SecureAPlus Freemium - Updates

woodrowbone

woodrowbone

Level 10
Verified
Dec 24, 2011
480
@ sap
I have a question/problem regarding APEX, I have been able to run only APEX active as both real-time and on demand without UA active with fantastic results.
Today I was testing to right click scan a folder containing malware and APEX did not even react, this feels like a bug as APEX almost always catches everything I throw at it.

Could this be a ”connection to your servers yet again” problem?
Or was APEX not supposed to work offline as well?
Running V 5.11 APEX 5.5

Another thing I would like to set up on the "wishlist" from you guys is a stand alone APEX app.
To use as a companion to whatever solution people use out there, I would promote all my costumers to buy it if this comes to life.

Happy New Year

/W
 
  • Like
Reactions: Handsome Recluse and Thirio
A

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,822
woodrowbone said:
Or was APEX not supposed to work offline as well?
Click to expand...
APEX lives in both the cloud and your SecureAPlus installation so it still works while you’re offline.
Click to expand...
Without access to the big data sets stored in the cloud I'd assume APEX is less effective offline.

woodrowbone said:
Another thing I would like to set up on the "wishlist" from you guys is a stand alone APEX app.
To use as a companion to whatever solution people use out there
Click to expand...
You can use APEX by itself (or alongside a third-party antivirus) by turning off real-time scanning for the Universal AV and turning on Observation Mode for Application Whitelisting.
 
  • Like
Reactions: Handsome Recluse, harlan4096, woodrowbone and 1 other person
woodrowbone

woodrowbone

Level 10
Verified
Dec 24, 2011
480
Arequire said:
Without access to the big data sets stored in the cloud I'd assume APEX is less effective offline.


You can use APEX by itself (or alongside a third-party antivirus) by turning off real-time scanning for the Universal AV and turning on Observation Mode for Application Whitelisting.
Click to expand...

Yes thx, this is how I run the app at the moment, alongside CFW CS settings.
The thing is that something happened to APEX it seems, it looks like it does not even scan the files in the folder I was talking about in the post above.

I just wish we could have APEX on its own, without all the rest, it would still be one of the best zeroday apps out there.

Before Christmas I compared it with WD (Win10), I had 134 fresh samples and WD left 118 and APEX 0!!! ( I know, it´s only one test)
(And WD is supposed to be good these Days, yea right!)
But that is no good if you cant trust the app to work as it should.
During the beta testing of APEX I saw it mature to a beast detecting malware, at that time I compared it to Avast free who got humiliated that time.

Right now it looks ok, no fault messages or anything, but the scan shows that something is not right.
But I guess sap can take a look at my logs to see if i messed something up...

/W
 
Last edited:
  • Like
Reactions: Handsome Recluse and kylprq
woodrowbone

woodrowbone

Level 10
Verified
Dec 24, 2011
480
I found the problem, as I wanted to test the speed of detection (Real-time protection) I left this enabled during the unpacking of the malware.
APEX did react, I told it to delete and after that no more reactions from the app.
It seem there could be a problem when you unpack to many malwares at the same time?
I think sap can test this on his side to confirm, not that this is a likely scenario to get infected but nevertheless.

BTW! Of 184 files in these packs APEX did only miss 2 :) samples were from yesterday and today. The 2 missed are submitted.

/W
 
  • Like
Reactions: Thirio
sap

sap

From SecureAge
Verified
Developer
Well-known
Sep 26, 2014
189
woodrowbone said:
I found the problem, as I wanted to test the speed of detection (Real-time protection) I left this enabled during the unpacking of the malware.
APEX did react, I told it to delete and after that no more reactions from the app.
It seem there could be a problem when you unpack to many malwares at the same time?
I think sap can test this on his side to confirm, not that this is a likely scenario to get infected but nevertheless.

BTW! Of 184 files in these packs APEX did only miss 2 :) samples were from yesterday and today. The 2 missed are submitted.

/W
Click to expand...
Did you tick on "Remember my answer throughout the session"?
b8338sW.png


If you did so, it will not prompting you any more (for the same session), and apply the same action (in this case, you've chosen to delete).
 
  • Like
Reactions: harlan4096
woodrowbone

woodrowbone

Level 10
Verified
Dec 24, 2011
480
Yes, this is what I did and I did choose delete.
But nothing happend to the malware in the folder. They were still there.
When I did delete all files in that folder and disable real-time, unpack all the malware again and did a scan, only 2 files did remain.
Did you try to unpack a batch of malicious files when you tried?
And if you could, please disable all components of Universial AV, if this could cause this behaviour on my side?

/W
 
sap

sap

From SecureAge
Verified
Developer
Well-known
Sep 26, 2014
189
woodrowbone said:
Yes, this is what I did and I did choose delete.
But nothing happend to the malware in the folder. They were still there.
When I did delete all files in that folder and disable real-time, unpack all the malware again and did a scan, only 2 files did remain.
Did you try to unpack a batch of malicious files when you tried?
And if you could, please disable all components of Universial AV, if this could cause this behaviour on my side?

/W
Click to expand...
Thank you very much for giving us more information.
We did unpack batch of malicious files, and all the detected files are deleted, but with Universal AV enabled.
We will check with the settings that you suggested.
 
sap

sap

From SecureAge
Verified
Developer
Well-known
Sep 26, 2014
189
sap said:
Thank you very much for giving us more information.
We did unpack batch of malicious files, and all the detected files are deleted, but with Universal AV enabled.
We will check with the settings that you suggested.
Click to expand...
I have tried to disable all components of Universal AV, and it works fine. You can check "C:\ProgramData\SecureAge Technology\SecureAge\log\AntiVirus.log" and "C:\ProgramData\SecureAge Technology\SecureAge\log\SecureAPlus.log". The virus detection should be recorded in AntiVirus.log. If there is any error on the deletion, you may found it at the SecureAPlus.log file.
 
  • Like
Reactions: woodrowbone
woodrowbone

woodrowbone

Level 10
Verified
Dec 24, 2011
480
sap said:
I have tried to disable all components of Universal AV, and it works fine. You can check "C:\ProgramData\SecureAge Technology\SecureAge\log\AntiVirus.log" and "C:\ProgramData\SecureAge Technology\SecureAge\log\SecureAPlus.log". The virus detection should be recorded in AntiVirus.log. If there is any error on the deletion, you may found it at the SecureAPlus.log file.
Click to expand...

From what I can see in the logs it says it did delete the files, but that did not happen.
I manually deleted them, maybe the files were corrupted while unpacking them?

I did the same test 2 days later with the same packs and this time the real-time shield deleted them as it should be.
I will write this off as corrupted files while unpacking for now, if it occurs again I will report back.

BTW! Those logfiles are very big, is it ok to delete hem from time to time, does the app create new ones?

/W
 
sap

sap

From SecureAge
Verified
Developer
Well-known
Sep 26, 2014
189
woodrowbone said:
From what I can see in the logs it says it did delete the files, but that did not happen.
I manually deleted them, maybe the files were corrupted while unpacking them?
Click to expand...
Do you have other antivirus or security product running?
Sometimes those software may be holding the file, so that the deletion can't be performed.
For those cases, usually SecureAPlus will try to delete the files after reboot.

woodrowbone said:
I did the same test 2 days later with the same packs and this time the real-time shield deleted them as it should be.
I will write this off as corrupted files while unpacking for now, if it occurs again I will report back.
Click to expand...
Next time if it happened again, you may try to reboot the machine, and check whether the files are still there.
You may report to us again if you still encounter an issue.

woodrowbone said:
BTW! Those logfiles are very big, is it ok to delete hem from time to time, does the app create new ones?
Click to expand...
Yes, you can safely removes those files, it will create new ones. There is actually an auto archive mechanism. When the file is larger than 100 MB, it will be automatically compressed, and put into the following folder: "C:\ProgramData\SecureAge Technology\SecureAge\log\Archives"
If you need more space, it is also safe to remove all the files in that folder. If you just leave them, it should be fine too. It has a mechanism to auto delete old archived files. Anyway, those archive files should be relatively small, because they are all compressed files.
 
  • Like
Reactions: woodrowbone and harlan4096
woodrowbone

woodrowbone

Level 10
Verified
Dec 24, 2011
480
I run SAP beside Comodo FW, that is why I run APEX only, to lift out the trash from CFW:s sandbox.
While on the subject, if you like me only run APEX, why must all the 9 processes of SAP be left running?

/W
 
sap

sap

From SecureAge
Verified
Developer
Well-known
Sep 26, 2014
189
woodrowbone said:
I run SAP beside Comodo FW, that is why I run APEX only, to lift out the trash from CFW:s sandbox.
While on the subject, if you like me only run APEX, why must all the 9 processes of SAP be left running?

/W
Click to expand...
Thank you very much for giving us more information. We will test with Comodo FW.
Now we also have a better understanding on why you want to run APEX only.

Currently we don't have APEX version only. Some of the processes are related to our Application Whitelisting and Universal AV, and some are shared processes. If in the future we provide APEX installation only, the number of processes running could be shrink down.
 
  • Like
Reactions: woodrowbone and harlan4096
Andrew999

Andrew999

Level 24
Verified
Top Poster
Well-known
Dec 17, 2014
1,355
sap said:
Thank you very much for giving us more information. We will test with Comodo FW.
Now we also have a better understanding on why you want to run APEX only.

Currently we don't have APEX version only. Some of the processes are related to our Application Whitelisting and Universal AV, and some are shared processes. If in the future we provide APEX installation only, the number of processes running could be shrink down.
Click to expand...
I would love a version with Universal AV + APEX. I do not like Application Whitelisting that much. So it would be nice to just have AI and signature-based detection.
 
  • Like
Reactions: harlan4096

Similar threads

Brownie2019
On Sale! AVG Internet Security 2024 [1-D, 1-YR] 10€
Replies
0
Views
326
Discounts and Deals
Brownie2019
Brownie2019
Brownie2019
    • Like
On Sale! AVG Internet Security 2024, 1 Dev, 1 yr- Download 8,90€
Replies
0
Views
425
Discounts and Deals
Brownie2019
Brownie2019
Captain Awesome
    • Like
Malware News North Korea's 'Stonefly' APT Swarms US Private Co's. for Profit
Replies
0
Views
1,500
Security News
Captain Awesome
Captain Awesome

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top