VoodooShield/Cyberlock

But why do they have poor PUP detection?

Either way, it certainly does not invalidate my test... the whole point of the test is to throw a wide range of truly random samples at various security products to see what they would block and what they would allow.

I have not had to remove malware for quite some time now... but back in the day, if it were not for adwcleaner, I never would have been able to remove a lot of the PUP's.

To me, any unwanted software, or software that the user did not ask for, or was installed without their full knowledge... is malware, and it should be blocked.

 

And keep in mind... these security products generally do not refer to themselves as "antivirus" anymore, since there are sooooo many different types of malware now. They are usually now called "Security" products or whatever. Now, if I was testing a product that was called "ABC Antivirus", technically, it should not be detecting ANY of the other types of malware... only true computer viruses, which are few and far between. But since they are now "Security" products, they should alert me whenever a file that contains malicious code tries to run.

 

And actually if you google "Different types of malware", you will see that adware is considered malware.

https://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101

 

Cool, thank you... I am not sure what happened, but hopefully it will not happen again . If so, please let me know!

 

I would say it's because they are harmless, and at worst an annoyance. I have some software installed on my PC that is conisedered unwanted by some security software, but

I disagree with that. I believe that only malicious software should be classified as malware. I'm not referrng to software that gets installed with no option to opt out, but software that comes bundled with an installer, and there is the option to opt out of installing it. To make it clear, I do not like that any software at all comes budled with installers. But, if bundled software is safe, then I don't see any reaon to classify it as malware.

I see you gave the example of adware being classified as malware. However, I'm referring to PUPs and not adware. I don't have a problem with actual adware being classed as malware.

I'm fine with unwanted software being identified as just that - unwanted.

 

Hello, everybody. I'm trying new security software applications (my computer system is Windows 10 64-bit), and I have some questions about VS: first question is what are the differences between VS (VS=VoodooShield) paid and free what are the features and abilities that paid version has and free does not have?

Second: I have to admit since I'm on Windows 10 64-bit, I'm quite scared to use computer lock in VS, does VS learn all the processes and applications that I have on my computer (and yes my computer is 100% clean I'm talkng about 100% fresh installation from ground zero.
And when to use VS in Lockdown mode?

And does VS in Lockdown mode and as well as not in lockdown mode work and is VS compatible with Avast, Avira, MBAM, AppGuard, HMP, HMPAlert, MBAE, Kaspersky, Bitdefender, 360 total security and all other similar applications?
Big thanks in advance to all.

 

The issue is that a lot of computer users do not know how to opt out of the bundled software... they just know how to click the next button. And a lot of times, the devs use dirty tricks to make sure that the user cannot opt out. Yeah, either way I am not a fan of bundled software... even if it is benign, but that is at least better then bundling malicious software. And yeah, I would agree that if a bundled installer does not contain any malicious code, it should not be classified as malware... because it simply is not malware.

VS has been approached by the top 3 software bundler's, and we could have done quite well with them monetarily, and we probably could have made VS go "synthetically" viral, but to me it is not worth selling your soul for any amount of money. On one occasion, it was quite funny... we almost signed a deal with them, but only if none of the software was malicious. The sent me a sample bundle they prepared, and it had 20+ or so hits on VT. So when we talked again, I explained that this is the exact thing that we are fighting against. So then they sent me another sample... same result, so we ended up not doing a deal with them. Thankfully, bundled software seems to be going away, as far as I can tell, simply because most people have figured out that it is simply not worth upsetting end users and giving your company a bad name.

If you can identify some PUPs in the ZAM, I would be curious what you would consider to be a PUP... but only if you have the time.

Thank you for the intelligent, grown up conversation... it is nice to see that people can disagree, but still be civil and discuss their differences of opinion, and hopefully everyone involved will learn something from the discussion, and possibly have a slighly different view on the issue.

 

Nice to meet you CWS! Here is the VS user guide... it will really help explain most of what you are asking about:

http://www.voodooshield.com/Download/VoodooShieldUserGuide.pdf

The differences between the free and Pro version are here: https://voodooshield.com/#download

If you have any questions after checking out these resources, please let us know, there are a lot of people that would be happy to answer your questions.

Yeah, VS should work great with all of the software you listed. As far as I know, the only incompatibility is with CryptoPrevent... hopefully that will be fixed in their next release.

BTW, since you are a wilders member, email me at support@voodooshield.com and I will set you up with a free subscription to VS. I am going to bed soon, so I will do it in the morning if I miss it tonight. Thank you!

 

Yes, I will when I get a chance.

 

My hat is off to you, Sir.

 

Wow, thanks, but I will email at Friday morning (I can't find time before Friday, big thanks.

Just a quick question should I post email to you from here, from Wilders Security forums as CoolWebSearch in conversations section or from my own email?

My Windows 10 is pretty much always 100% clean, however I'm trying to find something that will protect from USB infections, and this is the real threat to me on my computer, sure 98% of the time malwares do get caught by AVs, but those 2% don't.
This is why I need something like VS.
Well, I will be far more secure with VS when I'm online that's another plus.

Just for the record, I'm not planning to install VS until final stable version of Windows 10 comes along, because, you see I'm a Windows 10 insider preview member, so I always report bugs either to software applications' developers or to Windows 10 developers.

Big thanks in advance.

 

Well, I just hope he will know that this is me CWS from Wilders Security forums, how would VS know that?

 

dan : when running Comodo Internet Security and VS together , I did experience various freezes in VS also huge spikes in cpu usage ( 100 mb plus ) , memory leakage or incompatibillity issues? reinstalled Norton Security again with the latest beta VS cpu is around 47.6 mb both idle and with chrome on. @Krusty13 did you try to disable the realtime protection of hitmanpro alert? maybe there are some freezing issues between vs and hmpa. for me ns and vs work fine , no freezes / glitches whatsoever

 

And what would be the point of leaving HMP.A installed?

Actually, when Firefox 46 came out I temporarily uninstalled Alert and VoodooShield still froze. Remember also that Dan has had VS freeze on his machine/s so it isn't what is or isn't running on my machine. If VS doesn't freeze on your machine that;'s great.

 

It comes down to what they classify as a PUP. Many antimalware products have come on in leaps and bounds in detecting such programs but some will cite legal arguments or financial incentives against doing so. It also depends what comes bundled with these utilities and often the programs get re-compiled with some of the extra stuff removed to try avoid being detected.

I remember a few years ago when I did more testing and reporting stuff than I do now that some AVs would detect files as clean whilst others marked them as a PUA/PUP. One example I can give is the RegTidy installer. Kaspersky didn't detect anything on scanning it. Webroot did though. KL re-analysed the file but came back with the note the file was clean and didn't contain malicious code. However by the very nature of RegTidy's actions and marketing tactics marked it down as a PUA and after further analysis by Joe at Webroot he agreed. Today 37 antimalware products (including Kaspersky!) detect it as an Induc variant or as rogue software.

In the early days even the AVs that did detect PUAs/PUPs were still playing catch-up. It's been similar with adware detection; at one time they weren't added as a detection and one had to use specialised software to remove them, an example being CounterSpy. Now most AVs have adware as a category in their definitions.

 

Very true Dan PUP's are such a pain for the non-security oriented users which is about 90% + of all users!

 

That is to easy let me suggest a more paranoid way of using public-private communication used by subversive people (not me )

Hash a pass phrase at http://www.sha1-online.com/ for instance the sentence "I am Windows_Security from Wilders Security forum" (results in SHA1 hash fe7cf9224243660215246f30cf0ad8020f09f9e0). Now encrypt the text you are sending to Dan at Voodoo support with https://encipher.it/ using the hash as password.

Send Dan the hash via PM on this forum and send him the encrypted mail. Only with your SHA1 hash as password Dan can decrypt it at https://encipher.it

EnCt2c3d975d199d3860c3186175abdc8bc193f46f3f8c3d975d199d3860c3186175ag4c4EpYr6gH
vwOJyalc0gVNNga4GSOu0EAv2myeTJ3egqX+WH9eiS4SwIwEmS

 

LOL

 

Regarding PUP's a few things come to mind. These are my thoughts only, and not backed up with any factual info.
1) Many PC vendors ship with crapware such as software trials and useless browser extensions, which outside of a clean windows install would be regarded as PUP's
2) Many PC vendors will ship with an extended trial of a well known internet security or antivirus program such as Norton.
3) Both the crapware vendors and the AV vendors may possibly pay the notebook vendor to preload their software on new systems. This allows the PC manufacturer to reduce their costs and also benefit the crapware and AV vendors who will have a certain percentage of users upgrade to full versions of their software at full retail prices.
4) This presents a problem for AV vendors. If they detect and remove PUPs it can break legitimate software and possibly cause legal issues with bundled crapware (which came preloaded on the same system)

The other thing to look at is that the more PUP crap that is on your system, the greater the attack surface for exploits and the like

 

Well done for resisting the temptation to giving in to the bundlers.

Here is an interesting article from the Emsisoft blog last year concerning their research on PUP practices amongst the freeware antivirus vendors, the results of which are quite disturbing:

http://blog.emsisoft.com/2015/01/17/has-the-antivirus-industry-gone-mad/

 

Cool, thank you! BTW, I just want to clarify that I am not suggesting that a lot of conversations on wilders are not civil, I think most are... but it is just

Thank you Krusty! Have you had any freezes yet?

 

Cool, sounds great, thank you. You can either pm or email me, but I just need to know what email address you would like your account to be registered to.

 

I see, what you said makes a lot of sense, I never thought of it that way, and I can see how these issues could be a real problem. Thank you!

 

Man, that is a great article, thank you for posting it! I agree, the results are very disturbing.

 

Thank you for the help SHvFl!