Forum Support > Software Problems and Questions
General feedback
hendy:
Thank you very much for the explanation. Now we can understand better the point of view from your angle. We will try to improve the description in the future.
5. We have tried to install the version without ClamAV to replicate the issue, but so far APEX works in the offline scan (right click, scan).
Probably what happen to you is the file is something that detected as clean by APEX. To test, you can download the following: http://2016.eicar.org/download/eicar_com.zip
Extract the zip file, and you will get eicar.com file. Right click, scan eicar.com file, and you will see that APEX will detect the file.
For the file that APEX did not detect, but you think that it is highly suspected as a virus, to help us to improve the product in the future, please submit the sample file to: https://secureaplus.secureage.com/Main/submit_malware.php
S:
You're right. The context-menu scan (APEX) does work when offline. I think it was the system scan I was referring to, so I was getting the two mixed up again. That was is UAC, which is cloud-based, so won't work, but APEX does appear to work fine without internet. So that was my mistake.
I am finding that after getting the error 12007 (the server name or address could not be resolved) after having no internet for a while, when restoring it the error stays and SAP doesn't pick up on the fact there's a connection and resume/restart the scan and clear the error. And there's no way I see to manually tell it to retry, either. I even tried doing an update check, which requires internet access, and despite it successfully performing that it still doesn't register the fact it has internet and allow the UAV scanner to work. I had to reboot the VM to get it working again.
As for the malware file not being caught, I don't have the time right now to try with the eicar one you linked, but I've been testing with the infected ccleaner file downloaded from https://downzen .com/en/windows/ccleaner/download/5336162/. If I install SAP, then move the file onto the VM, SAP detects it. If I ignore that and trust the file, SAP continues to detect it. But if I put the file on the VM, THEN install SAP, when SAP installs it auto-trusts all files present, and never detects it as a potential threat. So my point was that SAP should ask during installation about auto-trusting files (and allow the user to select what directories should be auto-trusted and which ones shouldn't) and/or it should still scan trusted files at least the first time and alert if they're detected as malware. Because while I understand the premise of auto-trusting everything, since the assumption is being made that the system is clean when SAP is installed, that's not always going to be true, especially in a case like mine where I have the OS and all my data on separate drives, and it can lead to malware or questionable software previously downloaded being ignored because SAP trusted it, even though the user didn't.
I've also found a couple other issues. First, when clicking and dragging the windows from the minimize/close buttons (that is, mouse-down on one of those buttons and hold then drag, without releasing the mouse button), the window jumps so the mouse is holding on to the title bar more centrally. Granted, not a big issue, and not something likely to be experienced very often, but when it happens it's jarring, and it's certainly not normal behavior. Doing this on any other program simply does nothing. The second issue is that selecting multiple files and right-clicking then going to trust level should ideally show if they're trusted apps, trusted installers, or not trusted as long as they're all the same. This is more likely a design decision rather than a bug but, again, expected behavior, not to mention preferred and more helpful, would be to show their status the same as it does when only one is selected.
Navigation
[0] Message Index
[*] Previous page
Go to full version