VoodooShield ?

I've been trying Voodoo shield and really like the concept, but can't find much information on what it actually blocks. I can see it whitelists files on a system and won't allow other executables to run when browsing, but what about scripts, dll's and dangerous system tools like command line or powershell. I can't see a way to block things like powershell or dll's, so just wondering if it provides protection from misuse of these resources.

 

You've probably already done this, but I would certainly check out the Voodooshield website (https://voodooshield.com/) and read through the "Concept" tab and the "How it Works" tab. You could also reach out to the developer via the Calendar of Updates forum.

 

Thanks, I've looked at the site but the information is very general with no information about what is and isn't blocked

 

https://calendarofupdates.org/index...gmnd98o7hcf55qakr33&topic=770.msg5826#msg5826

https://voodooshield.com/Download/InstallVoodooShield425.exe

 

After consideration of several things, including suggestions from other members, i've installed VS now i'm on Win8.1

So far so good

 

Bug Report

Smart Mode

I'm able to bypass VS & run Task Manager by clicking the X twice on the prompt box for my password !

*

On a seperate note, the shield shows OFF = RED whilst in SM, but still blocks/prompts for things, so what really is OFF ? Confusing !

Plus how to remove the floating shield ?

 

@ Peter2150 Global Moderator

No wasn't aware of that ! I'll contact them directly then, Thanx

 

Or you can post your questions here: https://calendarofupdates.org/index.php?board=21.0

 

https://calendarofupdates.org/index...kvahj88vvjrkn81o3f6&topic=770.msg5989#msg5989

http://www.voodooshield.com/Download/InstallVoodooShield426.exe

 

@ Triple Helix

Thanx, just seen it & it's now been fixed !

 

V4.28 Public Release

https://calendarofupdates.org/index...kvahj88vvjrkn81o3f6&topic=770.msg6089#msg6089

 

https://calendarofupdates.org/index...gmnd98o7hcf55qakr33&topic=770.msg6980#msg6980

http://www.voodooshield.com/Download/InstallVoodooShield429beta.exe

 

Thanks @Krusty

 

This is technically a BETA version, although I really think the only thing that might have any issues at all is the new self-protection feature, but I tested the heck out of it, so I think we are good to go.
You can install over the top of 4.28, or uninstall, reboot and reinstall… it should not matter either way.
VoodooShield v4.29 RC STABLE Release
Released: June 04 2018

New Features
• Self-Protection utilizing ObRegisterCallbacks in the driver. BTW, the self-protection may not activate until the computer is rebooted after installation.
• Many, many new optimizations that will further reduce unnecessary blocks
• Editable Vulnerable Process List… Keep in mind ALL Windows files / components are covered under this feature, with the exception of 5 that are not vulnerable. I was going to add all of these to the list, but it would be a massive list of thousands of files… but trust me, they are on the list. You can always try to add a vulnerable windows executable, and VS should tell you that it is already on the list. This new feature is found in VoodooShield Settings / Advanced.
• Security Postures… this is the feature that I am most excited about. Ever since we started scanning child processes of whitelisted parents at the very beginning of VS 4.0 development, the number of unnecessary blocks increased somewhat significantly. But the question is… what is the best way to balance usability and security? A lot of people love the concept of VS, but it might have been a little too aggressive for them… well, this new feature fixes that. Anyway, I think you guys will really like all of the new features, especially this one. This new feature is found in VoodooShield Settings / Basic. Please click in the “About Security Postures” in the top right of this tab and let me know if you guys think the checks are about where they should be. I honestly NEVER receive any unnecessary blocks, even though I have to reset my whitelist on a daily basis… so I had to kind of guess on these parameters. But either way, they can easily be tweaked.

Download: VoodooShield l Thread #552

 

Sounds nice that VoodooShield has self-protection. But I'm kinda disappointed in the road it took to get there.

 

https://calendarofupdates.org/index...gmnd98o7hcf55qakr33&topic=770.msg7009#msg7009

http://www.voodooshield.com/Download/InstallVoodooShield430.exe

 

It's maybe 1 year that Dan is working on self protection...

 

I have been using VDS PRO for the past 367 days (just renewed) on 1 of 5 machines.

BD Internet Security on the 4 other machines for 3 years​

I have never understood the logic of blacklist protection especially phoning-home to check every file that runs, and if its not on the blacklist its allowed
And heuristics are a pita. False positives, It's guessing

BD (pro) had/has a whitelist (and only in the last few months free BD have introduced a whitelist too
Free BD has a nasty habit of shredding unsigned progs and not quarantining safe EXEs​

I have trialed VDS PRO for 12 months to give it a real trial.

So why not use BD pro or free instead?

BD (in my experience) is neurotic
Free BD has shredded several times, one of my scripts (using for 8 years)
Nirsoft apps have been blocked
The false positives have mostly been shredded (not quarantined)​

I am 92% satisfied with VDS

• VDS works
  It stopped a ransom attack at least 5 seconds before Free BD woke up (I assumed Free BD was phoning home to check with mama)
  The ransom attack was my own desperate stupidity ... Used TaskManager to terminate the ransom loop
• Alerts give me the option to allow (whitelists) or quarantine (until I check out obscure EXE )
  I overlooked various programs update EXEs
• VDS whitelist + settings can be backed up onto desktop (or VDS free cloud)
  made a clean install of Win-7 PRO less painful with a simple reinstall of VDS PRO and importing the whitelist + settings
• Dan has been very quick to respond to every "how do I ?" email
• His realistic advice to use a free AV to capture phishing attempts (Free BD my choice)
  I must find an anti-phishing prog to compliment VDS
  
• now that I am familiar with VDS it is a lot less stressful to manage than AVs

The 8%

• Lack of a forum (perpetual threads are not efficient)
• Documentation is mediocre ... why not a PDF online ?
• I still don't know what/how "Rules) are ... no documentation
• 50% price hike in 12 months
• Renewal alert should be a nag in the program to announce renewal will be due on "date"

As a developer of addon$ for AutoCad I know how difficult it is to be and do everything
I am giving Dan "a go" I believe in what he is doing ... we all had to start somewhere

 

G'day @grayghost2 ,

Just remember VS is a small company with mainly just Dan and another guy who helps on the website. It isn't a company employing hundreds of people. Also, Dan does a lot of other IT work for his customers so I think he has done an excellent job under the circumstances.

Is VS perfect in every way? No, but it isn't far off and it has come a long way since the first version I tried.

Cheers!

 

https://calendarofupdates.org/index...gmnd98o7hcf55qakr33&topic=770.msg7080#msg7080

http://www.voodooshield.com/Download/InstallVoodooShield431.exe

 

Nicely put Krusty! I totally agree and admire Dan for all his hard work with VS.

 

4.31 is great!!
Allen

 

Back to using VS after half a year...

 

http://www.voodooshield.com/Download/InstallVoodooShield432.exe