Battle Which offers better protection HitmanPro Alert or Voodoshield Pro ?

Dave Russo

Level 21
Thread author
Verified
Top Poster
Well-known
May 26, 2014
1,041
Hi Folks, hoping to get some Insight on which I should use with my Avs?I have Symantec Endpoint (not managed)with HitmanproAlert ,ESET(with Voodoshield and Norton360 by itself, these days on 3 different computers
 

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
You can use them since people here in MT like to try different combinations of security programs.

But my question is. Eset well configured need to use another program?

Does Symantec Endpoint if it is configured well enough need to use another program?


HitmanproAlert is an Anti-Exploit, it could be valid
Although sometimes it gives problems on certain PCs
Voodoshield, is made to be next to an AV
"Supposedly"
But if your Antivirus is well configured, I think it is enough and you don't need anything else.
Although the other programs can be used.
 
Last edited:

plat

Level 29
Top Poster
Sep 13, 2018
1,793
Does anyone feel totally comfortable running a free, stripped-down antivirus and that's it? I would answer the original question of what offers better protection in the context of: what else are you running on your system? Or considering to run.

Actually, I find Alert to be somewhat over the top if running a fully updated Windows 10 and modern, updated and secured browser. I, personally however, have run it solo, along with hardening of OS and Firewall, script blocker and policy edits. I actually can't stand antivirus software. If Defender was even modestly impacting machine performance, I would shut it off without replacing it w/third party. But on Windows 10 w/Exploit Guards enabled and several other security measures, nah.

I also used VoodooShield with Defender and also Emsisoft in the past-- a very nice companion to both. I have not tried this recently, however. It's interesting to try with any free antivirus version, maybe. (y) One can demo both.
 

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
Does anyone feel totally comfortable running a free, stripped-down antivirus and that's it? I would answer the original question of what offers better protection in the context of: what else are you running on your system? Or considering to run.

Actually, I find Alert to be somewhat over the top if running a fully updated Windows 10 and modern, updated and secured browser. I, personally however, have run it solo, along with hardening of OS and Firewall, script blocker and policy edits. I actually can't stand antivirus software. If Defender was even modestly impacting machine performance, I would shut it off without replacing it w/third party. But on Windows 10 w/Exploit Guards enabled and several other security measures, nah.

I also used VoodooShield with Defender and also Emsisoft in the past-- a very nice companion to both. I have not tried this recently, however. It's interesting to try with any free antivirus version, maybe. (y) One can demo both.
@plat1098, first I hope you are staying safe in NY. Stay strong, we will get through this.

This is my take... most of the highly effective products are going to have unwanted prompts, false positives, and worse yet, automatic quarantining of legit files... there is simply no way around it. If a product has zero prompts, there will be bypasses. Basically, silence is deadly. No pun intended.

And I believe if you are going to have prompts anyway, you might as well "finish the job" and just lock things down and be done with it. Obviously this does not apply to every computer... just the ones where the user is browsing the web and checking email.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I am a former beta tester for HitmanPro.Alert. Believe me, it is not good for over-all protection! It protects from certain rare exploits that probably won't happen to you, and even if they do, Voodooshield will protect you anyways. Even the free version of Voodooshield beats HitmanPro.Alert, hands down.

ESET at default settings is a good combo with Voodooshield. I run that setup on one computer.
Please ignore the people who tell you to tweak ESET, unless you are an expert. It will only cause you frustration unless you really understand what you are doing.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Everybody here knows that any default deny is completely unnecessary. Default allow is better. It has been proven over and over that default allow is what the masses want and pay for.
Give the masses what they want. lol. Power users do not allow themselves to be dictated by the ignorance and laziness of those who are one step behind.
 

Thales

Level 15
Verified
Top Poster
Well-known
Nov 26, 2017
708
I am a former beta tester for HitmanPro.Alert. Believe me, it is not good for over-all protection! It protects from certain rare exploits that probably won't happen to you, and even if they do, Voodooshield will protect you anyways. Even the free version of Voodooshield beats HitmanPro.Alert, hands down.

ESET at default settings is a good combo with Voodooshield. I run that setup on one computer.
Please ignore the people who tell you to tweak ESET, unless you are an expert. It will only cause you frustration unless you really understand what you are doing.

I use HMPA + OSArmor together. That's all no any AV.
Do you recommend me to use AV beside HMPA?
 

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
I am a former beta tester for HitmanPro.Alert. Believe me, it is not good for over-all protection! It protects from certain rare exploits that probably won't happen to you, and even if they do, Voodooshield will protect you anyways. Even the free version of Voodooshield beats HitmanPro.Alert, hands down.

ESET at default settings is a good combo with Voodooshield. I run that setup on one computer.
Please ignore the people who tell you to tweak ESET, unless you are an expert. It will only cause you frustration unless you really understand what you are doing.
HIPS are generally design for those that are willing to put the time to make it work.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I use HMPA + OSArmor together. That's all no any AV.
Do you recommend me to use AV beside HMPA?
Yes, I recommend using a light AV alongside. It's true that HMPA has a real-time scanner but it is not a replacement for a standard AV, rather it is a supplement to it. Either that, or switch to Sophos, which is an AV with HMPA technology built in to it.
 

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
841
I've never seen HitmanPro.Alert block anything except legitimate programs. How good is the cryptoguard module and if it works is anyone's guess because I never see tests for it anywhere. The antimalware scanner is broken most of the time and doesn't work. And it only covers applications not system files. I'm more concerned about supply chain and LOLbins these days than anything else which it does not cover. I think it was cool when it first started because it was consumer focused but ever since Sophos bought it now it's just SMB only it seems.
 

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
I've never seen HitmanPro.Alert block anything except legitimate programs. How good is the cryptoguard module and if it works is anyone's guess because I never see tests for it anywhere. The antimalware scanner is broken most of the time and doesn't work. And it only covers applications not system files. I'm more concerned about supply chain and LOLbins these days than anything else which it does not cover. I think it was cool when it first started because it was consumer focused but ever since Sophos bought it now it's just SMB only it seems.
There are a few video reviews of HMPA against ransomware on YT. So I am leaving them aside:
  1. Video - Hitman Pro.Alert - ransomware test | 12/01/2017 by @Evjl's Rain (RW)
  2. https://malwaretips.com/threads/sophos-home-premium-beta-report-may-2017.72178/ (RW and others)
  3. MRG Effitas:In-the-wild Ransomware Protection Comparative Analysis 2016 Q3 (RW)
  4. https://www.mrg-effitas.com/wp-cont...ffitas_Real_world_exploit_prevention_test.pdf (exploits)
I had also seen quite a few behavioral FPs during my 1-year beta trial.
Note that the above tests are from 2015-17 and 3 years (2017-2020) is a good time for changes in product capabilities (+/-) as you would guess.
In the 2nd link, I had tested Sophos Home Premium just at the time when HMPA capabilities (including Cryptoguard) were included in Sophos Home paid. Take results with a grain of salt. You should be able to see special RW samples shared in some tests and bonus dynamic tests were done for them to see the contemporary strength of Cryptoguard, by disabling real-time sigs of Sophos.
Fewer new 3rd party tests are available and these include mostly Sophos suites/EDRs including Intercept X.

HMPA have been improving their LOLBin abuse protection, though the efficacy is less known:
(2019-04-24) Classified more trusted binaries as LOLbin (Living-of-the-Land binary), which means attackers cannot abuse them in attacks via Browsers and productivity applications.
(2018-12-15) Added New LoLBin to Application Lockdown.
(2018-07-11) Added wmic.exe to Application Lockdown to block abuse in a SquiblyTwo attack; like PowerShell, MSHTA, regsvr32.exe, wmic.exe is a LOLbin – a Living of the Land binary, that can be abused by attackers.
 
Last edited:

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
Hi Folks, hoping to get some Insight on which I should use with my Avs?I have Symantec Endpoint (not managed)with HitmanproAlert ,ESET(with Voodoshield and Norton360 by itself, these days on 3 different computers
Hitman pro Alert is just a mess .
It's basically like a cut down beta product of intercept x without many things including the most important the AI.
Never had a stable System with Hitman Pro Alert most likely you will
Just surpass alerts because of false positives Wich may be at the time an exploit hits.
For me it's just snake oil because of the high false positives.

On the other hand Voodoo shield is one of the strongest consumer grade products.
But it's not an anti exploit even though it blocks the payload.

I use HMPA + OSArmor together. That's all no any AV.
Do you recommend me to use AV beside HMPA?
Sounds like a daily alert mess 😂.
But HMPA is already a kind of a cloud av
Although with very low detection rate.
 

dinosaur07

Level 12
Verified
Top Poster
Well-known
Aug 5, 2012
572
It is difficult to compare VS and HitmanPro Alert, it is like you compare apples with pears, yeah they're both fruits but both have different flavours.
Hitman Pro Alert is seen as an advanced antiexploit while VS is rather seen as an anti-exe. So, the answer to OP's question is: depends on the user and its skills and habits.
 

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
I've never seen HitmanPro.Alert block anything except legitimate programs. How good is the cryptoguard module and if it works is anyone's guess because I never see tests for it anywhere. The antimalware scanner is broken most of the time and doesn't work. And it only covers applications not system files. I'm more concerned about supply chain and LOLbins these days than anything else which it does not cover. I think it was cool when it first started because it was consumer focused but ever since Sophos bought it now it's just SMB only it seems.
Crypto guard 5.0 is still very weak.
Only intercept x has the capability to out run Ransomware.
Just as any Enterprise vs consumer grade product.
Usually the consumer is a guinea pig XD.
 
  • Like
Reactions: Dave Russo

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top