SecureAPlus Freemium - Updates

[Rolo]

There really needs to be a fully disable option before 29 July. v3.3.7 prevented Win10 upgrade from completing (hangs on configuring settings at 1%)--disable until reboot isn't enough.

Twice (3.3.5 was the first time) I installed SAP to a checkpointed VM, installed the build update, upgrade hangs; then, revert VM to checkpoint and install build update and it works fine with the only change being SAP is installed. The first time was with offline AV, the second, without.

 

[Azure]

It is not possible to disable permanently, because application whitelisting has to be enabled to whitelist the new files that introduced by the update, otherwise the new files will get blocked, and will be resulting to boot up issue. We have to find the process that responsible for the update, and set it as a trusted installer. We will investigate more on this issue. Thank you for informing us.

How about a permanent 'trust all'? Instead of disabling the application whitelisting, the permanent trust all would allow it to whitelist the new files even after reboot.

@Rolo
Would this be a good alternative to what you want?

 

[Rolo]

To totally paraphrase:

"Your product breaks Windows upgrades."
"That's how we designed it."
"kthxbye"​

I know what sap said; the ramifications of what he said means that nobody can have SAP installed whilst doing a Windows upgrade (and possibly other installs that complete after reboot but before the desktop). This makes SAP incompatible with Win10 IP and the Win10 upgrade until this issue resolved in some manner.

NOTE: The SAP site does not claim it works on Win10, so this could purely be an issue with Win10 specifically; I don't know. I'm just pointing out a potential problem...the iceberg on heading 29 July.

 

[Koroke San]

why my account still not activated yet, can't login in ur form, says user not exist?

 

[sap]

To totally paraphrase:

"Your product breaks Windows upgrades."
"That's how we designed it."
"kthxbye"​

I know what sap said; the ramifications of what he said means that nobody can have SAP installed whilst doing a Windows upgrade (and possibly other installs that complete after reboot but before the desktop). This makes SAP incompatible with Win10 IP and the Win10 upgrade until this issue resolved in some manner.

NOTE: The SAP site does not claim it works on Win10, so this could purely be an issue with Win10 specifically; I don't know. I'm just pointing out a potential problem...the iceberg on heading 29 July.

May I know from which version of Windows did you perform the update? Is it Win 7 to Win 10, or Win 8.1 to Win 10? Is it 32 or 64 bit? We are actually taking a look into the problem that you reported, but our team was not able to reproduce the issue. Which VM that you are testing with? Your information may helpful for us to find out the source of the issue.

 

[Rolo]

It was from 10 to 10 (10130 was a clean install, so some build after that with today's being 10166, all x64). I'm using Hyper-V that's part of Win10 Pro.

Let me know if I can help in some way w/logs or experimenting or whatever.

 

[sap]

Thank you, Rolo. We will try to reproduce it on our side first.

 

[Koroke San]

I can't access my account yet. did email but no reply yet?

 

[sap]

I can't access my account yet. did email but no reply yet?

Please checked whether it is due to case sensitive issue.

 

[Koroke San]

I register again & it works.

 

[Koroke San]

I have a questions, Can SecureAplus block or prompt user for allowing/block malicious vbs script files coz i notice many AV failed in against vbs script.

 

[sap]

Yes, it can. When there is any untrusted vbs try to run, SecureAPlus will prompt the user.
VB script is one of the default scripts that handled by SecureAPlus. It is in the Application Whitelisting advanced settings.

 

[Koroke San]

I have to report a bug. I right click malware samples pack from this thread - http://malwaretips.com/threads/malware-pack-198-samples-2015-07-11.48239/. First of all poor detection rate even using multiple signatures ( i only disable ESET/Microsoft security essential,Clamwin & Total Defense), during scan it founds only 29 threats out of 198 samples pack. Emsisoft engine was used in this scan but get poor results, i tried scan with Emsisoft emergency kit yesterday & it found 129 threats. Second during scan real time protection pops up & telling me to remove /quarantine threat, i did remove few times & finally i remove all threats found by context menu scan not by real time threat notifications. But even after that real time protection keeps pop up & telling me to clean threats which already quarantine & it was really annoying. here is the screenshot ( as u can see the malware samples 28 already quarantine that threat but i still get pop up message to remove that threat ), it happens with other malware samples too which already quarantine.

Can u tell me why this happen when threats already quarantine why it gives me pop up messages to clean the infection? Thnx

 

[TheSuperGeek]

Is this AV a a good detection rating ?

 

[Koroke San]

Tried it with 198 samples pack, found 29. It will probably get more threat detection if i enable all engines.Need to test it more.

 

[Koroke San]

also noticed today, it uploaded 1.55 GB executable files I search through log & it uploaded some of my executable like Emsisoft Antimalware, adguard, googledrivesync.exe & some dll files. I wonder why it request known software's like Emsisoft, adguard. Should select it to 1 GB upload limit decreases it's protection since it upload unknown executable to cloud & scan for possible infection i guess?

 

[sap]

I have to report a bug. I right click malware samples pack from this thread - http://malwaretips.com/threads/malware-pack-198-samples-2015-07-11.48239/. First of all poor detection rate even using multiple signatures ( i only disable ESET/Microsoft security essential,Clamwin & Total Defense), during scan it founds only 29 threats out of 198 samples pack. Emsisoft engine was used in this scan but get poor results, i tried scan with Emsisoft emergency kit yesterday & it found 129 threats. Second during scan real time protection pops up & telling me to remove /quarantine threat, i did remove few times & finally i remove all threats found by context menu scan not by real time threat notifications. But even after that real time protection keeps pop up & telling me to clean threats which already quarantine & it was really annoying. here is the screenshot ( as u can see the malware samples 28 already quarantine that threat but i still get pop up message to remove that threat ), it happens with other malware samples too which already quarantine.

Can u tell me why this happen when threats already quarantine why it gives me pop up messages to clean the infection? Thnx

Thank you for reporting, we will double check this.

 

[jamescv7]

Is this AV a a good detection rating ?

Due to its Universal AV up to 10 engines (AFAIK) surely those selective components should help to protect with maximum ratings + companion AV which shouldn't be a problem. Try it and see for yourself.

 

[Koroke San]

I tested the malware pack - http://malwaretips.com/threads/generic-worm-samples-2015-07-14.48360/#post-410720 from here & using right click context menu secureaplus didn't catch anything but everything blocked during execution. However i notice avira, bitdefender, avg & other engines in virus total detects the samples but why it can't during context menu scan? Haozip is on restricted list already & i use haozip to extract malware samples zip from MalwareTips. Are cloud engines r not up to date ? Thnx

 

[Rolo]

I've had a similar experience, SAP detected less than Zemana. I need to re-run the test to be certain.