SecureAPlus Freemium - Updates

[sap]

I tested the malware pack - http://malwaretips.com/threads/generic-worm-samples-2015-07-14.48360/#post-410720 from here & using right click context menu secureaplus didn't catch anything but everything blocked during execution. However i notice avira, bitdefender, avg & other engines in virus total detects the samples but why it can't during context menu scan? Haozip is on restricted list already & i use haozip to extract malware samples zip from MalwareTips. Are cloud engines r not up to date ? Thnx

For manual scanning, currently it relies on the virus database that we have collected. If we had the sample file of the virus in our server, it will be detected as virus. If we don't have the sample yet, Universal AV will periodically request for the sample files. Until the server has the sample files, and scan them, then the user will get notified that there is a threat detected in the system.
We understand that most of users expect the manual scanning return the result immediately, that will mean that if there is no sample file, the file should be uploaded immediately.

We are going to run a beta program soon. In the beta program, we will revamp our UI, and the immediate Universal AV scanning (in the manual scanning) will be one of the new feature that will be introduced in the beta program. I will announce to you when the beta program started.

 

[Rolo]

I get what you're saying but I can't reconcile it with 10-12 engines detecting fewer items than a product with 5 engines...that really threw me. Caveat: this is on Win10 and nobody has said SAP is compatible with Win10--I don't think so anyway and it isn't on the product page--so I don't want to put SAP in a bad light (many AVs don't work on Win10 yet).

 

[sap]

For Windows 10, just want to confirm with you, about how the update is performed. Is it by running the setup.exe of Windows installer, or is it by automatic Windows update? We are still doing testing on it. It seems like the problem happened if the update is done by manually running setup.exe. If you were doing it in different way, please let us know the detail steps.

 

[Rolo]

It is via Windows Update but it runs an in-place upgrade on reboot--just like all the Win10 upgrades will be on launch day/dates (whenever that happens per whatever Microsoft's definition of "launch" will be at that time ). M$ should remove any potentially incompatible software but..y'know...in-place upgrades are just disasters waiting to happen anyway.

I've come to the conclusion that is what triggers a new build: I install SAP to test it and *boom* "hey! new build!"

Of course, you can't test that now because new builds are frozen until deployment of RTM "soon".

 

[sap]

Thanks for reminding me, just realized that Microsoft has suspended Windows 10 download ahead of launch. We will test with the Windows 10 iso image that we have.

 

[Rolo]

It's back! I've downloaded it and it's upgrading now on my production laptop.

I'm doing a fresh install on my VM; before I delete the old build, it there anything you'd like me to try/do with SAP and the upgrade (it is still build 10166)?

 

[sap]

Thank you, Rolo. Actually we have something similar to disable permanently in the Application Whitelisting. It is called learning mode. It's in the Settings -> Application Whitelisting -> Advanced Mode -> Learning Mode. In my test, this mode seems to still have an issue when it is used for Windows 10 upgrade. We are still trying to figure out.

 

[Koroke San]

I reported this in ur forum many days ago but Norman still flags
Infected file: C:\Program Files (x86)\AIMP3\bass.dll, virus win32/Palevo.C[gs]
Infected file: D:\Portable Applications\AIMPPortable\App\AIMP\bass.dll, virus win32/Palevo.C[gs]

 

[Rolo]

I doubt they are able to control what Norman does.

 

[RLim]

I get what you're saying but I can't reconcile it with 10-12 engines detecting fewer items than a product with 5 engines...that really threw me. Caveat: this is on Win10 and nobody has said SAP is compatible with Win10--I don't think so anyway and it isn't on the product page--so I don't want to put SAP in a bad light (many AVs don't work on Win10 yet).

Hi Rolo, the core of SecureAPlus is Application Whitelisting, the 12 antivirus is provided for you to make prompt decision when you are trying to execute new files in your system. The current low detection seen in current version is due to the files not available in Universal AV Server. To help us to improve the detection, you can send the files to submit_malware@secureage.com. All files shall be zipped and protected by password "infected".

But nevertheless, we understand that our users expect better detection rate. Sit tight, we are currently working on On Demand scanning, which means when Universal AV do not have the file, you can send the file from the UI and let the Universal AV perform the scan at that moment. So we hope this can address low detection rate seen on current version.

But again, even with low detection rate, you should be fully protected with current version as Application Whitelisting engine will prompt the execution of new files and advise you accordingly with Universal AV or VirusTotal intelligence.

 

[Rolo]

I have a few qualms with this response; allow me to be direct:

the 12 antivirus is provided for you to make prompt decision when you are trying to execute new files in your system. The current low detection seen in current version is due to the files not available in Universal AV Server.

What's the point of having 12 AV engines (SAP's marketing point) when they aren't detecting malware that is detected by 1-, 2-, 5-engine scanners?

But again, even with low detection rate, you should be fully protected with current version as Application Whitelisting engine will prompt the execution of new files and advise you accordingly with Universal AV or VirusTotal intelligence.

Whitelisting in this case puts all the decision-making on the user and when 12 engines aren't working properly, said user is misinformed. Whitelisting/Universal AV/VirusTotal aren't to be workarounds for 12 broken engines.

 

[RLim]

I have a few qualms with this response; allow me to be direct:


What's the point of having 12 AV engines (SAP's marketing point) when they aren't detecting malware that is detected by 1-, 2-, 5-engine scanners?


Whitelisting in this case puts all the decision-making on the user and when 12 engines aren't working properly, said user is misinformed. Whitelisting/Universal AV/VirusTotal aren't to be workarounds for 12 broken engines.

We understand your concern on this. The reason why we gathered 12 engines not due to marketing, but due to the fact that antivirus engines detects virus at different rate. In one case, engine A might detect virus X first but in another case, engine B will detect virus Y first and so on. By having the 12, we hope to get you covered so all virus can be detected early enough.

Universal AV depends on having the sample files in the cloud for the scanning. With crowd sourcing, we hope to have all possible samples. We are currently working on a version which allow you to send the files directly to the Universal AV when Universal AV do not have information of the file to be executed. (Just to note that the same feature already implemented for VirusTotal). On current version, when Universal AV do not have information on the file to be executed, VirusTotal advised will be seeked. If VirusTotal also do no have any information, you can send the file to VirusTotal from the UI. So there is no misinformation was given to the user.

We are also actively collecting sample virus from other sources and we will beef up the collection posted on MalwareTips as we understand that samples are no longer send to vendors.

So stay tune for the new version. We are going to launch the beta program soon. Appreciate if all can participate in beta program. As our previous beta program, perpetual licenses will be given to active participant.

 

[sap]

We have just released SecureAPlus version 3.4.0.
This version should fix the upgrade to Windows 10 issue.

We have also added a context menu to go to the file location when you right click on a file name in "Threat Detected by Universal AV" dialog, as discussed earlier in this forum.

 

[Koroke San]

Thnx for update , but in on-demand scan it still fails to show the full location. In my test I created a folder name asper & drop another folder inside it name " samples -jklweqhjahsdfjasjdkasdasd1324234234hello" , as u can see in image it's not showing the second folder full location & the detect file name.

Also another bug i noticed is that i can't remove malware from quarantine even i selected all nor i can clean my history also can't remove files from ignore list as u can see on the pic below. Looks like new update bugged it ,fix it asap.

 

[sap]

We have fixed several reported bugs, including the disabled buttons in the Quarantine and History.

While waiting for the official release, for those who want to have quick fix, can download and install the following:

Offline version with Antivirus
https://secureaplus.secureage.com/download/SecureAPlusSetup_v3.4.0.2.exe

Offline version without Antivirus:
https://secureaplus.secureage.com/download/SecureAPlusNoAVSetup_v3.4.0.2.exe

 

[Koroke San]

After i start my computer, i check ur post & check an update, everything is up to date but suddenly it ask me my perpetual license to enter but i click on home tab & see my license is activate, i did update again & it doesn't pop up. Another thing to mention today i used other lan card to connect my internet. I guess it check for mac/ip/device ID in cloud & it didn't find my previous mac address or it was a bug?

 

[sap]

To help us to understand more about the license issue, you could send "C:\ProgramData\SecureAge Technology\SecureAge\log\SecureAPlus.log" to secureaplus@secureage.com.

 

[sap]

We are pleased to announce the official release of SecureAPlus v3.4.1.
In this version we are trying to improve the automatic files trusting process when upgrading to Windows 10, so that the user will not get too much prompting of untrusted files after upgrading to Windows 10. For further details of bugs fixed and changes, please refer to http://www.secureaplus.com/Main/secureaplus_releasenote.php

 

[Andrew999]

I think I have found a bug I used to have SecureAplus then it keeped on popping up with this window and I cant ignore the threat or delete is so I uninstalled secureAplus and all the registry keys and files because I was sick of it popping up in games it would pop up and say my computer was infected. I would click show results and it would pop up with this.I have left it about 2 hours to wait. if it doesn't get fixed I am going to uninstall.

 

[Av Gurus]

Why SecureAplus without Offline AV disables Windows Defender on Windows 10?