VoodooShield ?

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,977
    I am not smart enough, to do that...;)
     
  2. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    I am confused... so in our rundll32.exe example, the vulnerable process (rundll32) would be automatically blocked, and the user would not be prompted?
     
  3. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, I will download that and take a look, thank you!
     
  4. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Thank you for letting me know... no security software (including VS) has control of what the command lines contain... if there is some private info in the command lines, I would be talking to the media player developer about that asap.
     
  5. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    536
    Location:
    Philippines
    The "private information" I'm talking about are the file paths of songs/movies. Whatever I watch or listen is listed there. I'm uncomfortable with that. But I don't want to delete the command lines as they are there for whitelisting or blacklisting.
     
  6. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,288
    Location:
    Among the gum trees
    Can you edit it / them by replacing the title with a "*" ?
     
  7. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    What is the media player that you are using? I will try it and see. One thing you might be able to do is to add a wildcard for this command line block. You would basically just wildcard the song and movie titles.
     
  8. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, exactly... I think this is the only way around this issue, thank you Krusty!
     
  9. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    536
    Location:
    Philippines
    I'm using Potplayer 64-bit.

    I'll try to use the wildcard. Thanks, @VoodooShield and @Krusty13!
     
  10. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    536
    Location:
    Philippines
    I seem can't use the "*" wildcard because of the notification "Following rules will be removed as matched the wildcard rule". The list is too long, and I think that there's an "okay" or "cancel" options, which I couldn't see because it's unscrollable. The only thing I could click is the "x" or close button, which just cancels what I wanted.
     
  11. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,288
    Location:
    Among the gum trees
    Just press Enter on your keyboard.
     
  12. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    536
    Location:
    Philippines
    Thanks! It worked!
     
  13. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    536
    Location:
    Philippines
    By using the "*" wildcard with a media player, is there no additional risk given that all files will be allowed to execute through it now?
     
  14. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,288
    Location:
    Among the gum trees
    You're welcome.
    I'll leave that one for Dan, but the Command Lines would still have to match.
     
  15. guest

    guest Guest

    Updated to build .48 by overwriting, no issues so far. cpu usage almost nihil, RAM usage (2 processes: 13+9mb)
     
  16. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    17,737
    Location:
    UK
    No problems with the 3.48 autoupdate process.

    All seems okay so far.
     
  17. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,288
    Location:
    Among the gum trees
    Dan,

    Can I make a suggestion? 3.48 seems almost perfect so far so how about rounding off a stable v3 version before adding new features to the next beta (4.0 maybe), like Ai 2.0?

    Anyone have any thoughts?
     
  18. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,204
    I meant whatever vulnerable processes initiated in whatever way should be auto-allowed if "Allow vulnerable processes" option is selected.
    Hope I am clear now.
     
  19. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,419
    Location:
    Under a bushel ...
    +1
     
  20. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,563
    I have been complaining for a while about the icon remaining Red. Have investigated this further and remembered from way back that some browsers have to be entered manually. I was using Slimjet (http://www.slimjet.com/). Entered it and all is well.

    The point arising from this is how is a new user meant to know about this. Can a popup come up to give an option to add this to the list of accepted browsers? It maybe that since it is running through Sandboxie it is not seen but there is surely a way to overcome this.
     
  21. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    771
    Re-installed VS this morning after a couple of weeks without it and got this alert as soon as I tried to open Firefox. Allowed it to run but wondered why Ai found it suspicious. Could it be due to running under Sandboxie or caused by an extension.
     

    Attached Files:

  22. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    41,863
    Maybe because it's started from the user-directory, not Program Files.
     
  23. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    771
    Didn't notice the significance of the path - probably because Firefox has been installed on this machine for the last 6 years and never uninstalled so it must have installed there when I first installed it on the new machine.
    Starts and runs ok now as I allowed it the second time.
     
  24. KoalaK

    KoalaK Registered Member

    Joined:
    Jan 5, 2012
    Posts:
    9
    Upgraded from 3.47 to 3.48 but manual update check seems not working (no notification nor connection)
     
  25. askmark

    askmark Registered Member

    Joined:
    Jul 7, 2016
    Posts:
    392
    Location:
    united kingdom
    Working for me, although sometimes the popup does appear behind the main window...

    voodooshield_update_check.JPG
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.