sap

From SecureAge
Verified
Developer
Is there a way to skip the initial whitelisting scan? @sap
You can skip initial whitelisting if you have other identical machine, by importing the whitelist from the other machine.
The detail steps can be found at: I have multiple machines and how do I clone my whitelist on the other machines? – SecureAPlus Support Pages

You can also use this method if you want to uninstall and reinstall SecureAPlus, but do not want to perform initial whitelist again. Before uninstallation, export the whitelist. Make sure that you cut off the internet connection, so that there will be no background application updating certain software (it will get blocked if you reinstall, because it is not in your exported whitelist).
 

RejZoR

Level 14
Verified
Since the number of request for this is low, our team currently will do this manually on our side. If any user want to skip the trial, please send email to secureaplus@secureage.com.
That's a lot of hassle, especially since I have few home systems and I tend to rotate software. Meaning I'll have to constantly contact your support which is annoying to a point I won't bother with this probram at all. Which is, unfortunate...
 

Fuzzfas

Level 3
Verified
I have read about SecureAPlus freemium before, but i never tried it. Even the word "Freemium" confused me, let alone the various "offline AV", "universal AV", "Apex"... But i was going a bit desperate lately, getting a bit bored with MSE in Win7 and after seeing that even Panda Dome Free adds lag to web browsing, while the other "traditional" AVs have been bloated by various PUPs, data mining etc, that i actually took the plunge to try SecureAplus. Even more so, since i want to use a traditional anti-exe and even though i have a paid license for NVT ERP, i can't use it, because of a bug that forces english as language to my systray.

I LIKE IT! It's very light! Finally, browsing quickly through directories feel so snappy! Even better than MSE! No web browsing lag, thanks to the fact that has no web scanner (thank God!). CPU usage ridiculously low. RAM usage is a bit high, but i have 16GB 3000Mhz RAM, so who cares.

From what i understand, the free version will have the realtime scanner disabled. No big deal really, it might be even lighter this way! On the Black Friday of 2020 i might even search for a discount and buy the "essentials version". I also read it doesn't monitor parent-child process control, but at the end, that's ok. I haven't seen a live malware for ages anyway, so even a simpler HIPS will be overkill.

Really good software... The GUI is a bit colorless and a bit confusing in layout and terms (i had to read the help file to understand that the "offline" antivirus is...ClamAV (who needs that!) and that UniversalAV will shut down for the free version and that Apex remains and there are many processes running in the task manager (i hate that), but at the end of the day, i am really happy! I will see how it works the next days, but for now, i am impressed! Lightest AV+HIPS combo i 've seen.

I also love the fact that they have offline installer with "noAV". I hate web installers.
 

l0rdraiden

Level 2
It would be nice to have a way to see in the interface (not in the logs) what was uploaded, when, and the result. Just for transparency of a software that uploads soo much data from my computer.

On the other hand the interface should be reworked it looks quite weird.
 

Fuzzfas

Level 3
Verified
It would be nice to have a way to see in the interface (not in the logs) what was uploaded, when, and the result. Just for transparency of a software that uploads soo much data from my computer.

On the other hand the interface should be reworked it looks quite weird.
I agree... The whole GUI needs a bit of redesign and a bit of colour. I found the logs and even though i have disabled the "automatic upload of files", i see very often:

"Enable Universal AV upload after leaving full screen" in the log. Which doesn't seem normal... They should also make a clear message when the AV can't reach the server. I was trying to make "Full scan" and it was just reverting back to "normal state", because in Tinywall, the process was blocked. I realized it only because i kept seeing "last complete scan: never" and in the log i found that "couldn't connect to server". So i found the process and unblocked it in Tinywall. Instead of me figuring it out on my own, it should display a message on the GUI "could not connect to server", instead of writing it only in the log.

Anyway, i still have some months of "pro" in trial to see how things go, and if all goes well, maybe i will buy an "essentials" license, preferably in the 3 year version (it comes out 12$ a year). It's a gamble, because in 3 years, the program might have become sluggish and heavy, put a web scanner or anything else, but the price per year is more enticing.

I also had APEX get a false positive trying to install Filezilla. So APEX is my main concern, because i wouldn't want to be bombarded by false positives... APEX did catch the Eicar file though. :geek:

a.png


The best thing in all this, is that : Secureaplus + OSArmor+ WinPatrol Plus together, feel snappier than MSE + WinPatrol. They really run well together and the anti.exe part works well, the popup gives you plenty of options... I can't complain.
 

sepik

Level 8
I've been testing this software for a week now and I find it really good and effective. I'm planning to buy a license soon. And the price is not that bad. Support seems to be good and responsive too.
 

Fuzzfas

Level 3
Verified
Secureaplus + OSArmor + WinPatrol Plus... that looks a bit overkill :unsure:
WinPatrol Plus can't stop even the simplest malware. But it's a general purpose notifier about registry startup and services. Its purpose goes beyond malware. For example, you install a new software and it runs a gazillion of services? You don't need to search on your own in the task manager, Scotty will notify you immediately. Also, even if you trust something in say Secureaplus, but it does something unexpected (like a service or startup), Scotty is again useful, because it may put a suspicion that what you let install, wasn't exactly doing what you thought it would...

OSArmor, i like it for the fact alone that blocks USB stick autorun.inf. While SecureAplus, if i understood correctly, can only allow or block read/write, but doesn't affect autoplay. For the most part they overlap about the rest options in OSArmor, but quite frankly i didn't care to compare closely and since they run well together, i don't really care.
 

Fuzzfas

Level 3
Verified
Ok, i just found this test here, conducted by @harlan4096

So, APEX works only with PE files. Does the Universal AV cover non PE files? The whitelist apparently does.
 

Fuzzfas

Level 3
Verified
First thing i did when i saw the AV engines, was disable ClamAV. Now, it's Ikarus' turn. Boy, is that one trigger happy! False Positive galore! Other than that, this is the lighest AV (let alone the whitelist part) i 've seen. I always do a "quick access" test in a secondary HDD i have. Usually there you feel the drag of AVs, when you open folders with many elements quickly and you go back and forth. This one is by far the lightest and even though i thought OSArmor might slow things down, trying to fight with APEX, it didn't. I might even say it's like supercharged and maybe even a bit faster now... At any case, this configuration is a keeper.

The weird thing is that i had done a "full scan" and all was fine. I shut down. I boot up again and i am greeted with "20 threats detected", where almost everywhere, i see Ikarus...
 
Last edited:

harlan4096

Moderator
Verified
Staff member
Malware Hunter
Ok, i just found this test here, conducted by @harlan4096

So, APEX works only with PE files. Does the Universal AV cover non PE files? The whitelist apparently does.
Checking the on demand reports the tests I conducted... I would say only got exe detections :unsure:

Also check this post from @sap: Malware Hub Report - SecureAPlus (APEX + WhiteListing) - September 2019 Report

For some specific type of files, They rely in whitelisting...
 

Fuzzfas

Level 3
Verified

sepik

Level 8
Forgot to say, im using Comodo Firewall with this combo too. Only Firewall component and HIPS enabled. Tuned the HIPS component, that only so called "raw disk access" is covered and registry autorun locations protection is enabled. One "flaw" in F-Secure is that it does not protect some registry autorun entries thoroughly. Which we can see on the malwarehub test. Comodo protects a lot more of those autorun entries which F-Secure fails. As for keyloggin protection, im currently using KeyScrambler. Passed all the keylogger test i throw against it.
 

Fuzzfas

Level 3
Verified
Right now i 've uninstalled everything, because i thought something was interfering with TRIM, while instead it seems common issue with my SSD model and TrimCheck, but last night i also noticed that OS Armor has a basic parent-child process option in its checklist, so that's actually useful too, since SAP doesn't cover any of that. So, one more reason to use it, aside autorun.inf. There might be others too, but i will have to reinstall everything, but i think this alone is useful to report.
 

sepik

Level 8
OS-Armor as a default settings blocks too much. When you have an av+secureaplus+osarmor there will for sure a triple check. Which will cause slow down. Uninstalled OS-Armor. SecureAplus can block powershell etc scripts. So why triple or dual check em.
F-Secure with SecureAplus works here pretty good.
 

Fuzzfas

Level 3
Verified
OS-Armor as a default settings blocks too much. When you have an av+secureaplus+osarmor there will for sure a triple check. Which will cause slow down. Uninstalled OS-Armor. SecureAplus can block powershell etc scripts. So why triple or dual check em.
F-Secure with SecureAplus works here pretty good.
That must be the latest OSArmor. I use v1.3, which is very quiet unless something very weird happens. If you want i can upload it to you. v.1.3 doesn't slow down at all. It sits quietly without disturbing. I had tried v1.4 of OSArmor and had some unexpected blocks and BSOD. So i stopped trying to use subsequent versions, based also on the development history of NVT ERP. The developer has good intentions. He started with v1, which was a very simple anti-exe. I bought it. Then he started adding things, because person A wanted this, person B wanted that, so we arrived to v3Beta, which remains a beta and instead of doing some bugfixing, he goes to v4, which i read has become more complicated and judging by past history, it will drag development and bugs to infinity, just like the rest of the versions. I use v3beta only on a secondary PC that i don't personally use, because it has a very annoying language bug that i can't stand on my main rig. I just wish there was a v3 release that fixed that and i wouldn't want anything else... Alas...
 

sepik

Level 8
Fuzz, yeah i've dropped OS-armor. Its a good software. But it does too much for my liking. Just disable powershell and cmd command prompt and you''ll be fine. Pray for ppl that uses windows firewall ;)
 

Nagisa

Level 4
Verified
I assume there isn't anything wrong with using APEX as an on demand scanner? It doesn't even require the main program to be installed - except you have to install first to copy APEX folder-.


Adsız.png
 
Last edited:
Top