Discussion in 'other anti-virus software' started by sinlam, Jul 24, 2013.
#2151 + #2152 = @Krusty
I'm installing the trial, after imaging my machine of course.
Correct me if I am wrong, but in the freemium you also get their excellent Ai engine APEX, currently only scanning exe files.
And yes, it is real-time protection
SecureAPlus 6.7.0 is out now
We’re pleased to present SecureAPlus 6.7.0.
With best Regards
@Mops21 -- Got it! Thanks for the information.
Out of date depencies in SecureAPlus progam files folder don't give much faith in this product: 7zip 16.00, come on! It's not the first time AV's have been exploited by using flaws in out of date unpacking software. There are real code execution flaws in this: https://www.wilderssecurity.com/thr...arbitrary-code-execution.400230/#post-2736805
SA+'s 7z.dll is used simply for packing/unpacking a user-info whitelist & has nothing whatsoever to do with the functioning of the SA+ program itself. 7zip is NOT a dependency of secureaplus.exe, as your post seems to allege.
I was just looking at the SecureAPlus User Manual and they have added a lot of functionality since I last used SAP a few years ago. It appears they have added a Restricted Apps feature which is separate from the command line monitoring feature. Is the Restricted Apps feature separate from the Command Line monitoring feature in SAP? If it is then this is something I would have liked to have seen NoVirusThanks add to ERP, but it was only wishful thinking on my part.
If the Restricted Apps feature in SAP is separate from the Command Line Monitoring then what restrictions does it enforce on vulnerable applications? The description in the manual sounds as though it only monitors child processes of vulnerable applications and prevents them from automatically being trusted. Does it by any chance also prevent vulnerable/restricted applications from writing to the System Space and the startup folders in the User-Space and ProgramData Folders?
NoVirusThanks abandoned ERP and it's a shame since it only had a few bugs that needed fixed. I was considering switching to SAP if the performance impact is not too great and they are open to the idea of working with experts and beta testers on getting the most out of the Restricted Apps feature and possibly improving some of the other features. The only other thing that would prevent me from using SAP is if it's too buggy. Pretty much all software contains bugs but stable releases should only contain a reasonable amount of bugs and bugs that threaten security or stability should be addressed promptly. Do SAP stable releases tend to only contain minor bugs or is it the luck of the drawl?
Opps, I forgot to ask, does SAP also monitor .dll files? The last time I used SAP it only monitored .exe files.
@Cutting_Edgetech -- Great questions but way above my pay grade. I urge you to post them on SA+'s support forum over THERE. Please do post them -- I would love to see their answers. By the way, SA+'s forum moderators are often slow to reply, but they always do so.... eventually.
Doesn't SA+ scan inside archives?
Tried the 90 day trial version of SAP Pro, quite liked it so i bought essentials license. Tweaked it for my own liking (enable name and thumbprint in trusted certificates list) and i also added .dll extension to inclusion list for more safety.
SAP is a whitelisting software with some additional features, like:
- APEX A.I engine against .exe files
- If APEX thinks the file is safe -> do a name and thumbprint certificate check when running the executable file
- Good protection for powershell etc script based malwares
- Universal AV (Pro version does include AVIRA offline engine)
- Tech-savvys can add own script etc based rules, so you can tweak it a lot
- Compatible with most of the third party AVs because you can register it OR not it to Windows Security Center
- Does not slow down your computer (when building a whitelist it will take a time, depends on your conf. Remember to put whitelist scan in fast mode!!)
SA+ is NOT an anti-virus scanner. Instead, SA+ is an anti-execute/whitelist/certificate-checker app. As such, SA+ itself is designed to deal primarily with executable files & command lines. Archives cannot execute.
Accordingly, for AV-type scans, SA+ uploads files to 10 external in-the-cloud AV scanners such as Avast, F-Secure, & McAfee.
This is similar to the way that VoodooShield functioned until recently. To wit, VS is an anti-execute/whitelist/certificate-checker app that used VirusTotal to initiate external AV-type scans.
Ah thank you for explaining. I saw SA+ also has it's own offline scanner, but that only scans executables.
Yes, the offline scanner is named Apex. It is reportedly AI/behavior-based.
IMO, Apex can often be too aggressive -- many false positives. Fortunately, SA+ provides a "More Info" button on its alerts. That button will reveal what the 10 in-the-cloud AVs reported. It also allows uploading the file for online scan by VirusTotal. So there is no need for even the newest user to make an uninformed decision when confronted by an SA+ alert.
If the great majority of SA+'s 10 AVs say a file is okay, then it's 99.9% likely to be REALLY okay, despite what Apex says. However, if a user wants to be more certain, the "safest" thing to do is tell SA+ to put the file into SA+'s Quarantine. Then the user can further check the file at his or her leisure -- e.g., do further online research &/or scan it with an on-demand AV scanner. My personal favorite on-demand AV scanner is Emsisoft's Free Scanner -- it works great WITHOUT having to be installed. If user's further research says the file is okay, simply hit Quarantine's "Restore" button & the file is back in business.
Yeah I usually use Emsisoft Emergency Kit or Malwarebytes for on-demand scans.
SecureAPlus 6.7.1 is out now
With best Regards
6.7.0 is still being downloaded from the website.
Version 6.7.1 causes problems and has therefore been withdrawn for the time being.
SecureAPlus 6.7.2 is out
- SecureAPlus Lite and license expired machines were unable to bootup after installing SecureAPlus version 6.7.1.
- Improvement in communication between SecureAPlus and SMS
Well thankfully S.A.P. didn't cause any problems on my system.
I'm running 64 bit windows 11 now, home edition.
Voodooshield also has a machine learning AI and a whitelist database. And it allows you to check everything that gets blocked on virustotal.
I didn't have any issues either, but at least they fixed it for others that did.
Here uis an info for you all
CatchPulse is comming
With best Regards
Hey Mops, maybe you should start a new thread titled CatchPulse. This Secure APlus thread is old, out-dated by its "Freemium" title, and needs a new face.
Separate names with a comma.