1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Whether a security software is good or bad

Discussion in 'General Security' started by lunarlander, Mar 31, 2019.

Thread Status:
Not open for further replies.
  1. lunarlander

    lunarlander Thread Starter

    Joined:
    Sep 21, 2007
    Messages:
    10,794
    When most people say they like a particular antivirus or security program, they often just mean they like the user interface, it's look and feel, it's supposed features visible on the panel, and so on. Rarely do people report that that software has actually has caught anything. YET they claim it is good software.

    I want to recommend today a program called OSArmor : https://www.novirusthanks.org/products/osarmor/
    It's primary capability is to stop software ( or malware ) from making calls to native Windows command line tools for malicious purposes. For example it will stop WerFault from using undocumented command line parameters. (werfault is the Windows component that reports windows errors to MS - it can connect to the net, send (error logs) files and so on; so it can be 'mis-used' by attackers).

    I used to think that the Windows Activation process was fool proof. Not so. Apparently there is a security vulnerability. Because in the brief 2-3 minutes it takes for a Win 10 machine to activate, I saw a foreign process display a very quick progress bar window, and immediately OSArmor popped up a alert asking if I want to OK the process. The progress bar did not finish and disappeared. OSArmor reported in it's logs that a foreign process with System Rights tried to start WinLogon. Hmmm, yeah right, thanks.

    OSArmor is NOT an antivirus. Most people only know of one type of security program - antiviruses. This program stops suspicious use of Windows' built in commands. This type of attack is very common nowadays, security insiders know of it by the name of 'fileless attacks'. The payload is just a routine in RAM, there is no malware file written to the hard drive - thus AV's have no file to scan and detect. It's primary purpose is to connect back to the attacker's (a polite term for hackers, virus writers and such ilk) PC to download more stuff: trojans, remote control software to view your screen; control your mouse and keyboard, malware if the operator chooses so, and so forth.

    As a result of this occurance, I am recommending OSArmor. It is a FREE program, consumes very little resources, and starts up very quick upon sign in. It is not based on virus signatures, so it doesn't need to download updates, so you don't need to make a rule in your firewall.
     
    Last edited: Mar 31, 2019
  2. Johnny b

    Johnny b

    Joined:
    Nov 6, 2016
    Messages:
    4,536
    First Name:
    John
    Thanks for the review.
    I'll be handing it over to my sister, who uses Win 10.

    (y)
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1225185

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice