VoodooShield ?

http://www.voodooshield.com/Download/InstallVoodooShield471.exe
https://calendarofupdates.org/index...gmnd98o7hcf55qakr33&topic=770.msg9861#msg9861

 

I can't get to the COU site today. Is their server down?

 

Connection Problems
Sorry, SMF was unable to connect to the database. This may be caused by the server being busy. Please try again later.

 

Thanks, Paul. Yeah, that's what I've been getting all day.

 

Yes it's down and I'm looking into it.

 

COU Back up now.

 

Yes but we don't know for how long?

 

I may be wrong, but it seems anti-executables have a weakness. If a person is signed in as a admin, then the attacker can write her payload anywhere, like \windows. Since anti-executables generally allow programs running from that folder, security will be bypassed. Same with SRP.

 

I think there are a few bugs in the latest build (4.71) which I didn't encounter in 4.68. I noticed that the program switched by itself from the Autopilot mode to Training mode once and today the program asked me to turn the protection on:

i.imgur.com/wRiG8Wo.png

Any ideas? OS is Windows 8.1 x64.

 

http://www.voodooshield.com/Download/InstallVoodooShield472.exe

 

I received same warning twice in last few weeks but was lazy to report.

I am on Win 10 Pro x64 and using v4.68.

Surprisingly, Voodooshield is still showing me that I am using the latest version.


Update: Official page still shows v4.68 as the latest build.
https://www.voodooshield.com/#download

 

If by attacker you mean a malicious executable, that will first have to be allowed to run. And even when windows folder is whitelisted, the file will first have to be written to the windows folder, which (if configured properly) requires admin permissions (administrators), limited users (users, interactive, authenticated users, everyone, all application packages) can't write in windows folder (with a few subfolders being the exception, which should be blacklisted if windows folder is whitelisted by default). And even if you're running as admin, if an executable wants to run with admin permissions it will prompt for UAC (if configured properly, again). The exception is processes which are started by a service, or ones started by task scheduler, they may run as admin or system without prompting for UAC, but the malicious process 1st has to get there

 

Anything later is still beta.

 

Hi Floyd 57,

If the hacker attacks a Windows system program which was running under the System account, there would be no restrictions for her; she could write the file anywhere. You said that. And there are 2 Windows system programs that I know of which runs as admin that connects to the net to MS, to known ip's. So the attacker/hacker can simply spoof the ip and ride her way in. The programs are not listed in the Windows Firewall outbound rules, and most people have outbound set to allow anyways. So I am taking a renewed look at the firewall.

 

and I would you do that without been noticed by voodooshield? Spoofing an IP is not enough

 

Understood

 

I mean the attacker is spoofing the IP and riding her way in to execute an exploit for that Windows executable.

 

I know how good voodooshield is ,any way of tweaking settings to lower ram usage but keep defense still .?thks

 

@polly77 I'm on VS 4.69 and the ram usage seems pretty low for me so i never thought about any tweaks.
It's 25,2MB and 12,3MB for me, so both services combined under 40MB.

 

Thks for reply I had it at 60 +megs ram yesterday with 4.72 ,I uninstalled everything and went back to 4.68 and have about 30megs ram now ,all good.

 

I don't worry about that little amount of RAM as I have 32GB of RAM and it's minor compared to Browsers and other programs these days!

 

VoodooShield v4.72 now available to the public
https://www.voodooshield.com/#download

 

I had to uninstall it because the message continue to show up from time to time. Will try the next build when available.

 

For whatever reason, I've lost site of VoodooShield until recent loss of usb device with all backups, thus obliging me to start from scratch without MalwareBytes I had acquired non-renewable lifetime license at the time (sad).

But after looking and installing VoodooShield 4.72 (free option) and VTZilla (VirusTotal extension) for Firefox, I think I've found a pretty solid backup plan against malware.

Do have one question.
Can VoodooShield protect against back doors?


Thanks a bunch for this free version and do hope to contribute a few dimes someday!



-Daniel

 

https://calendarofupdates.org/index.php?topic=770.msg10206#msg10206