Hello, maybe ask'd n answer'd before....does SAP play well with SBoxie....how does SAP play with SBoxie.... How do I pull 3.3.3.....dl from SAP website pulls 1.82 MB 3.3.2 Installer... How do I choose between Full and wo Offline with 3.3.2 Installer. Does 3.3.2 update to 3.3.3 Do I need Full as I run Norton. Do SAP users utilize Full for Offline on demand second opinion scan with a resident AV I've been reading on demand is cumbersome...may be best to rely solely on cloud. IDK I'm confused as to what is Universal AV vs. Offline AV. Is ClamAV for Offline ? How does the optional Offline AV data base get updated ? Without Offline AV is for systems with existing AV. Does that mean any AV or with existing Clam AV
@bjm_ No changes on the online installer. When you use online installer, it will retrieve the latest version from our server automatically. Online installer version is v3.3.2 now. To download offline installer, you can click on the "Need offline installer" link. Sandboxie should be compatible with SecureAPlus without any problem. If you run Norton as antivirus, we recommened to choose the one without Offline Antivirus as this will slow down your machine when Norton and our Offline antivirus fighting for resources to scan the files. Universal AV is cloud AV. Currently there are 12 engines. Offline AV is ClamAV. The offline AV database update is done periodically by SecureAPlus itself. There is a configuration to control the update frequency and you can also do manual update if needed. Without Offline AV means no Offline AV (ClamAV) will be installed on your machine. The reason why we still need offline AV is to scan your document as the Cloud AV do not scan it for you due to privacy issue.
@RLim ...So, how do I get to 3.3.3....sorry, don't understand online installer version is v3.3.2....how do I get to 3.3.3 after install of 3.3.2 How does SAP update minor updates. How does SAP update major updates. SBoxie is compatible....does that mean SAP runs through SBoxie. SAP website offers SAP protects browser from nasties landing from my browser. If my browser is SBox'd does SAP run in / through my SBox. So, Offline AV scanner is ClamAV which I may also install direct from Clam AV as a stand alone. And as I have resident AV and or other on demand scanners for document scans. I don't really need Offline scan engine Clam AV. Correct ? Does perhaps Clam AV add to context menu for on demand / on the fly file scans. Seems bizarre to imagine running without resident AV and relying solely on SAP Universal AV + Clam AV. Is SAP that good that resident AV is redundant. Offline still confuses as Clam AV is not real time. So, I'm offline and I'll open a personal PDF. What happens. How does SAP Clam AV protect. Suppose Flash Player ver17 has been uploaded scanned whitelisted as safe but, in fact has as unknown not as yet reported vulnerability. What does SAP do ? Suppose the vulnerability is at some point found and reported. What does SAP do ?
You can download it from: http://www.secureaplus.com/Main/secureaplus_download.php Click on "Absolutely Free For 1 year". The message of the button may be a bit misleading, it's actually the download button. This button will lead you to download the latest "online" installer. This "online" installer will download and install the package according to what you choose (either with offline AV or without offline AV). If your browser is SBox'd, it will run through your SBox. It can help you to detect if the browser is trying to secretly install or run a malicious payload. If you install with offline AV (ClamAV), ClamAV will scan the pdf file when you open it. SAP does not cover other third party software's vulnerability. It can only notify you if the AntiVirus engines that we have, detected it as malware. In most cases the AV engine will not mark software vulnerability as a malware, so you may not get notified. You may need to check with the software vendor, or set the auto update for the software (e.g. Adobe Flash Player), to make sure it catch up with all the vulnerability and bugs fixed.
I just updated to v3.3.3...However, in the GUI it says different, i.e. not-up-to-date! It seems the GUI is wrong.
This is a bug from our side. You may try to reboot one more time. On your next reboot onward it should say "up-to-date".
I am not in my SAP snapshot at present. I will see what happens when I reboot into that snapshot. However, when I rebooted as suggested by you, earlier tonight...I got this popup again, which I also got when I had updated to the previous version on March 1. This screenshot is from that time... See my posts in this thread in early March. Spoiler: screenshot
Um, Thanks...that's what I did... I pulled the installer from the Absolutely Free bar...it's 3.3.2. That's not my question. I simply was asking if SAP will update internally for minor and major or if new version requires new installer. Great to read SAP run through SBoxie. That's a big bonus from the whitelist app I'm running now. Thanks Understood, SAP not for program vulnerabilities. I've read the 3.2 User Guide and Install / Uninstall pdf's. ... No info on how SAP updates. No info on how to setup Universal AV real time and Clam AV not real time as there's only one real time check box that as a guess applies to Univ and Clam. Not meaning to be a bother. Thanks. Don't know if I should pull 3.3.2 and 3.3.2 will update to 3.3.3 or if I'll need a discrete installer for 3.3.3
@hendy Do I understand...? 1) SAP scans, builds and uploads a repository of files / fingerprints (minus personal) to SAP's cloud ....from this repository my resident whitelist is formed. Comment ? 2) My SAP cloud repository is scanned around the clock.... Correct ? 3) SAP alerts as required and my resident whitelist will adjust based upon my alert decision. Comment ? 4) And since my repository is under 24/7 scan....then there's no need for me to schedule scans by my third party AV nor run second opinion on demand third party scanners. Comment ? 5) Does the 24/7 cloud scan... first scan for changes then perhaps only deep scan what has changed... how does that work ? Comment ? 6) My SAP cloud repository supposedly has no personally identifiable info. How does SAP tag my repository back to my machine. ?? 7) My Norton has resident based defs...so, files are scanned locally. Does Universal AV scan entire files / items or hash's or simply changed hash's. ?? 7a) What does Universal AV do with unknowns....does the entire item upload to the cloud. Does it stay in the cloud until it's classified. ??
When you download and install the software again, it should display the correct update status. This bug caused the software needs to be updated two times. After the second time update, it should display the correct status. We will fix this in the next release.
By default, the settings is auto update. It will automatically download and install the latest version (silently) when it is available. To change this, go to "Settings"->"Update", and you can choose your preferred update method (it is in the user guide, on page 61, section 5.1.4 Updates). To Setup the real-time scanning, go to "Settings"->"Scan Settings"->"Anti Virus". Offline AV means ClamAV (we are not sure whether we will change the engine in the future, so we use the generic name, offline AV). To setup Universal AV real time and Clam AV not real time, Untick Enable Offline Anti Virus, Tick Enable Universal AV, Tick Enable real-time scanning (in the user guide page 50). May be the explanation in the user guide is not clear enough, we will feedback this to our team member. When you are using the online installer, it will always download and install the latest available version (regardless of the online version that you have). This is make it easier for the user, so if they have downloaded one of the online installer a long time ago, to re-install, they do not need to download the online installer again. Just simply execute the online installer, then it will automatically download and install the latest version.
@hendy Aha! So, with the understanding now that the online Installer is a universal Installer. I may Install SAP as Full...experiment, and see what's what. Then may I run the online Installer again to refresh SAP wo Clam AV. Basically, does the universal Installer uninstall / clean up prior to new SAP Install. Much Thanks !
1) Yes, when SAP is doing initial full system scan, at the same time it also build the initial whitelist database. This whitelist database, which contains the file fingerprints, will be be sent to the cloud after initial full system scan is completed. 2) You are right. 3) When the cloud detected any malware, it will notify the user, so the user can take an action. User can delete or quarantine the file, and by doing this, the file will also automatically untrusted (the whitelist database will be automatically adjusted). Sometimes the user may think that it is a false positive, so the user may take "ignore" action (in this case whitelist database will not be adjusted). 4) You can let Universal AV to do full system scan for all your applications (24/7 scan), but this does not cover document files (because of the privacy issue). If you have third party scanner, usually they will scan the document when you open the file. 5) At the beginning, your system will send your initial whitelist. Subsequently it will only send the changes, and this changes will be appended into the cloud database. When it scans, it is not only scan the new changes, but the entire whitelist. For new changes, sometimes we may not have the sample file in the cloud, so it may upload the file from your machine, and queue it for scanning. 6) We only tag you based on your SecureAPlus id, which you can see from "About". This id is unique for every machine. 7) Based on the hash, if we have it in our database, we will use the information from our database. If the file is new, it will require your machine to upload the file. 7a) UAV will upload the item to the cloud. It will stay in the cloud, not only until it's classified, but we will also need this for doing 24/7 scanning.
If you have an existing version, you don't need to uninstall. You can just re-install over it. You are welcome.
Very interesting informative and helpful ~ Thanks re: 7a) guess I imagined once classified the item would have a hash and the cloud would free up space and just retain the hash.... So, since the tag is unique. Subsequent Installs will rely on the initial scan / database.
Most of the time actually we only require the hash. The scanning for the physical file is necessary in case the engine change the detection. For example, for a new malware, today the AV engine may not classify it as malware, but may be one week later they detected it as a malware, so we may need to update our database.
So, a file that I've quarantined as a false positive or too new or unknown would still be under consideration in the cloud. Then hopefully, depending on Universal AV consensus...would the file be pulled from quarantine if the file is classified as safe. How is a quarantine sorted... Can an exonerated detection / quarantine resume it's original place on my machine. ** It's hard to grasp that SAP will not bump heads with Norton ** ** It's hard to grasp that UAV multi engines will not bump heads ** Maybe the devil is in the details...and the details include that SAP programming is up to the task.... just not easy to grasp.
If you have quarantined the file, it will not pull the file quarantine. In the Quarantine UI, you can sort the items according to your preference by clicking on the column name.
@hendy sorry, we crossed posting ** It's hard to grasp that SAP will not bump heads with Norton ** ** It's hard to grasp that UAV multi engines will not bump heads ** Maybe the devil is in the details...and the details include that SAP programming is up to the task.... just not easy for me to grasp.
clamav was already mentioned. since it its open source anybody can use and change code for its purpose. nevertheless i dont like those commercial forkes. i had SAP running in the box and my opinion about: crap. too many strange processes running. in one of my favorit forums there was announced this one (clamav too) http://sniperscan.de/index.html#Getthisinenglish if someone need a browser extension for firefox on linux for clamav https://addons.mozilla.org/de/seamonkey/addon/clamdrib-lin/ HTH
Are you suggesting Sniperscan as a replacement for ClamAV. Are you suggesting Sniperscan as a replacement for SAP. Are you suggesting open source is not desireable. What commercial folks don't you like. What box did you have SAP running in. Are you suggesting SAP spawns strange processes. Are you suggesting SAP calls up strange processes. Please explain "crap"
