Real-time A/V with OA++ needed

Discussion in 'other firewalls' started by SafeBrowser, May 5, 2010.

Thread Status:
Not open for further replies.
  1. SafeBrowser

    SafeBrowser Registered Member

    Joined:
    Feb 17, 2010
    Posts:
    11
    My understanding is that OA++ does not include real-time/on-access scanning for malware when on the internet or downloading from the internet. The OA++ scanner is an on-demand/on-execution scanner only.

    If the above is true, is it advisable to run an on-line/on-access Anti-virus/Anti-spyware application along with OA++?

    I have the following free versions, maintained in an in-active/off state, but updated daily and used for scanning at least once per week by each: A-Squared Free, Super Anti-Spyware (free), Malwarebytes (free).

    An recommendation of a real-time/on-access AV/AS to run in conjunction with OA++, if deemed necessary, will be appreciated.
     
  2. dueceswild

    dueceswild Registered Member

    Joined:
    Sep 3, 2008
    Posts:
    184
    For me, it was a shift in thinking when I first ran it; but having ran it, I would say no. I think you can run another AV with it by the way the A2 engine is designed, but it really isn't necessary.

    The A2 engine is a top tier AV, and the integration with OA's whitelist makes for a great security app. A2 has a high detection rate, but in my experience was prone to some FP's. The whitelist cut that out with this product; so you get the great detection without the FP's.

    It's also a very well designed, well supported program. I scanned weekly with MBAM and found nothing.

    I felt completely comfortable just running OA++.
     
  3. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Prevx would be a good companion for OA++. Prevx probably will NOT generate any conflict with OA++.

    If you image your system disk at least weekly, the free version of Prevx should be more than adequate.
     
  4. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    OA++ contains the A2 AV/AS engine. Its an on execution AV. It will catch things if they are executed. It doens't miss much. Weekly I'll run a full system scan for things that the on-execution didn't catch. I know that Emsisoft is coming out with ver 5 which has the options of real time scanning. I don't know when or if OA will integrate it. Things that the on-execution miss OA hips alerts usually.
     
  5. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    Presumably when A2 release version 5 with it's optional 'on-access' capability then OA++ will be updated too.
     
  6. SafeBrowser

    SafeBrowser Registered Member

    Joined:
    Feb 17, 2010
    Posts:
    11
    Thanks for the replies.

    I tried installing AVG 9 Free based on comments that I have seen elsewhere. During the install process, a screen informed me the there may be problems running it with OA and I was given options to "Remove OA from my system" or "Ignore and Continue installation (not recommended)". I cancelled the installation and searched my system and registry for any remnants of AVG.

    bellgamin: I installed Prevx and it stalled the running of CCleaner. That is a no-no for me. So I un-installed Prevx. CCleaner returned to normal after un-install of Prevx.

    kjdemuth & andyman35:
    1. Do you have a link where I can find info about A2 version 5 (full, not free version, I assume), its development status and enhancements?
    2. Do you have a link for OA's future development plans, status, etc.?
     
  7. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    OA ++, I have this suite. I successfully disabled the AntVirus section & did install Avira free. Yes they did work together. I then decided that that was silly. So--------I downloaded Online Armor Pro. Uninstalled OA++ & reinstalled Online Armor Pro then installed Avira Free. You might have to go to the Tall Emu site & reset the serial number so you can reinstall. This works. I have tried Oline Armor with Avast they don't work together very well' at least lets say its really hard to get Online Armor to let you install Avast free. Nod32 works sometimes but I updated Online Armor & the result was I had no browser that would work At least FireFox would not work.

    My suggestion is to keep OA++ it works & conflicts with nothing. Just scan every file with some on demand scanner. Like Malware Bytes Free.

    In fact I came to the conclusion that OA++ is in effect Online Armor & an On Demand scanner' its not for everyone. If you diecide to try Online Armor Pro note the SN for ++ will work with the Pro version no problem. If you decide to try to install an onboard Antivirus scanner it seems to work better to install the AntiVirus first & then install Online Armor. Updating the AV engine seems to be the problem. At least that seems to be the problem with Avast. Also keep a good backup image, since One time OA++ caught the Virus but did not competely remove the file.
    Wen Malware Bytes tried to remve I found the computer would not boot. I had to Restore a Shadow protect Image. I really like Online Armor but I am starting to wonder if another Firewall solution would be better.
     
  8. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    A2AM (now called EmsiSoft Anti Malware) version 5 is in the final stages of Beta now,the major issues seem to have all been addressed .It's running here very smoothly.

    The main improvement over v 4.5 is the option for the AV to run on-access,along with improvements to the Mamutu BB component and full support for Win7 and 64 bit architecture.

    http://support.emsisoft.com/topic/1432-a-squared-anti-malware-5-0-public-beta-has-arrived/

    I presume that at some stage the upgraded AV will be incorporated into OA++.
     
  9. vijayind

    vijayind Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    1,413
    Try Immunet Protect , its a cloud AV like Prevx but free. It can also run alongside other security suites without issues.
     
  10. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    So, please help me understand one thing, every time executable is run first it is checked with AV, let's say that AV finds this executable infected, OA will check it anyway with their whitelist, and if whitelist says it's ok then it's ok and that's that ?

    I mean, I would really love if that's the case since Ikarus (or A2 for that matter) is just full of silly FP's.

    I'm on trial right now but I'm thinking about purchase. So far it runs amazingly good.

    There is only one thing with this AV in OA++ , if I choose to ignore item after scan , I can't find anywhere that it is added as exclusion :blink:
    Not a big thing, but it would be good to see those things somewhere.
    As I see it right now, on-deman scan in OA++ is like Ikarus or A-Squared, that means full of FP's.
    Since AV section of OA++ is poor on options, I think I will not use this feature (on-demand scan) and just use the execution portion of it.
    If what you said about whitelisting is very true then that would be awesome :thumb:
     
  11. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    If you have OA++ installed you have the on-execution AV. Ikarus does have some FP but not that many. You also have to understand that you have OA checking files through Oasis. OAsis is their online database whitelist. It does seem to cut down on FP's. In my own experiance with A-squared I haven'
    t had alot of FP and I've been running it for 4-5 yrs now. It's kind of uneasy at first because you will download a odd file such as Run.exe. Of course we all know that run.exe probably isn't a legite file. Until that file is executed nothing will be down, unless OAsis catches it as a infected file. Like some other folks were saying you can run something along side it. I have MBAM running real time and it usually catches everything first and then OA++ picks up if MBAM misses it.
     
  12. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    Well, I understand that, but I guess it depends on a user and I just have a really huge number of FP's (with A-Squared)
    And I know that majority of people have the exact same issue.
    That's why I stopped using it, but that doesn't matter now.

    I don't want to use another AV, in fact I don't think I really need AV at all with HIPS, but I'll give it a try with OA++ because it seems to be running very light.
    I just wasn't sure about OASIS and what comes first when executable is run, and since I'm running it on my main host I can't test it , but I will on VM and see how it works (OASIS kicking Ikarus engine with OA's whitelist, meaning reduced number of FP's).
    If that's the case then I'm close to buying this product.
     
  13. pajenn

    pajenn Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    930
    I use OnlineArmor Free and Prevx Free, plus I run ccleaner daily without a problem. When I run a program for the first time with prevx enabled, it sometimes slows the initialization of the program down to scan the files that are loaded, and that slowdown can result in a failure in execution, but in my experience that's rare and only happens the first time the program runs (after which I think its files are placed on prevx's ignore list). So if you tried ccleaner only once with prevx, then it might be worth a second try.
     
  14. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    Yes

    Yes

    Great choices. Consider also Hitman Pro.

    MSE or Avast 5 (free/paid)

    Consider also what others have said. It is possible that soon OA++ will integrate the new Emsisoft engine and then you'll have a full real-time AV.
     
  15. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    OA++ has a real time AV already. It has emsisoft's current AV which is Ikarus. The only difference is that it will have the option to on access instead of on execution. You really don't need another AV running in real time. Running an on demand scan weekly would be a good idea.
     
  16. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    Yes, but having only on execution protection, is not really a classic full AV. This is why I said that with the Emsisoft 5 the users will have a full real-time AV.
     
  17. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    If OA integrate version 5, I just hope they will put an option for turning off on-access scan, would be silly to make it mandatory.
     
  18. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    Emsisoft 5 has the option to run the AV fully on-access,on-execution (as per 4.5) or no real time operation so I fully expect OA++ would offer the same.
     
    Last edited: May 14, 2010
  19. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    I don't really know the actual definition of "classic full AV". As fas as I'm concerned anything that has a signature base and its running real time is a full AV.
     
  20. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    A classic AV should check on access by default.
     
  21. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Yeah, the new A-Squared Anti Malware does have a On Access scanning mode, though i still prefer the on exec :D
     
  22. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    Yeah, on exec is just fine :)
     
  23. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    Does AV scanner in OA++ scans registry and traced cookies like A-Squared does ?
     
  24. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    Nope. Thats the A2 part of EAM. I think that it does scan the registry just not the cookies.
     
  25. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    About page says that it's powered by A-Squared and Ikarus scanning technology.

    btw I've noticed that OASIS is doing it's thing on-access , so I guess that's cool :)
     
Loading...
Thread Status:
Not open for further replies.