SecureAPlus Freemium - Updates

blueblackwow65

Level 23
Verified
Well-known
Dec 19, 2012
1,243
Hi i am trying out SAp plus and see that when detecting files only the apex av will show up in the 11 entries even though 3-4 others have detected the malware also .This was not just only one file but 8-10 files ,apex showed up in all but the other av's of the 11 should have detected ,I know this because i tested with virustotal online and the results were more than apex .Something is wrong somewhere .Thks
 
  • Like
Reactions: Dave Russo

woodrowbone

Level 10
Verified
Dec 24, 2011
480
My guess is that APEX is locally installed, if it consider your files to be malware it does not contact the cloud to ask the other engines.


/W
 
  • Like
Reactions: Dave Russo

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,815
Last edited:

sepik

Level 11
Verified
Well-known
Aug 21, 2018
505
SecureAplus v6.2.1 released

Here are the detail for the changes:

Bugs fixed:
- Typo: instalutil.exe. Changed "InstalUtil.exe" to "InstallUtil.exe"

Modifications:
- Give more space for the file name in Real-time scanning dialog
- Update EULA

What's new:
- When untrusted file is running during boot-up, added into whitelist.log and Blocked.log:
"### Untrusted file is running during boot-up, filename:"
- Untrust the file that is detected by real-time scanning
- Added command line rule:
reg add
reg import
- Do not show “Shopping Cart” button for enterprise customers
 

Mops21

Level 34
Verified
Honorary Member
Content Creator
Oct 25, 2014
2,351
Hi all

SecureAPlus 6.3.0 is out now

Bugs fixed:
- Avira and "Vulnerability Assessment" were not uninstalled cleanly
- SAP without UAV with Avira still shows UAV results in UAV bar when online
- SecureAPlus was not registered as AntiVirus
- Real-time antivirus scan prompt does not appear for Word doc virus, if only detected by UAV.
- AWL dialog too tall
- The log for Blocked command line does not have length and hash for the command line that the action other than "Always Block"
- Tray icon only changes when changing App Whitelisting mode from tray icon menu
- Simplified and traditional Chinese: "Interactive" text on main UI is different from the text in tray icon menu
- Error code: 87 for Request for whitelist approval and My Approved Whitelist
- In certain situation EverythingServer keeps consuming memory.

Modifications:
- Change minimum sending log interval from 1 minute to 15 minutes
- Change log formatting, so that it will be easier for parsing at the server.
- Reduce whitelist.log during initial whitelist.
- When real-time scanning is off, UAV real-time scanning will be shown as off too.

What's new:
- Send software inventory information to server
- Added reg.exe into restricted application list
- Vulnerability Assessment supports software that only installed for current user.
- Auto Mode
New installation: default mode is auto mode
Upgrade: the settings will not be changed. If previous mode is interactive mode, it will remain as interactive
Auto mode will make a decision based on "Digital Signature", APEX, UAV.
There are some situations where there is not enough information for Auto Mode to make a decision.
In this case, user will still see prompting.
- Updated German translation for Vulnerability Assessment.
- Added into the trusted certificate list: "Zoom Video Communication Inc", "Deluxe Pixel Limited"
- Check Linux permission attributes. If it doesn't have executable permission (x), do not need to block the file if it is untrusted.




With best Regards
Mops21
 

woodrowbone

Level 10
Verified
Dec 24, 2011
480
@ sap
Still no button to report FP:s upon detection? Both whitelist and APEX detection's.
If you want , try to install Slimjet browser, or run Patchmypc or Qbittorrent as examples that always generate a FP detection.

/W
 
  • Like
Reactions: Protomartyr

silversurfer

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
@sap
Microsoft-Defender "MsMpEng.exe" (Antimalware Service Executable) is flagged as malicious by SecureAge APEX

wd.png
 

Mops21

Level 34
Verified
Honorary Member
Content Creator
Oct 25, 2014
2,351
@sap
Microsoft-Defender "MsMpEng.exe" (Antimalware Service Executable) is flagged as malicious by SecureAge APEX

View attachment 245063

Hi

Please Report that Files here


With best Regards
Mops21
 

l0rdraiden

Level 3
Verified
Jul 28, 2017
108
How do you disable clamAV local AV in the new version? or this doesn't exists anymore?

What is the impact of disabling automatic full system scan? performance because the whitelist won't be complete?
 
Last edited:

l0rdraiden

Level 3
Verified
Jul 28, 2017
108
If I disable real time scanning in AV settigns, is this to disable APEX? Will unversarl AV still work on "real time"?

Why some detections of the universal AV are automatically ignored without notice? and others are preseted as a threat when both has only be detected by 1 of the engines? what is the criteria to decide if it is a threat or it is ignored?
 
  • Like
Reactions: harlan4096

l0rdraiden

Level 3
Verified
Jul 28, 2017
108
I have notice that I can keep APEX enable and disable the universal AV on real time but no the other way around.
It's a pitty because it would be interesting to run Univesal AV alone together with Other AV's.

How heavy is a APEX engine?
 
  • Like
Reactions: harlan4096

sap

From SecureAge
Verified
Developer
Well-known
Sep 26, 2014
189
How do you disable clamAV local AV in the new version? or this doesn't exists anymore?

What is the impact of disabling automatic full system scan? performance because the whitelist won't be complete?
ClamAV is no longer included in the new version.
If you are upgraded from the older version, and you don't want ClamAV, you can uninstall it.
1599395021171.png


Disabling Full System scan will not have any impact on the whitelisting. Disabling Full system scan only means that you are disabling the periodic full system scan in the cloud.
 

sap

From SecureAge
Verified
Developer
Well-known
Sep 26, 2014
189
If I disable real time scanning in AV settigns, is this to disable APEX? Will unversarl AV still work on "real time"?

Why some detections of the universal AV are automatically ignored without notice? and others are preseted as a threat when both has only be detected by 1 of the engines? what is the criteria to decide if it is a threat or it is ignored?
When disabling rea-time scanning from scan settings, not only APEX will be disabled, the Universal AV real-time scanning will be automatically disabled too.

For the ignored detection, are you referring to the full system scan? For full system scan, if the threat is only detected by 1 engine, it will not be ticked, but the result will still be shown in the full system scan result.
 

Mops21

Level 34
Verified
Honorary Member
Content Creator
Oct 25, 2014
2,351
Hi all

SecureAPlus 6.4.0 is out now

Bugs fixed:
- Added msedge.exe into restricted application
- Typo: "Vulnerabilty", changed to: "Vulnerability"
- App Settings->Application Whitelisting->Advanced Settings
In "Script tab", it shows "Instalutil.exe".
This is a typo, and has been changed to "installutil.exe"
- Memory leak in saappsvc.exe when communicating with the server.
- Crash in sascansvc.exe
- BSOD when whitelist file is huge

Modifications:
- Updated German translation
- Skip real-time scanning for the files that are in the exclusion list
- Delete SecureAPlus shortcut at the desktop during uninstallation.
- Change description text for SecureAPlus Mode.
- For Enterprise Edition, the default mode will be Interactive Mode.

What's new:
- Added Reaqta in the trusted certificate list
- Added: MpCmdRun.exe, ntrscan.exe, cyveraservice.exe into the restricted application list




With best Regards
Mops21
 

woodrowbone

Level 10
Verified
Dec 24, 2011
480
Now I actually kinda wish there was free "Lite" version that's just antivirus and APEX module. No HIPS nonsense and other stuff that's just so clunky. Hell, I'd even go with APEX by itself if it was possible.
Yea, same here,
APEX as a companion to whatever AV, would be a awesome reinforcement.
I already proposed this to sap a while back, but the more of us asking for it, maybe it will become true....

/W
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top