Battle VoodooShield or SecureAPlus?

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
VS is known to block things that it is not supposed to, even if they are whitelisted.
SAP has a problem with their servers being down sometimes.
Those are the biggest problems that stand out in my mind. Neither of them are real deal-breakers.
Question is: which one is more effective at protecting from malware?
 
D

Deleted member 2913

so why not install SecureAPlus for family users? It has an innovative way of handling vulnerable processes that monitors them but also keeps them out of your face. At default settings, it will basically let you live your life, only giving a pop-up when you really need it, because you are trying to install a program without a digital signature or something like that.

The initial scan is very long, and will produce FPs, but that is your job to deal with. After everything is up and running, you turn it over to your family member.

Pros like Umbra and hjlbx will probably turn up their noses at SAP, but your family will like it!
SecureAPlus is a mess, horrible, confusing GUI, alerts, etc... GUI, alerts, etc... is so busy that users have to stare those to get them.

I tried it & uninstalled it. Didn't liked it at all. Plus the initial scan after 1 and half hours was still at 1%? My system drive is only 35 GB full. And data partition doesn't have much. System is with 6 GB RAM. I had tried SAP with no other realtime protection & SAP offline protection was not installed.
 
D

Deleted member 2913

What about something like Kaspersky's Trusted Applications Mode?
It can be configured to work like an anti-exe. But what about vulnerable processes?
I mean, can you get vulnerable processes protection in an AV, or do you need some kind of an exotic security soft?
Have you tried the latest CCAV version that released yesterday?

I tried it And it seems good. Usability seems improved. It feels light. You can set sandbox settings to "Run only safe programs" And it will work as anti-executable. You can hit "dont isolate again" on the alert if you think the program is safe. You can run the program in sandbox manually to see if its good.

I would suggest to give a try to CCAV. I know what users think about Comodo but still I would suggest to give a try & see if you like it or find it acceptable to run on your system.
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
SecureAPlus is a mess, horrible, confusing GUI, alerts, etc... GUI, alerts, etc... is so busy that users have to stare those to get them.

I tried it & uninstalled it. Didn't liked it at all. Plus the initial scan after 1 and half hours was still at 1%? My system drive is only 35 GB full. And data partition doesn't have much. System is with 6 GB RAM. I had tried SAP with no other realtime protection & SAP offline protection was not installed.
the newer versions work much better, but yes, the initial scan is still rough.
You can exclude folders and even entire partitions from the scan. This will save your sanity!
Doesn't really matter how long initial scan takes, because you can just leave it running until the morning. Then you wade your way through the FPs, and you are set up.
 
D

Deleted member 2913

the newer versions work much better, but yes, the initial scan is still rough.
You can exclude folders and even entire partitions from the scan. This will save your sanity!
Doesn't really matter how long initial scan takes, because you can just leave it running until the morning. Then you wade your way through the FPs, and you are set up.
I simply didn't liked SAP for quite a few reasons so SAP is not for me atleast for now.
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Have you tried the latest CCAV version that released yesterday?

I tried it And it seems good. Usability seems improved. It feels light. You can set sandbox settings to "Run only safe programs" And it will work as anti-executable. You can hit "dont isolate again" on the alert if you think the program is safe. You can run the program in sandbox manually to see if its good.

I would suggest to give a try to CCAV. I know what users think about Comodo but still I would suggest to give a try & see if you like it or find it acceptable to run on your system.
I have had problems with comodo, and to a lesser extent with Kaspersky TAM, that the rules don't stick.
 
D

Deleted member 2913

are you using it primarily for the auto-sandbox function?
if so, it has to remember which processes not to put in sandbox
I am for light, effective & good usability program.

I try every new CCAV version to see the improvements. And I do think if Comodo dont mess it up, with time it will be light, effective & good program. And I do think Valkyrie has potential...currently it works on/off & seems good...once it goes fully live then we will know how good is it & how good it will help further in protection & usability.

And I do think users like me & you who know to work with security software CCAV at current stage is pretty good & easy for us. I am thinking of giving it a try on my family shared system of average users.

Dont know how Valkyrie will work in CCAV, how quick it will be, etc...we will know only once it goes fully live.
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
I am for light, effective & good usability program.

I try every new CCAV version to see the improvements. And I do think if Comodo dont mess it up, with time it will be light, effective & good program. And I do think Valkyrie has potential...currently it works on/off & seems good...once it goes fully live then we will know how good is it & how good it will help further in protection & usability.

And I do think users like me & you who know to work with security software CCAV at current stage is pretty good & easy for us. I am thinking of giving it a try on my family shared system of average users.

Dont know how Valkyrie will work in CCAV, how quick it will be, etc...we will know only once it goes fully live.
I know that Comodo auto-sandbox is great protection, but what about the AV component? would you rely on it?
 
D

Deleted member 2913

I know that Comodo auto-sandbox is great protection, but what about the AV component? would you rely on it?
With autosandbox, AV component is good enough And Valkyrie will further help in protection/detection.

I have used CIS too And I only install CFW minus AV as Cloud AV part is good enough...no other AV too.
So CCAV AV component too is good enough with autosandbox And as mentioned Valkyrie will help further in protection/detection.

CCAV has browser setting protection, its a plus too.
Malicious certs scan is there in the latest CCAV.

It has some security essentials that installs separately after CCAV install And it protects banking, etc... But I installed CCAV & didn't get anything to install security essentials so I am clueless on this. I have asked on Comodo forum about this.
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
With autosandbox, AV component is good enough And Valkyrie will further help in protection/detection.

I have used CIS too And I only install CFW minus AV as Cloud AV part is good enough...no other AV too.
So CCAV AV component too is good enough with autosandbox And as mentioned Valkyrie will help further in protection/detection.

CCAV has browser setting protection, its a plus too.
Malicious certs scan is there in the latest CCAV.

It has some security essentials that installs separately after CCAV install And it protects banking, etc... But I installed CCAV & didn't get anything to install security essentials so I am clueless on this. I have asked on Comodo forum about this.
how does CCAV handle vulnerable processes? Any protection there?
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
not so sure about SAP anymore:
I snagged a free licence for SpyShelter Premium from yesterday's giveaway, and I put it on medium security.
I viewed a web page on Internet Explorer, closed it, and got an alert from SpS that IE wants to execute rundll. (probably one of those Windows privacy-invading processes)
But I did not get an alert from SAP about this.
hmmm...
 

Janl1992l

Level 14
Verified
Well-known
Feb 14, 2016
648
not so sure about SAP anymore:
I snagged a free licence for SpyShelter Premium from yesterday's giveaway, and I put it on medium security.
I viewed a web page on Internet Explorer, closed it, and got an alert from SpS that IE wants to execute rundll. (probably one of those Windows privacy-invading processes)
But I did not get an alert from SAP about this.
hmmm...
Because it allowes every datei on your system. for that u have the first whitelistscan. it will not alert for any action windows makes because of the whitelist. only for new dateis u get alerts.
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Because it allowes every datei on your system. for that u have the first whitelistscan. it will not alert for any action windows makes because of the whitelist. only for new dateis u get alerts.
but it is supposed to monitor vulnerable processes, even if they are executed by a trusted app.
rundll is arguably number one on the list of vulnerable processes.
 
D

Deleted member 178

Vulnerable Processes is an ERP thingy , dont try to find this feature on every security softs.

the only valid and common mechanism in HIPS/BB/anti-exe is the Parent/Children relation, vulnerable processes are part of this. So nobody really cares about Vulnerable processes.
 
Last edited by a moderator:
D

Deleted member 2913

how does CCAV handle vulnerable processes? Any protection there?
Dont know?

I guess CCAV is whitelist plus default deny so any thing unknown will be sandboxed or as per sandbox settings.

I dont know what all are vulnerable processes but I do sometimes see alerts like .vbs & some other things, etc... Like if I run portable HDSentinel I get .vbs alert.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top