SecureAPlus Freemium

Discussion in 'other anti-virus software' started by sinlam, Jul 24, 2013.

  1. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,138
    Location:
    Hawaii
    I see. Thanks.

    For me, I don't want any offline scanners integrated into SAP. Universal AV, plus my 2 offline scanners, is enough. If I wanted a "conventional" AV, I would have used Kaspersky. But I do not want a conventional AV. That's why I bought a license for SAP Pro. I have confidence in SAP as one solid brick in my computer's security wall.
     
  2. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    315
    Location:
    VPN city
    A slight misconception you seem to have about essentials and pro. Essentials still has everything except for the policy thing and the process protector. I just use pro because when freemium was an option, being a paid user would give faster results from the cloud server, I don't know if I get faster results from scans for being pro than I would if I was only on essentials, but I ended up buying a license shortly before 6.0.0 and so now I'm continuing on as a pro user.
     
  3. hendy

    hendy Registered Member

    Joined:
    Sep 15, 2014
    Posts:
    264
    There is a way to uninstall ClamAV:
    upload_2020-8-7_9-42-11.png

    If you installed the new version (not upgrading), ClamAV is no longer included.
     
  4. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,138
    Location:
    Hawaii
    I upgraded to Pro for the process protector.
     
  5. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    315
    Location:
    VPN city
    I was talking more about the avira addon. Every time I try to uninstall it SAP will say there's an update available and then it will want to download the avira addon again.
     
  6. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    315
    Location:
    VPN city
    On another note. I have some input about automatic mode.

    In the previous build I noticed that the alerts in interactive mode have changed a little. One thing I noticed is that SAP will give you the green light when a file is unknown to the UAV, but not detected as malicious by APEX.

    The automatic mode should always submit any unknown files to the UAV to get the rating from that too before it should ever potentially allow something.

    Nothing is infallible, so the closest you can get to perfect is to always improve the things you make, fiddle with your creations to find flaws, then fix those flaws and start fiddling some more.
     
  7. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,138
    Location:
    Hawaii
    I will usually defer installing any file while it is in an "unknown" status to UAV.

    As the saying goes, "If it isn't broken, you just haven't tweaked it enough." :shifty:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    By the way, do you know how I can take a look at whatever is on my whitelist -- stuff I have told SAP to ignore etc?
     
  8. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    315
    Location:
    VPN city
    Oh...go into the quarantine menu and that stuff is in one of the tabs there

    There's also Settings>Scan Settings>Exclusions.

    But if you're talking about stuff that you told the whitelisting component to allow, I don't know how to manually remove entires from the locally stored whitelist...Edit! Actually, right click the folder the allowed file is in, "manage whitelist" find the file in there change its status to "untrusted" in the dropdown menu in the same row
     
  9. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,138
    Location:
    Hawaii
    I meant that I want to see the entire whitelist that is backed up on my computer to a file named sawhitelist.dat. That backup is done via the SAP GUI by...

    App Settings > Application Whitelisting - Advanced Settings > Whitelist Tab > Export Whitelist

    Or maybe they don't want users looking at ito_O
     
  10. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    315
    Location:
    VPN city
    More about automatic mode. See? It's giving me a green light despite the fact that it's unknown to the UAV. Does this mean it would be allowed in automatic mode? I have trust by digital signature turned off by the way.
     

    Attached Files:

  11. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    315
    Location:
    VPN city
    In that case, I don't know how to go about doing that.

    But I did discover that the backup of the whitelist also does a backup of your settings and everything you added to the list of restricted applications too.
     
  12. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,138
    Location:
    Hawaii
    Your attached file (an alert by SAP) shows the suspect file (firefox setup) was clean per Apex AND also signed by Mozilla Corp. Reference SAP GUI...
    App Settings > Application Whitelisting - Advanced Settings > Trusted Certificates Tab

    Unless you removed them, 3 instances of Mozilla certificates are included as Trusted on that list. Thus, although the firefox setup file is unknown to UAV, it is okayed by 2 other checks: #1-Apex & #2-trusted certificate. IMO, I personally would accept that as a valid green light. However, I am still very much in the learning phase with SAP, so it's VERY possible I missed your point.

    I recognize that you have turned-off Trust by Digital sig. I agree from the standpoint that I would not green light a file that was validated ONLY by a trusted sig although unknown to UAV & not stated as clean by Apex. However, I would accept a trusted sig if it were also supported by Apex, as in the case you have illustrated. IMO, your question fully warrants a posting at SAP's forum so that it will come to the attention of SAP's representatives. It's a good tech issue & I would like to see their response.

    By the way, I do not use auto mode & your post has given me good reason to continue that practice until SAP's reps answer your question.
     
    Last edited: Aug 8, 2020
  13. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    315
    Location:
    VPN city
    A digital signature is a glorified name tag. It doesn't necessarily mean that it's good or bad. The hacked version of ccleaner had a totally "legitimate" digital signature from piriform, if SAP was allowing by a digital signature, even if it was also checking the thumbprint in that case, it would still allow that hacked, malicious version of ccleaner to run. Just because it was wearing the right name tag at the right time. There wouldn't be any way to sniff out a "bad" digital signature in that case, because the production of ccleaner had been silently hijacked. and that was AFTER Avast bought piriform and took over the development of it.

    I tried to attach a screenshot to SAP forums before it said it was too big, even though I cropped it down really small. I have the same name over there GrDukeMalden. They know my email address over there.
     
  14. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    482
    Hi, I am new to SecureAplus and getting to grips with it and liking what I see so far. The one query I have is the Automatic mode. I see a couple of entries above for it but couldn't find anything about it in the help instructions. What is the consensus on this mode? Do you leave it in automatic mode, which is as it came or move to interactive mode? Thanks in advance
     
  15. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,138
    Location:
    Hawaii
    Minimum pop-ups: use automatic
    Safety first: use interactive

    As for me: wouldn't touch automatic with a 100' pole.

    SecureAPlus (SAP) has 3 main guard dogs of protection: APEX (AI virus checker), Universal (Multiple signature-based virus checkers) & Whitelist.

    When SAP checks a given file as to whether it's "safe" or not, it will give you a green light (safe) if all 3 dogs say it's okay. Fine... well & good. HOWEVER, if the Universal dog says the file is unknown to its multiple virus checkers, BUT the other two dogs say it's okay, then automatic mode will decide that the file is safe.

    In post #2181 above the Duke infers that it's risky for automatic mode to accept such a file as being safe. I AGREE. If a file is unknown to Universal, that does NOT mean it's safe. It might be safe OR it might be a zero-day malware which is so new that Universal's multiple virus checkers simply haven't heard about it yet.

    Apex is SAP's guard dog for catching those zero-day nasties. Is it good? Yes. Is it fool-proof? No, nyet, nein, never happen! It's a crap shoot to accept a file when Apex says okay but Universal says, "Duhhhh."

    In post #2182 I said I will usually wait to accept a file until after Universal can DEFINITELY say the file is safe. But automatic mode won't give me the option of waiting. That's why I use interactive. If someone is going to roll the dice on keeping my computer UNinfected, it's going to be me, not some software program.
     
  16. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    482
    Many thanks Bellgamin, just the answer I was looking for. I will be swapping to interactive mode for sure

    Edit.............done :)
     
    Last edited: Aug 10, 2020
  17. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    315
    Location:
    VPN city
    If you don't want to worry about alerts or automatically allowing something bad, lockdown mode in silent mode. Detected threats get insta-quarantined, unknown gets blocked, anything with a signature in the trusted certificate list is allowed.
     
  18. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,868
    I have tried to do this previously, but unsuccessful each time. This time it has been under way for the last nine hours. Just ridiculous, IMO. BTW, this is being done using my Admin account, so little else is running.

    SAP_Compact_Whitelist_50% done after nearly nine hours.JPG

    EDIT: I meant 21 hours....:thumbd:
     
    Last edited: Aug 15, 2020
  19. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,138
    Location:
    Hawaii
    Bummers! :blink: I suggest you raise this issue at SA+ Forum.
     
  20. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,868
    @bellgamin

    Nothing happens there. I prefer Wilders' since this is where I got to know about this software. Also, I have been beta testing this from the beginning. :) @hendy will no doubt comment.
     
  21. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,138
    Location:
    Hawaii
    Check my posts at that forum. SA+'s representatives have always responded to my questions & issues, usually within 1 or 2 days.

    Is SA+ a key element in your computer security or is it just something you are monitoring as it develops?
     
  22. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,868
    I usually pick a product and especially when I get in at the ground floor, so to speak, and if I believe in it, then I will stick with it. From my history of posts here in Wilders', that is so evidenced. When it comes to my product use, I have no barrel to push. :)
     
  23. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,252
    Location:
    Germany
    Hi all

    I need some help for the german translations from the german users of SecureAPlus see my screenshotzs

    02.12.2018 Nadja nana fotomodel & Tänzerin:

    Trust once = Einmal vertrauen

    Always trust = Immer Vertrauen

    Less info on newly created file = Weniger Informationen zur neu
    erstellten Datei
    Don`t trust once = Vertraue nicht einmal

    Always don`t trust = Vertraue immer nicht

    02.12.2018 Nadja nana fotomodel & Tänzerin1

    Trust once = Einmal vertrauen

    Always trust = Immer Vertrauen

    More info on newly created file = Weitere Informationen zu neu erstellten Dateien
    Don`t trust once = Vertraue nicht einmal

    Always don`t trust = Vertraue immer nicht

    The above process created the following new file and may create more = Der obige Prozess hat die folgende neue Datei erstellt und kann weitere erstellen

    This behaviour is normal for installation or update processes. = Dieses Verhalten ist bei Installations- oder Aktualisierungsprozessen normal.

    Would you like to trust files created by this process = Möchten Sie Dateien vertrauen, die durch diesen Prozess erstellt wurden?

    With best Regards
    Mops21
     

    Attached Files:

  24. Freki123

    Freki123 Registered Member

    Joined:
    Jan 20, 2015
    Posts:
    130
    Maybe:
    Always don`t trust= Vertraue nie
    Don`t trust once = Vertraue einmal nicht
     
  25. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,868
    About 12 hours later and, now at 77%... But, whilst this process has been going on, I have had constant heat and noise from the cooling of the CPU fan. I hope I haven't shortened the life of my laptop in trying to get the compact of this SAP whitelist.

    SAP_Compact_Whitelist_high power usage.JPG
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.