VoodooShield ?

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. AEG

    AEG Registered Member

    Joined:
    Mar 12, 2018
    Posts:
    29
    Location:
    Middlesbrough
    I've been trying Voodoo shield and really like the concept, but can't find much information on what it actually blocks. I can see it whitelists files on a system and won't allow other executables to run when browsing, but what about scripts, dll's and dangerous system tools like command line or powershell. I can't see a way to block things like powershell or dll's, so just wondering if it provides protection from misuse of these resources.
     
  2. Alexhousek

    Alexhousek Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    522
    Location:
    USA--Colorado
    You've probably already done this, but I would certainly check out the Voodooshield website (https://voodooshield.com/) and read through the "Concept" tab and the "How it Works" tab. You could also reach out to the developer via the Calendar of Updates forum.
     
  3. AEG

    AEG Registered Member

    Joined:
    Mar 12, 2018
    Posts:
    29
    Location:
    Middlesbrough
    Thanks, I've looked at the site but the information is very general with no information about what is and isn't blocked
     
  4. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,218
    Location:
    Among the gum trees
    https://calendarofupdates.org/index...gmnd98o7hcf55qakr33&topic=770.msg5826#msg5826

    https://voodooshield.com/Download/InstallVoodooShield425.exe
     
  5. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,918
    After consideration of several things, including suggestions from other members, i've installed VS now i'm on Win8.1

    So far so good :)
     
  6. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,918
    Bug Report

    Smart Mode

    I'm able to bypass VS & run Task Manager by clicking the X twice on the prompt box for my password !

    *

    On a seperate note, the shield shows OFF = RED whilst in SM, but still blocks/prompts for things, so what really is OFF ? Confusing !

    Plus how to remove the floating shield ?
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,066
    You know a bug report won't be seen here
     
  8. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,918
    @ Peter2150 Global Moderator

    No wasn't aware of that ! I'll contact them directly then, Thanx
     
  9. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,672
    Location:
    Ontario, Canada
  10. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,218
    Location:
    Among the gum trees
    https://calendarofupdates.org/index...kvahj88vvjrkn81o3f6&topic=770.msg5989#msg5989

    http://www.voodooshield.com/Download/InstallVoodooShield426.exe
     
  11. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,918
    @ Triple Helix

    Thanx, just seen it & it's now been fixed !
     
  12. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    791
  13. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,218
    Location:
    Among the gum trees
    https://calendarofupdates.org/index...gmnd98o7hcf55qakr33&topic=770.msg6980#msg6980

    http://www.voodooshield.com/Download/InstallVoodooShield429beta.exe
     
  14. askmark

    askmark Registered Member

    Joined:
    Jul 7, 2016
    Posts:
    353
    Location:
    united kingdom
  15. hayc59

    hayc59 Updates Team

    Joined:
    Oct 29, 2008
    Posts:
    2,564
    Location:
    Deep Into Blues Baby..
    VoodooShield.png
    This is technically a BETA version, although I really think the only thing that might have any issues at all is the new self-protection feature, but I tested the heck out of it, so I think we are good to go.
    You can install over the top of 4.28, or uninstall, reboot and reinstall… it should not matter either way.

    VoodooShield v4.29 RC STABLE Release
    Released: June 04 2018

    New Features
    Self-Protection utilizing ObRegisterCallbacks in the driver. BTW, the self-protection may not activate until the computer is rebooted after installation.
    • Many, many new optimizations that will further reduce unnecessary blocks
    Editable Vulnerable Process List… Keep in mind ALL Windows files / components are covered under this feature, with the exception of 5 that are not vulnerable. I was going to add all of these to the list, but it would be a massive list of thousands of files… but trust me, they are on the list. You can always try to add a vulnerable windows executable, and VS should tell you that it is already on the list. This new feature is found in VoodooShield Settings / Advanced.
    Security Postures… this is the feature that I am most excited about. Ever since we started scanning child processes of whitelisted parents at the very beginning of VS 4.0 development, the number of unnecessary blocks increased somewhat significantly. But the question is… what is the best way to balance usability and security? A lot of people love the concept of VS, but it might have been a little too aggressive for them… well, this new feature fixes that. Anyway, I think you guys will really like all of the new features, especially this one. This new feature is found in VoodooShield Settings / Basic. Please click in the “About Security Postures” in the top right of this tab and let me know if you guys think the checks are about where they should be. I honestly NEVER receive any unnecessary blocks, even though I have to reset my whitelist on a daily basis… so I had to kind of guess on these parameters. But either way, they can easily be tweaked.

    Download: VoodooShield l Thread #552
     
    Last edited: Jun 5, 2018
  16. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    793
    Sounds nice that VoodooShield has self-protection. But I'm kinda disappointed in the road it took to get there.
     
  17. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,218
    Location:
    Among the gum trees
    https://calendarofupdates.org/index...gmnd98o7hcf55qakr33&topic=770.msg7009#msg7009
    http://www.voodooshield.com/Download/InstallVoodooShield430.exe
     
  18. imuade

    imuade Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    668
    Location:
    Italy
    It's maybe 1 year that Dan is working on self protection...
     
  19. bawldiggle

    bawldiggle Registered Member

    Joined:
    Jan 26, 2013
    Posts:
    10
    Location:
    OZ
    I have been using VDS PRO for the past 367 days (just renewed) on 1 of 5 machines.
    BD Internet Security on the 4 other machines for 3 years

    I have never understood the logic of blacklist protection especially phoning-home to check every file that runs, and if its not on the blacklist its allowed
    And heuristics are a pita. False positives, It's guessing
    BD (pro) had/has a whitelist (and only in the last few months free BD have introduced a whitelist too
    Free BD has a nasty habit of shredding unsigned progs and not quarantining safe EXEs

    I have trialed VDS PRO for 12 months to give it a real trial.

    So why not use BD pro or free instead?
    BD (in my experience) is neurotic
    Free BD has shredded several times, one of my scripts (using for 8 years)
    Nirsoft apps have been blocked
    The false positives have mostly been shredded (not quarantined)


    I am 92% satisfied with VDS
    • VDS works
      It stopped a ransom attack at least 5 seconds before Free BD woke up (I assumed Free BD was phoning home to check with mama)
      The ransom attack was my own desperate stupidity ... Used TaskManager to terminate the ransom loop
    • Alerts give me the option to allow (whitelists) or quarantine (until I check out obscure EXE )
      I overlooked various programs update EXEs
    • VDS whitelist + settings can be backed up onto desktop (or VDS free cloud)
      made a clean install of Win-7 PRO less painful with a simple reinstall of VDS PRO and importing the whitelist + settings
    • Dan has been very quick to respond to every "how do I ?" email
    • His realistic advice to use a free AV to capture phishing attempts (Free BD my choice)
      I must find an anti-phishing prog to compliment VDS
    • now that I am familiar with VDS it is a lot less stressful to manage than AVs

    The 8%
    • Lack of a forum (perpetual threads are not efficient)
    • Documentation is mediocre ... why not a PDF online ?
    • I still don't know what/how "Rules) are ... no documentation
    • 50% price hike in 12 months
    • Renewal alert should be a nag in the program to announce renewal will be due on "date"
    As a developer of addon$ for AutoCad I know how difficult it is to be and do everything
    I am giving Dan "a go" I believe in what he is doing ... we all had to start somewhere
     
    Last edited: Jun 11, 2018
  20. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,218
    Location:
    Among the gum trees
    G'day @grayghost2 ,

    Just remember VS is a small company with mainly just Dan and another guy who helps on the website. It isn't a company employing hundreds of people. Also, Dan does a lot of other IT work for his customers so I think he has done an excellent job under the circumstances.

    Is VS perfect in every way? No, but it isn't far off and it has come a long way since the first version I tried.

    Cheers!
     
  21. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,218
    Location:
    Among the gum trees
  22. SSherjj

    SSherjj Registered Member

    Joined:
    Mar 4, 2014
    Posts:
    144
    Location:
    New York, USA
    Nicely put Krusty! I totally agree and admire Dan for all his hard work with VS. :D
     
  23. sevenstar

    sevenstar Registered Member

    Joined:
    Oct 19, 2010
    Posts:
    22
    4.31 is great!!
    Allen
     
  24. Duotone

    Duotone Registered Member

    Joined:
    Jul 9, 2016
    Posts:
    142
    Location:
    Philippines
    Back to using VS after half a year...
     
  25. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    6,218
    Location:
    Among the gum trees
    http://www.voodooshield.com/Download/InstallVoodooShield432.exe
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.