Battle VoodooShield or SecureAPlus?

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
VS is known to block things that it is not supposed to, even if they are whitelisted.
SAP has a problem with their servers being down sometimes.
Those are the biggest problems that stand out in my mind. Neither of them are real deal-breakers.
Question is: which one is more effective at protecting from malware?
 

Janl1992l

Level 14
Verified
Well-known
Feb 14, 2016
648
Both are almost the same when it comes to protection. both have a whitelist and u can change both products that they will block any new executable. i myself use secureaplus and i am happy with it alongside zemana antimalware. used voodoshield in the past but i simply find secureaplus user friendly and abit lighter on my end. voodooshield have some bugs, blocking sometimes windows processes etc. the only downside form secureaplus is the first whitelistscan that is realy, realy slow
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
voodooshield seems to be more effective at least for me as secureA+ at lockdown mode doesn't block many things as its name suggests in my system
However, VS is unstable even with version 3.08, 3.28 and 3.30. They both freeze after my laptop waking up from standby so I have to manually close them by task manager. This is very annoying and sometimes I just end the task without turning it back on to avoid doing the same thing again. I want something set-and-forget
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
voodooshield seems to be more effective at least for me as secureA+ at lockdown mode doesn't block many things as its name suggests in my system
However, VS is unstable even with version 3.08, 3.28 and 3.30. They both freeze after my laptop waking up from standby so I have to manually close them by task manager. This is very annoying and sometimes I just end the task without turning it back on to avoid doing the same thing again. I want something set-and-forget
what kind of things does SAP not block?
I did a little test by downloading different kinds of files.
I found that it blocked .exe, and .bat, but not .reg.
I couldn't understand why.
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
what kind of things does SAP not block?
I did a little test by downloading different kinds of files.
I found that it blocked .exe, and .bat, but not .reg.
I couldn't understand why.
I just did a simple test by installing something. VS required so many clicks while SAP required 1-2 clicks
this might be bypassed somehow I don't know
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I just did a simple test by installing something. VS required so many clicks while SAP required 1-2 clicks
this might be bypassed somehow I don't know
SAP gives you an installer option right there on the pop-up. If you click that, you won't get any more notifications, because you just gave it the right to install whatever it wants. It's a big convenience, but...
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
SAP gives you an installer option right there on the pop-up. If you click that, you won't get any more notifications, because you just gave it the right to install whatever it wants. It's a big convenience, but...
I understand what you mean, I know about install mode but this is a simple test I made to test if which program could show more popups or more annoying but more secure. It means VS can detect more exploits and find something SAP can't ;)

not sure if SAP has changed anything since the last time I tried it but in terms of malware detection rate, it is extremely good
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I installed VoodooShield yesterday on my computer. It's really nice, easy to handle and clear.
SecureAPlus vs VoodooShield? 12 Cloud-Engines vs. 50+ Cloud-Engines - so I vote for VoodooShield.
the difference between 10 cloud engines and 100 cloud engines is going to be minimal, especially as SAP also gives you one-click access to Virus Total.
The real questions are:
1 how effective is the anti-exe function -- does it really block execution, and with what file types?
2 how easy is it to bypass?
3 how well does it protect vulnerable processes?
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
lol @shmu26 you are way too used to ERP.

ERP is outdated and not developed anymore, and the way it handles vulnerable processes is bugged.
@Umbra , how important is this whole "vulnerable processes" business? Is it just an old-fashioned idea from ERP, or is it something important in "today's world"?
 

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
@Umbra , how important is this whole "vulnerable processes" business? Is it just an old-fashioned idea from ERP, or is it something important in "today's world"?
The first time you are truly infected with todays threats you will never ask that question again lol :p
protecting vulnerable processes should be one of the first concerns when protecting a system.
It reduces your attack vector and defends more than a few windows processes that MS does not secure very well.
 
D

Deleted member 178

It is an ERP thingy, we talk about them because ERP allows a lot of customized settings and tweaks, and those Vulnerable Processes are among them.
All decent Anti-exe/HIPS are supposed to protect them; some are hard-coded so you don't have access to them (i.e: Appguard); others like ERP shows them and allows you to play with them.

ERP is very good not only because it delivers strong protection (except against dlls, it doesnt handle them , it is why SOB is developed instaed) but because old users like @hjlbx and me like its the wide range of tweakings and customizations.
 
D

Deleted member 2913

@Umbra , how important is this whole "vulnerable processes" business? Is it just an old-fashioned idea from ERP, or is it something important in "today's world"?
Vulnerable processes monitoring is too much for my family i.e average users so I use to disable monitoring of vulnerable processses in previous version of VS But current version of VS doesn't have vulnerable processes option & is hard coded by default. As per Devs option will return with improvements/enhancements. So for the time being I have uninstalled VS.

I want to ask something, hope its not stupid.
Can malware directly use vulnerable processes or malware needs payload to access/run vulnerable processes?

I disabled vulnerable processes monitoring in VoodooShield for 2 reason, 1. it was too much for my family And 2. I thought malware will need payload to access/run vulnerable processes And VS will block/alert for the payload.
 
H

hjlbx

@Umbra , how important is this whole "vulnerable processes" business? Is it just an old-fashioned idea from ERP, or is it something important in "today's world"?

It's a simple concept that has been true from ages past - and even more pertinent today. Disable processes that you do not need; a lot of the stuff shipped with Windows is what malware abuses to infect, persist and perform malicious actions on your system.

Which product you use to achieve this is irrelevant... VS, NVT ERP, Smart Object Blocker, Bouncer, AppGuard, Faronics, AppLocker, etc, etc.

The important thing is that you do it for it massively reduces the damage caused by either an exploit or a standard infector.

Would you walk around with 50 kilos of dynamite on your back every day ? No... you most certainly wouldn't. You would ditch that dyno-pack and secure it properly - and go back only when sticks are needed.

Same concept with vulnerable processes...
 
H

hjlbx

Vulnerable processes monitoring is too much for my family i.e average users so I use to disable monitoring of vulnerable processses in previous version of VS But current version of VS doesn't have vulnerable processes option & is hard coded by default. As per Devs option will return with improvements/enhancements. So for the time being I have uninstalled VS.

I want to ask something, hope its not stupid.
Can malware directly use vulnerable processes or malware needs payload to access/run vulnerable processes?

I disabled vulnerable processes monitoring in VoodooShield for 2 reason, 1. it was too much for my family And 2. I thought malware will need payload to access/run vulnerable processes And VS will block/alert for the payload.

You don't have to monitor vulnerable processes and get alerts. In 99.9999 % of cases, vulnerable processes are never needed and should be either:

1. completely uninstalled from Windows (which I don't even bother doing just in case I need one or two); or
2. blocked from execution
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Vulnerable processes monitoring is too much for my family i.e average users
so why not install SecureAPlus for family users? It has an innovative way of handling vulnerable processes that monitors them but also keeps them out of your face. At default settings, it will basically let you live your life, only giving a pop-up when you really need it, because you are trying to install a program without a digital signature or something like that.

The initial scan is very long, and will produce FPs, but that is your job to deal with. After everything is up and running, you turn it over to your family member.

Pros like Umbra and hjlbx will probably turn up their noses at SAP, but your family will like it!
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
All decent Anti-exe/HIPS are supposed to protect them
What about something like Kaspersky's Trusted Applications Mode?
It can be configured to work like an anti-exe. But what about vulnerable processes?
I mean, can you get vulnerable processes protection in an AV, or do you need some kind of an exotic security soft?
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top