Battle Best Anti-Executable

King Alpha

Level 25
Thread author
Verified
Top Poster
Content Creator
Well-known
Jun 21, 2013
1,492
What's the best anti-executable among these four?

> NoVirusThanks EXE Radar Pro
> VoodooShield
> AppGuard
> Faronics Anti-Executable
 
  • Like
Reactions: Logethica

jim lin

Level 8
Aug 6, 2012
505
thanks littlebits

i thought it was something like that i just know that Webroot and Privacyware had something together
back when i was bata testing Spysweeper back in 2006 or 2007 or so and i loved DSA back then

sorry to highjack this thread carry on lol

James
 

MalwareVirus

Level 1
Oct 6, 2012
770
@King Mellow
"Wow, thanks a lot bro! Appreciated.. BTW, is it still effective as the newest version 2.7.3.0?"
You are welcome,new version is 2.7.7.0
I think 2.7.0.0 is enough,but you can see the changelog here
http://www.softpedia.com/progChangelog/NoVirusThanks-EXE-Radar-Pro-Changelog-198822.html
 

VoodooShield

Level 1
Verified
Jul 2, 2013
37
Littlebits said:
None of them, anti-executable stand-alone doesn't cover other ways you PC can get infected. How about malicious codes within safe executable files?

Safe executable files with malicious code is an oxymoron. Either a file is safe, or it is not, there are no exceptions. It is black or white.

And yes, VS is not going anywhere, we are here to stay.

Thank you!
 

Littlebits

Retired Staff
May 3, 2011
3,893
VoodooShield said:
Littlebits said:
None of them, anti-executable stand-alone doesn't cover other ways you PC can get infected. How about malicious codes within safe executable files?

Safe executable files with malicious code is an oxymoron. Either a file is safe, or it is not, there are no exceptions. It is black or white.

And yes, VS is not going anywhere, we are here to stay.

Thank you!

Have you forgot about online web installers??
Some will have a mix of legitimate software with adware, rogueware or even malicious codes. Once the exe is allowed it is too late to stop the processes. Some don't have opt-outs, once the exe starts it is too late.

That is just one example, there are many executable files that are gray.

How about packers, droppers, self-extracting Win32 and DOS executable files?

Thanks. :D
 
  • Like
Reactions: Ali80

VoodooShield

Level 1
Verified
Jul 2, 2013
37
Littlebits said:
VoodooShield said:
Littlebits said:
None of them, anti-executable stand-alone doesn't cover other ways you PC can get infected. How about malicious codes within safe executable files?

Safe executable files with malicious code is an oxymoron. Either a file is safe, or it is not, there are no exceptions. It is black or white.

And yes, VS is not going anywhere, we are here to stay.

Thank you!

Have you forgot about online web installers??
Some will have a mix of legitimate software with adware, rogueware or even malicious codes. Once the exe is allowed it is too late to stop the processes. Some don't have opt-outs, once the exe starts it is too late.

That is just one example, there are many executable files that are gray.

How about packers, droppers, self-extracting Win32 and DOS executable files?

Thanks. :D

Scan these threats with VirusTotal like VS does and you will see, they almost always come up positive. I agree, there is a lot of bad stuff out there that are not like the traditional viruses that I dealt with 15 years ago, and a lot of them are almost as bad as a purely malicious threat. VS 2.0 will be released in a month or so and has been approved to include a feature where any blocked file that is not on VS's tiny, customized whitelist is AUTOMATICALLY scanned by VirusTotal... pretty cool, huh? In VS 1.27, the user had to click the Scan with VirusTotal button to initiate the scan.

My point is... if a file contains malicious code, it is malicious. Period. And as I was saying, there are a lot of these now. I believe if our approach is adopted in the mainstream, developers who create this kind of malware might consider otherwise.

Besides, if the threat is not blacklisted, then traditional antivirus will not detect it anyway, right?

At some point you will realize that AE is the only hope... it is proactive as opposed to reactive. It all comes down to this... new, non-whitelisted executable code should never be allowed to run while the computer is at risk.
 
  • Like
Reactions: Moose

VoodooShield

Level 1
Verified
Jul 2, 2013
37
A better way to explain my point... We believe that every computer / antivirus should have an initial layer of security that only allows items on a tiny, customized whitelist. The whitelist contains around 75-200 items total, and is automatically built when the user is not at risk. Anything not on this whitelist is blocked in a passive, deny-by-default method, and if the user chooses to run the item, THEN it is analyzed by traditional blacklist AV. We believe that there is no point in prompting the user or allowing the file UNLESS the user actually wants to run it. I mean, why take a chance if the user is not going to run it anyway? You would agree that this is the probably the most user friendly and secure way of handling unknown files, right?
 

nastavnikhe

Level 10
Verified
Content Creator
Dec 16, 2012
481
hello

I give you my opinion; if you have a good firewall and antivirus program i don't see any interest adding those anti executable; if i am not wrong they are all paid programs; paying for paying i prefer an antivirus powerfull and complete
just my opinion; so my answer is non of these^^

VoodooShield is free for non-commercial user
 
  • Like
Reactions: Moose

ifacedown

Level 19
Verified
Jan 31, 2014
903
Actually VodooShield offers very good protection, and uses Windows' own native way of protecting the user. And, among all of the choices, the only one to provide a free version.

About "Kernel-level Protection":

The method we use is the exact CPN method that Microsoft uses to restrict
applications in, for example, remote desktop. So it is an extremely robust
method. We are also going to be offering a kernel mode driver version very
soon. But we are using the CPN version for now, to avoid users getting blue
screens of death, until we are 100% sure that our code is just right. The
CPN method, in theory, should not produce blue screens should something go
wrong. And honestly, nothing is going to get through it anyway... VS is not
the only security software that uses that method ;).
 

scot

Level 9
Verified
Dec 5, 2014
405
I mean it is a bit complex and normaly difficult for anyone unless he is an expert like some members in MT to use CIS to its full potential.
I don't need any help right now and if i need any help in future i will ask without any hesitation. Thank you.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top