VoodooShield ?

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,037
    Location:
    Ontario, Canada
  2. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,545
    Can I run Voodooshield alongside EMET and Sandboxie?
     
  3. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    With all new versions we can just install over the old version right? or is it best to un-install then re-install?
     
  4. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Oh, I see... is your main pst file named Outlook backup? I was thinking that was Outlook 2013 backing up your pst file.

    I need to get 2013 as some point. But I doubt that it runs on my Windows 95 ;).
     
  5. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Sorry, I was misunderstanding you... for some reason I was thinking you were talking about "Documents" folder, not "Downloads". Sure, I can add that.
     
  6. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yes, VS works with pretty much everything. A few people have issues with Sandboxie and VS, but I am working on that right now!
     
  7. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    It really shouldn't matter, all the installer does is copy the files to your computer and create a startup entry in the registry (and disable UAC).

    But going from 2 to 4 modes in this version... VS might run a little silly the first time you run it, since it does not know what mode it is in. But you should be able to exit out of VS and start it again, and it would work great.

    BTW, you do not have to reboot on install or uninstall if UAC is already disabled. The only reason VS requires a restart is to disable UAC.
     
  8. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    I never use UAC so I just clicked on it after I installed the latest version and everything is running great, thanks :thumb:
     
  9. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,037
    Location:
    Ontario, Canada
    Hi Dan it's exactly as in this picture but you don't see .pst file name.

    https://www.wilderssecurity.com/showpost.php?p=2259404&postcount=1795

    Daniel

    Capture27-07-2013-6.01.32 PM.jpg
     
    Last edited: Jul 27, 2013
  10. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,112
    Location:
    Mountaineer Country
    I was just lurking in this topic and happened to see info on something that may help. http://www.tweakhound.com/tweaking-windows-8/4/
     
  11. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Thank you TH and innerpeace!
     
  12. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,563
    I am not very good at obeying rules. I don't modify any standard paths. All Data is kept on a partition called Data. Similarly with Downloads, Programs etc. That is why I though it might be simpler to have user defined area to protect as you can do with some programs.

    Those users who veer from the standard will be capable of adjusting VS.

    Just my thoughts.
     
  13. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,563
    Glad to report that the balloon is now working providing there is a browser running.
     
  14. AlexCross

    AlexCross Registered Member

    Joined:
    Apr 21, 2013
    Posts:
    81
    Location:
    Romania
    I noticed that some softwares like utorent, o&o Defrag and more have paths in App data, after running one from the list above VS prompts to allow or block, I allow them but VS keeps asking everytime I open them. Some softwares keep there the update manager and VS blocks them.

    So the bug might be that VS is not saving what user allow from notifications, after I did another training and open everything, update and etc, all worked Ok.
     
    Last edited: Jul 28, 2013
  15. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,037
    Location:
    Ontario, Canada
    Dan why would VS block rundll32.exe as it's in windows/system32 when the Browser is open and also the Shield just flickered no balloon?

    Daniel


    Capture28-07-2013-10.23.46 AM.jpg 28-07-2013 10-35-26 AM.png
     
  16. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,563
    Something that has just occurred to me. If you miss a pop up is there a way to find out what it was?
     
  17. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,037
    Location:
    Ontario, Canada
    Right Click on the Tray Icon and click View Log. ;)

    TH

    28-07-2013 11-41-51 AM.png
     
  18. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    I totally agree. I will add that on the next version, thank you! For this version, should VS be protecting "Documents" as well? I actually do the same thing on my main computer... All of my data is on the d drive. The new version will be ready in a couple of hours, and it includes protection of "Downloads". Should it include protection of "Documents" as well?
     
  19. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you. It took a while to get all of that right, but I think it turned out really well. It is easy to get confused when I am testing VS... like sometimes I will wonder why it does something, then a few seconds later, I am like "oh yeah, that's why".
     
  20. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, since viruses love to hang out in the appdata and program data folders, it is a little tricky to deal with. Basically, we do not want to whitelist anything in these folders unless the user really wants to... there is a setting called "Do not Whitelist items in the AppData Directories". I thought I had it so that if the user goes into Training Mode, it would whitelist them. But if the user is in Smart or Always ON mode, it should not whitelist them. Is this how it worked for you? Thank you for your help!
     
  21. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Good point! Actually it should say something like "Automatically allow all software from the Windows Systems folders when VS is ON, unless it is a blacklisted process" Does that make sense? If not, I can try to explain it another way. Thank you.
     
  22. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Thank you TH! I increased the balloon time in the version that you guys will get in a few hours. I would like to make that user adjustable, but for some reason they do not make it easy to do that. But there should be a way around it. But please look at the new balloon time and let me know if is a good duration. Obviously we want it to go away at some point, but we don't want it to disappear too fast. Thank yoU!
     
  23. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,037
    Location:
    Ontario, Canada
    Yes it could say that but it has to do it, as I said it was Blocked and I only got a flicker from the VS Shield no Balloon or Pop-up.

    Daniel
     
  24. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Ohh, I see what you are saying... what were you trying to run when VS blocked rundll32.exe? It was probably some program that had to call a dll.

    But the reason it blocks rundll32.exe and only flashes once is because if VS prompts the user to run rundll32.exe, nothing will happen (rundll32.exe will not execute by itself).

    But, what we might be able to do is to prompt the user to run the program they were trying to run when rundll32.exe was blocked.

    So what were you trying to run when VS blocked rundll32.exe?
     
  25. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,037
    Location:
    Ontario, Canada
    Nothing that I know of unless a back ground program process called for it? Would Today's Log File tell you if I sent it to you?

    Daniel
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.