Battle NVT OSArmor Or SecureAPlus

Sort by date Sort by votes
yitworths

yitworths

Level 10
Verified
Well-known
May 31, 2015
472
shmu26 said:
You are looking for an antivirus. Therefore, you must choose SecureAPlus.
OSArmor is not an antivirus.
Click to expand...

I once used secureplus & it looked more like an anti-exe than AV or anti-malware. Yea it does make use of several av engines when connected to internet but otherwise when offline it uses clam-av. Do you think that's reliable? Tbh, if OP is looking for an av or anti-malware, he/she should look for other options. & os armor can be use alongside almost any security programs with little bit of tinkering.
 
  • Like
Reactions: shmu26, vtqhtr413, SumTingWong and 1 other person
Upvote 0 Downvote
A

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,820
yitworths said:
when offline it uses clam-av. Do you think that's reliable?
Click to expand...
Ultimately the offline AV isn't all that relevant as the anti-exe portion is always running regardless of whether you're online or offline. Most AVs that don't have a signature for a piece of malware will let it run unrestricted anyway (being reliant on a hit-or-miss behaviour blocker for detection) so it offers far stronger protection than a traditional AV that's used alone.

@Question If you can stomach the fact that by using SecureAPlus you'll receive a notification asking you to allow/block the execution of each new game you attempt to play then it's well worth using. If not then I'd suggest using a traditional AV.
 
  • Like
Reactions: vtqhtr413 and oldschool
Upvote 0 Downvote
D

Deleted member 65228

I think SecureAPlus given what you're after.

However, if you can handle setting the configuration and managing it, OSArmor is a nice piece of software and owned by someone who actually knows what they are doing, so chances of you going wrong with NVT is... low. Even if you run into a barrier, the developer is always energetic to fix bugs ASAP.
 
  • Like
Reactions: vtqhtr413, Lightning_Brian, Azure and 1 other person
Upvote 0 Downvote
yitworths

yitworths

Level 10
Verified
Well-known
May 31, 2015
472
Arequire said:
Ultimately the offline AV isn't all that relevant
Click to expand...

That's why I ain't considering it as av or am. OP actually asks for a good av. That's why I suggest him/her to look for something else.

Arequire said:
Most AVs that don't have a signature for a piece of malware will let it run unrestricted anyway
Click to expand...
there is a feature namely BB or system watcher.

Arequire said:
it offers far stronger protection than a traditional AV that's used alone
Click to expand...

SAP uses so-called traditional av to scan exe. I've encountered many malwares which are based on script such as .vbs. Dunno whether anti-exe works against such things. A good BB will block that kinda infection for sure.

SAP is good but there are wide range of attacks & I'm not sure whether SAP will be able to block most of them. SAP should be used as a sidekick.
 
  • Like
Reactions: oldschool
Upvote 0 Downvote
A

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,820
  • Like
Reactions: oldschool and harlan4096
Upvote 0 Downvote
yitworths

yitworths

Level 10
Verified
Well-known
May 31, 2015
472
Arequire said:
It does:
Fileless Malware Protection | SecureAPlus
Click to expand...

Fileless malware is oldschool. It actually resides on ram. All this kinda malware was used by govt. agency. & what I'm saying is script base malware which will get triggered by certain portion of code... the trick is called code obfuscation where actual malicious code is actually at the end. The malware gets installed at last stage... It's not very normal kinda attack
 
  • Like
Reactions: oldschool
Upvote 0 Downvote
A

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,820
yitworths said:
Fileless malware is oldschool. It actually resides on ram. All this kinda malware was used by govt. agency. & what I'm saying is script base malware which will get triggered by certain portion of code... the trick is called code obfuscation where actual malicious code is actually at the end. The malware gets installed at last stage... It's not very normal kinda attack
Click to expand...
It's labelled poorly. It actually refers to the use of things like powershell, wscript, etc.
 
  • Like
Reactions: oldschool
Upvote 0 Downvote
A

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,820
yitworths said:
elaborate it... like to hear more
Click to expand...
Essentially it applies anti-exe to a list of Windows processes used by malware. If a parent process not on the whitelist triggers one of said vulnerable processes it will throw up a prompt asking you to continue blocking or unblock it.

Here's two screenshots. One of the prompt of a vbs sample being blocked and one showing a prompt from the fileless malware protection:
vbs.png Fileless.png
 
  • Like
Reactions: harlan4096, oldschool and ForgottenSeer
Upvote 0 Downvote
yitworths

yitworths

Level 10
Verified
Well-known
May 31, 2015
472
Arequire said:
Essentially it applies anti-exe to a list of Windows processes used by malware. If a parent process not on the whitelist triggers one of said vulnerable processes it will throw up a prompt asking you to continue blocking or unblock it.

Here's two screenshots. One of the prompt of a vbs sample being blocked and one showing a prompt from the fileless malware protection:
View attachment 191439 View attachment 191441
Click to expand...

command line blacklistings will mitigate this kinda attack upto an extent. but just powershell blockade won't be enough. .vbe or .vbs may act on its own with several .bat files to install malware or infect certain programs & then through those programs they start to infect or install payloads. It's just another domain of infection. btw, powershell disable is good practice & many malware devs do know that they won't solely rely upon powershell. They use code obfuscation so that av-engine can't detect the actual process or code which is meant to run through it.
 
Upvote 0 Downvote
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
yitworths said:
I once used secureplus & it looked more like an anti-exe than AV or anti-malware. Yea it does make use of several av engines when connected to internet but otherwise when offline it uses clam-av. Do you think that's reliable? Tbh, if OP is looking for an av or anti-malware, he/she should look for other options. & os armor can be use alongside almost any security programs with little bit of tinkering.
Click to expand...
I am not impressed by the AV of SecureAPlus.
After a while, I realized that the OP is probably calling all security software by the name of "antivirus", so my answer missed the point.
Nevertheless, SAP has more features by default and OSA has by default, so SAP is probably still the better choice.
 
  • Like
Reactions: neon, oldschool and yitworths
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

Shadowra
    • Like
    • +Reputation
    • Thanks
App Review NoVirusThanks OSArmor 2024
Replies
8
Views
1,382
Video Reviews - Security and Privacy
NoVirusThanks
NoVirusThanks
Snowwolfboi
    • Like
Serious Discussion which antivirus should i those
Replies
9
Views
981
Other security for Windows, Mac, Linux
Sorrento
Sorrento
Xeno1234
    • Like
  • Locked
Battle Best Cheap Security Combo for a Gamer
Replies
24
Views
1,389
Software Comparison
Jengo
Jengo

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top