Out of its blacklisting part, it is just a classical HIPS (and, as we can see from NicM's review, not really good one).
CH can't be a real replacement for AV any kind as both are using blacklisting-based technologies.
What question?
There are ring3 and ring0 unhoking methods. Ring0 is requires driver loaded, ring3 is using some advanced techniques (like PhysicalMemory object...
Wrong. There are some ring3-based methods to unhook SSDT.
Can I vote for my favorite one? :)
It is normal situation for any new market that doesn't have "good practice" still.
It can be less hands-on. The only problem is that it requires white-list online database with clean modules in it. Not sure if I can do this alone...
Then nothing will happens. Know why? Because nobody will understand that it need them. Only when big companies start moving towards...
Just look at ComputerShopper test structure- the highest scores at e-mail malware and really poor at web-based. Why? Because of structure of...
It means- anti-virus flags file that it is packed, but packer is unknown. More data on AV's efficiency (from ComputerShopper magazine)...
Do you have any real statistics on it?...
Oops, I didn't know about it as I'm logged in. This is data from www.virusinfo.info forum, semi-automatical (HJT, AVZ) ITW malware removal center...
I wouldn't recommend Avast!- it is not really the best free AV. This is the result from russian segment of Internet based on real ITW malware...
Well, for some persons it is con, for others- pro. So, it mostly depends on auditory developer aim for. As for software products- you can always...
PayPal can hide your banking details online.
Lets wait for NicM's results on DefenseWall in those tests :)
Thanks, guys, for your kind words and wishes. Only God and I am knows how I want to sleep right now... Chachazz, thanks a lot for it! Your job...
Social engineering acts other way- "Hey, dude! It's a really cool staff, but your HIPS (anti-virus, anti-spyware,...) may flags it as malware and...
Hi! 1. There should be no compatibility problems with this security setup. 2. Well, it depends.
I wouldn't recommend SnoopFree- it may give you BSOD with other security-related software and it is unsupported by its author.
Well, first of all, I'd like to say that "classical HIPS" niche will be always alive, but not really great. That is the reason, I suspect, PG died...
DefenseWall v2.0 RC2 (last one before release) is out. 100% defense against prueba-based injection technique.
It is using interesting provileges escalation technique.
Yes, this piece of code is using very interesting technique I didn't know. DefenseWall is already hardened against it. Will be published with v2.0...
Separate names with a comma.
