Battle Which offers better protection HitmanPro Alert or Voodoshield Pro ?

bribon77

Level 34
Verified
Jul 6, 2017
2,384
You can use them since people here in MT like to try different combinations of security programs.

But my question is. Eset well configured need to use another program?

Does Symantec Endpoint if it is configured well enough need to use another program?


HitmanproAlert is an Anti-Exploit, it could be valid
Although sometimes it gives problems on certain PCs
Voodoshield, is made to be next to an AV
"Supposedly"
But if your Antivirus is well configured, I think it is enough and you don't need anything else.
Although the other programs can be used.
 
Last edited:

plat1098

Level 23
Verified
Sep 13, 2018
1,233
Does anyone feel totally comfortable running a free, stripped-down antivirus and that's it? I would answer the original question of what offers better protection in the context of: what else are you running on your system? Or considering to run.

Actually, I find Alert to be somewhat over the top if running a fully updated Windows 10 and modern, updated and secured browser. I, personally however, have run it solo, along with hardening of OS and Firewall, script blocker and policy edits. I actually can't stand antivirus software. If Defender was even modestly impacting machine performance, I would shut it off without replacing it w/third party. But on Windows 10 w/Exploit Guards enabled and several other security measures, nah.

I also used VoodooShield with Defender and also Emsisoft in the past-- a very nice companion to both. I have not tried this recently, however. It's interesting to try with any free antivirus version, maybe. (y) One can demo both.
 

danb

From VoodooShield
Verified
Developer
May 31, 2017
848
Does anyone feel totally comfortable running a free, stripped-down antivirus and that's it? I would answer the original question of what offers better protection in the context of: what else are you running on your system? Or considering to run.

Actually, I find Alert to be somewhat over the top if running a fully updated Windows 10 and modern, updated and secured browser. I, personally however, have run it solo, along with hardening of OS and Firewall, script blocker and policy edits. I actually can't stand antivirus software. If Defender was even modestly impacting machine performance, I would shut it off without replacing it w/third party. But on Windows 10 w/Exploit Guards enabled and several other security measures, nah.

I also used VoodooShield with Defender and also Emsisoft in the past-- a very nice companion to both. I have not tried this recently, however. It's interesting to try with any free antivirus version, maybe. (y) One can demo both.
@plat1098, first I hope you are staying safe in NY. Stay strong, we will get through this.

This is my take... most of the highly effective products are going to have unwanted prompts, false positives, and worse yet, automatic quarantining of legit files... there is simply no way around it. If a product has zero prompts, there will be bypasses. Basically, silence is deadly. No pun intended.

And I believe if you are going to have prompts anyway, you might as well "finish the job" and just lock things down and be done with it. Obviously this does not apply to every computer... just the ones where the user is browsing the web and checking email.
 

shmu26

Level 85
Verified
Trusted
Content Creator
Jul 3, 2015
8,002
I am a former beta tester for HitmanPro.Alert. Believe me, it is not good for over-all protection! It protects from certain rare exploits that probably won't happen to you, and even if they do, Voodooshield will protect you anyways. Even the free version of Voodooshield beats HitmanPro.Alert, hands down.

ESET at default settings is a good combo with Voodooshield. I run that setup on one computer.
Please ignore the people who tell you to tweak ESET, unless you are an expert. It will only cause you frustration unless you really understand what you are doing.
 

shmu26

Level 85
Verified
Trusted
Content Creator
Jul 3, 2015
8,002
Everybody here knows that any default deny is completely unnecessary. Default allow is better. It has been proven over and over that default allow is what the masses want and pay for.
Give the masses what they want. lol. Power users do not allow themselves to be dictated by the ignorance and laziness of those who are one step behind.
 

Thales

Level 11
Nov 26, 2017
537
I am a former beta tester for HitmanPro.Alert. Believe me, it is not good for over-all protection! It protects from certain rare exploits that probably won't happen to you, and even if they do, Voodooshield will protect you anyways. Even the free version of Voodooshield beats HitmanPro.Alert, hands down.

ESET at default settings is a good combo with Voodooshield. I run that setup on one computer.
Please ignore the people who tell you to tweak ESET, unless you are an expert. It will only cause you frustration unless you really understand what you are doing.

I use HMPA + OSArmor together. That's all no any AV.
Do you recommend me to use AV beside HMPA?
 

Azure

Level 26
Verified
Content Creator
Oct 23, 2014
1,539
I am a former beta tester for HitmanPro.Alert. Believe me, it is not good for over-all protection! It protects from certain rare exploits that probably won't happen to you, and even if they do, Voodooshield will protect you anyways. Even the free version of Voodooshield beats HitmanPro.Alert, hands down.

ESET at default settings is a good combo with Voodooshield. I run that setup on one computer.
Please ignore the people who tell you to tweak ESET, unless you are an expert. It will only cause you frustration unless you really understand what you are doing.
HIPS are generally design for those that are willing to put the time to make it work.
 

shmu26

Level 85
Verified
Trusted
Content Creator
Jul 3, 2015
8,002
I use HMPA + OSArmor together. That's all no any AV.
Do you recommend me to use AV beside HMPA?
Yes, I recommend using a light AV alongside. It's true that HMPA has a real-time scanner but it is not a replacement for a standard AV, rather it is a supplement to it. Either that, or switch to Sophos, which is an AV with HMPA technology built in to it.
 

Zero Knowledge

Level 7
Dec 2, 2016
322
I've never seen HitmanPro.Alert block anything except legitimate programs. How good is the cryptoguard module and if it works is anyone's guess because I never see tests for it anywhere. The antimalware scanner is broken most of the time and doesn't work. And it only covers applications not system files. I'm more concerned about supply chain and LOLbins these days than anything else which it does not cover. I think it was cool when it first started because it was consumer focused but ever since Sophos bought it now it's just SMB only it seems.
 

Parsh

Level 25
Verified
Trusted
Malware Hunter
Dec 27, 2016
1,483
I've never seen HitmanPro.Alert block anything except legitimate programs. How good is the cryptoguard module and if it works is anyone's guess because I never see tests for it anywhere. The antimalware scanner is broken most of the time and doesn't work. And it only covers applications not system files. I'm more concerned about supply chain and LOLbins these days than anything else which it does not cover. I think it was cool when it first started because it was consumer focused but ever since Sophos bought it now it's just SMB only it seems.
There are a few video reviews of HMPA against ransomware on YT. So I am leaving them aside:
  1. Video - Hitman Pro.Alert - ransomware test | 12/01/2017 by @Evjl's Rain (RW)
  2. https://malwaretips.com/threads/sophos-home-premium-beta-report-may-2017.72178/ (RW and others)
  3. MRG Effitas:In-the-wild Ransomware Protection Comparative Analysis 2016 Q3 (RW)
  4. https://www.mrg-effitas.com/wp-cont...ffitas_Real_world_exploit_prevention_test.pdf (exploits)
I had also seen quite a few behavioral FPs during my 1-year beta trial.
Note that the above tests are from 2015-17 and 3 years (2017-2020) is a good time for changes in product capabilities (+/-) as you would guess.
In the 2nd link, I had tested Sophos Home Premium just at the time when HMPA capabilities (including Cryptoguard) were included in Sophos Home paid. Take results with a grain of salt. You should be able to see special RW samples shared in some tests and bonus dynamic tests were done for them to see the contemporary strength of Cryptoguard, by disabling real-time sigs of Sophos.
Fewer new 3rd party tests are available and these include mostly Sophos suites/EDRs including Intercept X.

HMPA have been improving their LOLBin abuse protection, though the efficacy is less known:
(2019-04-24) Classified more trusted binaries as LOLbin (Living-of-the-Land binary), which means attackers cannot abuse them in attacks via Browsers and productivity applications.
(2018-12-15) Added New LoLBin to Application Lockdown.
(2018-07-11) Added wmic.exe to Application Lockdown to block abuse in a SquiblyTwo attack; like PowerShell, MSHTA, regsvr32.exe, wmic.exe is a LOLbin – a Living of the Land binary, that can be abused by attackers.
 
Last edited:

Vitali Ortzi

Level 21
Verified
Dec 12, 2016
998
Hi Folks, hoping to get some Insight on which I should use with my Avs?I have Symantec Endpoint (not managed)with HitmanproAlert ,ESET(with Voodoshield and Norton360 by itself, these days on 3 different computers
Hitman pro Alert is just a mess .
It's basically like a cut down beta product of intercept x without many things including the most important the AI.
Never had a stable System with Hitman Pro Alert most likely you will
Just surpass alerts because of false positives Wich may be at the time an exploit hits.
For me it's just snake oil because of the high false positives.

On the other hand Voodoo shield is one of the strongest consumer grade products.
But it's not an anti exploit even though it blocks the payload.

I use HMPA + OSArmor together. That's all no any AV.
Do you recommend me to use AV beside HMPA?
Sounds like a daily alert mess 😂.
But HMPA is already a kind of a cloud av
Although with very low detection rate.
 

dinosaur07

Level 10
Verified
Aug 5, 2012
458
It is difficult to compare VS and HitmanPro Alert, it is like you compare apples with pears, yeah they're both fruits but both have different flavours.
Hitman Pro Alert is seen as an advanced antiexploit while VS is rather seen as an anti-exe. So, the answer to OP's question is: depends on the user and its skills and habits.
 

Vitali Ortzi

Level 21
Verified
Dec 12, 2016
998
I've never seen HitmanPro.Alert block anything except legitimate programs. How good is the cryptoguard module and if it works is anyone's guess because I never see tests for it anywhere. The antimalware scanner is broken most of the time and doesn't work. And it only covers applications not system files. I'm more concerned about supply chain and LOLbins these days than anything else which it does not cover. I think it was cool when it first started because it was consumer focused but ever since Sophos bought it now it's just SMB only it seems.
Crypto guard 5.0 is still very weak.
Only intercept x has the capability to out run Ransomware.
Just as any Enterprise vs consumer grade product.
Usually the consumer is a guinea pig XD.
 
Top