ability to contact the support directly via the program.
















***The cons:





-does not protect against advanced threats and attacks,



-too much time/clicks for alerts answers (we have to search the answer in the list),


NB. The Password protection is not suited for a better easy-of-use.




-no learning mode (but programs are considered as trusted applications),



-laborious/arduously/ installation (internet connection is needed for downloading all the package, takes too much time and consume too much RAM),






-no help file or pdf manual (just a little faq on the web site),



-more detection than prevention protection,



-colourless graphic interface (only black&white for a paid product!),




-consume too much resource,




-only available in english language.







COMMENTS:





SafePC could be an interesting choice for beginners and classical users for monitoring legitimate applications and detecting suspicious ones.

This product is really easy to use and to configure.

The file and registry monitoring features are also interesting to detect more suspect activities.


But paranoiacs and advanced users will not find in this products all the features which could protect their computers against advanced malwares.





COMMENTAIRES:




SafePc est un produit édité par une entreprise de Singapour et qui est disponible en version "à vie" (advitam eternam) pour environ 40 euros et annuelle pour 20 E.

SafePC fonctionne en mode service et permet un contrôle de l'activité et des applications.

Disposant également de fonctions de surveillance du registre et des fichiers, SafePC est un logiciel aisé à configurer et à utiliser (sauf pour le débutant non anglophone).


Durant sa phase d'installation (pas des plus simples, car elle nécessite entre autres une connection internet), SafePC enregistre tous les programmes et processus système comme des applications légitimes, facilitant ainsi la tâche de l'utilisateur.


S'il peut détecter une entrée dans le registre ou une exécution suspecte (process inconnu), SafePC apparaît bien moins armé contre des parasites avancées.


Toutefois, la licence à vie et sa facilité d'utilisation peuvent trouver grâce auprés de certains utilisateurs.







RATING: 6.5/10



 

Commenter cet article