VoodooShield/Cyberlock

Yeah, I was referring to HMP.alert3, which as far as I know, has not been tested extensively for compatibility with VS (please let us know if anyone has been running the 2 together for a while) . Several months ago, MBAE and VS used to not work well together, but now they work great together. I think compatibility between the various products depend a lot on factors like what OS they are running on, and what traditional AV is running, among other things. So from a compatibility standpoint, we know that MBAE and VS work well together, and if HMP.alert3 work well with this combo as well, then it never hurts to have additional layers. From a security standpoint, they all do things a little differently, so it definitely does not hurt to run all three, assuming they all work well together on your system.

 

Cool, thank you, please let me know!

 

Yeah, exactly. VS works the way it always has, but this new feature specifically blocks executables / payloads of child processes that are spawned through web apps.

 

I'm running HMP.Alert 3 and Voodoo.
Will report any problem if it occurs.

 

Hi Dan

Have been beta testing HMP.A v3 for quite a while now (well over 6 months) and have had it running with VS with no indication whatsoever of any issues between the two of them, even since you introduced the anti exploit functionality into VS. Seem to work very well together and as far as I am concerned it is a keeper (along with VS of, course...).

Will let you know if that changes in any way but I suspect that it will not given what I have seen, and with HMP.A v3 now on General Release.

Regards, Baldrick

 

I've been using HMPA, and VS together for 4 days. I have not experienced any conflicts i'm aware of. I have had a problem with flash plugin crashing in Firefox though. I don't believe it is being caused by a conflict between HMPA, and VS though. I think it is a problem with HMPA, or maybe the combination of HMPA, and AppGuard since I also have AppGuard installed.

 

CE, don't you think running AG and VS is kind of an overkill?

 

There is a lot overlapping coverage, but I don't mind as long as there is no conflict, or performance hit. VS uses the appcert.dll method, and AG uses the KMD method so if malware gets by one then hopefully the other will catch it.

 

When doing a full computer backup to an external HD using Win 7 backup, is there a particular setting VS has to be on or can I keep it on Smart Mode?

 

C

Cool, thank you siketa, Baldrick and CET!

 

I agree, there is a lot of overlap, in a lot of these products. That is why we should take the best technologies / intellectual property / ideas from all of the "top" products and create one super product .

 

Smart mode is fine, just close all of your web apps for your first backup and you should be good to go after that! Thank you!

 

Voodoo Guard.

 

Someone was asking about exploit samples to test with VS... mannnnnn they are hard to find, but I found one. It was recommended in the following article, for the products that were not included in the recent PC Security Labs exploit test. And yeah, I would love to see how well VS does in this test, because according to the article... "A product earned full credit for protection if it completely prevented execution of the payload, or if it "shut down the backdoor connection" after the payload executed." If this is the case, I believe VS would do extremely well.

Keep in mind, the tests that I tried started calc.exe, so since VS allows it by default (auto allow specific critical Windows processes ), you will want to disable that option. If the exploit were to drop anything else, VS would block it, even with that option enabled. Also, I have started working on a registry monitoring and folder monitoring feature. Basically what it is going to do is when VS toggles from OFF to ON, it will kinda take a snapshot of the registry and folders to see if anything was added or dropped. So if VS is ON, anything that was not present when VS was OFF is blocked (and scanned if it is a file). We really do not need this extra layer of protection, but I think it is going to be really cool. There are A LOT of thing we can do with the toggling with the web apps. But as I was saying, my focus is not adding new features (for now) .

http://securitywatch.pcmag.com/secu...-your-security-software-block-exploit-attacks

http://malware.wicar.org/

Edit: For the record, VS blocked this exploit payload even with the new anti-exploit feature disabled.

Edit again: Believe it or not, VS 1.08 blocked it as well, yeah, I had to test it out of curiosity .

 

Hehehe, if we can ever get away from the Voodoo name, I think it would be best for everyone involved . Even my grandmother dislikes the name. But I think I already mentioned on here, she does not mind the Dirt Devil Vacuum that is in her closet . My vote is for Wilders Security .

 

Thanks for the quick response.... l last ran MemTest86 a couple years ago, and showed the sticks of RAM as being fine then. I can't fine the CD that I made to make the test, so I will just let it rest for the time being.

 

Naaah....we already talked about the name.....
I think Voodoo is already established in the security world.
Maybe in the future...who knows.....

 

Sure, no problem. BTW, I forgot to mention, if it is not a bad stick of RAM (which I really, really think it is), the only other thing that I found was some issues with AntiLog32.sys and dwall.sys. So if the memtest86 completes without errors, you might look into these as possibilities.

 

Yeah, we will keep the name for now. I was actually going to pull an April's fool joke and tell everyone that we are changing the name to something else, but I could not come up with a name that was believable and funny at the same time .

 

Thanks...I will just have to try and fine that CD to run the test....I don't want have to record another, since I don't have any blanks. I don't do any recording of material these days. Those two products you mentioned have been on my systems since before VS.

 

Royals Security

 

Quarantine does nada... 2.50

 

Hehehe, it is a false positive, it is an easy fix on our end, although we can not do anything about the false positive. Thank you!

 

https://www.wilderssecurity.com/attachments/2-jpg.247717/

I had the same problem a couple of times now. It seems to be caused by other installed security software's HIPS protection. Solution: Disable anyting that could interfere with the install before going ahead or else leave the installler running and manually delete the problem file before clicking "retry". It's not a problem with VS.

 

Text suggestion:
Replace "web browser or email" with "web apps".