Q&A Please help me set the best settings of VoodooShield Pro

Discussion in 'VoodooShield' started by Jogos, Nov 29, 2017.

  1. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,245
    13,474
    Utopia
    I must admit that I don't know much about how zemana sandbox works. I am sure someone else can give you input on that.
    As for VS sandbox, @_CyberGhosT_ can probably tell you about it. I personally never submitted a file to cuckoo more than once or twice.
     
    _CyberGhosT_ likes this.
  2. Evjl's Rain

    Evjl's Rain Level 28
    Trusted AV Tester

    Apr 18, 2016
    1,784
    13,100
    Vietnam
    Windows 8.1
    Avast
    ZAM's pandora sandbox, I assume it is just an online sandbox they use to analyze malwares. I don't think it has anything to do with our computer. It increases the rate of FP and slightly improves detection rate but the rate of infection is still very high
    you can enable pandora without any worry about duplication. I think they are complete 2 different things

    VS according to the last time I use it. It has local sandbox and Cuckoo sandbox
    - local sandbox utilizes windows virtualization feature to isolate the file and let it run. Only files WITHOUT admin right can run. It is inferior to sandboxie and other virtualization softwares but it's there so you can use it
    - Cuckoo: online file analysis, similar to hybrid-analysis. It gives you the detail information about how the file works. It takes quite a lot of time to generate a report

    Please correct me if I'm wrong

    local.PNG
     
  3. Slyguy

    Slyguy Level 21

    Jan 27, 2017
    1,076
    4,331
    Fortinet Engineer
    USA
    Other OS
    Zemana uses decentralized sandbox evaluation of files along with VT. I've found the computers that do this analysis are spread around the world in various locations, including what appears to be in homes. As noted in the Zemana forum here, I do not believe this is a secure method of operation as their sandboxes were easily exposed to the public using commonly available testing methods. Including the local machine name, OS, WAN IP address, internal IP address structure and other things.
     
  4. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,245
    13,474
    Utopia
    VS does not have local sandbox and does not use Windows virtualization AFAIK
     
    _CyberGhosT_ and Evjl's Rain like this.
  5. Evjl's Rain

    Evjl's Rain Level 28
    Trusted AV Tester

    Apr 18, 2016
    1,784
    13,100
    Vietnam
    Windows 8.1
    Avast
    is it removed? maybe :rolleyes:. because it's not a frequently used feature. I can't confirm because I'm opting-out of all default-deny products for a while
     
    BryanB likes this.
  6. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,245
    13,474
    Utopia
    Hey, I just read your screenshot from VS, and it said exactly like you claimed. But I never see that option. Maybe the product has changed? Or maybe I somehow missed noticing this feature? I am confused. Maybe @danb or someone else can enlighten us.
     
  7. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,245
    13,474
    Utopia
    But anyways, to sum up about Zemana sandbox and VS sandbox: it does not sound like there is a conflict or overlap, like @Evyl's Rain said. VS sandbox is an extra way that the user can examine a suspicious file, if he wants to do so. It's not really what you would call a core element of VS.
     
  8. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,245
    13,474
    Utopia
    Yeah, my bad, that option in VS for local sandbox is for sure there, but you can only see it if you first click on sandbox (which I almost never do), and then you can choose which kind of sandbox you want. Cool.
    So I decided to go for local sandbox. And... nothing. The results never displayed, for some reason. Tried a couple times. Not sure what went wrong. But if I choose cuckoo sandbox, it works.
     
    BryanB and _CyberGhosT_ like this.
  9. _CyberGhosT_

    _CyberGhosT_ Level 52
    Trusted

    Aug 2, 2015
    4,169
    27,463
    Retired
    Central US
    Linux Mint
    Default-Deny
    I have never moved it off of Cuckoo. Keep selecting it till Dan can chat us up. :coffee:
     
    shmu26 likes this.
  10. Jogos

    Jogos Level 2

    Apr 9, 2017
    56
    89
    Belarus
    Windows 8.1
    Panda
    Can anyone explain to me the exact differences between modes? (Training, Smart mode, Always ON), I read the manual but honestly did not explain much to me
     
    BryanB and shmu26 like this.
  11. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,245
    13,474
    Utopia
    In training mode, anything you run will be whitelisted, and that is its purpose, so don't run risky stuff in training mode.
    Smart mode toggles to a higher level of protection when the user is active, and toggles to a lower level when there is no user input for a certain number of minutes.
    Always on is like smart mode, but does not ever toggle to lower level. This might prevent certain windows functions from running.
     
    _CyberGhosT_, Sunshine-boy and BryanB like this.
  12. Telos

    Telos Level 8

    Jan 29, 2017
    375
    983
    Baana
    In addition to the settings suggestions posted so far... I also delete the whitelist snapshot entries when first installing. Just a bit of over-caution, but it works for me.
     
    _CyberGhosT_ and shmu26 like this.
  13. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,245
    13,474
    Utopia
    Guys, the future of voodooshield looks a bit unclear at the moment.
    The dev has been talking about how a lot of things are up in the air, and he is no longer active on this forum, or any other forum that I know about. The main thread on this forum dealing with VS has been closed.
    Just a heads up, seeing as certain elements of VS depend on cloud services that need to be maintained by the dev.
     
  14. frogboy

    frogboy Level 61
    Trusted

    Jun 9, 2013
    6,232
    64,816
    Heavy Duty Mechanic.
    Western Australia
    Windows 10
    Emsisoft
    Yes for two weeks. Not sure if it helped though. :)
     
    Weebarra and Sunshine-boy like this.
  15. Telos

    Telos Level 8

    Jan 29, 2017
    375
    983
    Baana
    Seems to be a case of "suicide by forum" (again). Gotta wonder if it's worth continuing... The main beta thread was removed. Looking at Ransomoff now.
     
    TerrakionSmash, BryanB and shmu26 like this.
  16. Lightning_Brian

    Lightning_Brian Level 7

    Sep 1, 2017
    339
    1,701
    Information Technology
    USA
    Windows 10
    Norton
    @Telos what happened?
     
    Weebarra and BryanB like this.
  17. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,245
    13,474
    Utopia
    It was nothing worth talking about, nothing that matters to the average VS user. Talking about it in this thread would be gossip, at best, and a reason to be banned, at worst.
     
  18. Lightning_Brian

    Lightning_Brian Level 7

    Sep 1, 2017
    339
    1,701
    Information Technology
    USA
    Windows 10
    Norton
    Roger that.
     
  19. boredog

    boredog Level 8

    Jul 5, 2016
    384
    804
    Retired
    usa
    Windows 10
    Malwarebytes
    #39 boredog, Dec 3, 2017
    Last edited: Dec 3, 2017
    Decided to remove my post.
     
  20. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,245
    13,474
    Utopia
    Where's there?
     
    Sunshine-boy likes this.
Loading...
Similar Threads Forum Date
SOLVED "Google Chrome Malware Virus Infected rundll32.exe! Please help" same as this persons from 2014 Malware Removal Assistance For Windows Dec 12, 2017
SOLVED My windows system is infected by SysWoW64 virus... Please help me remove it Malware Removal Assistance For Windows Dec 9, 2017
Please Help Me AdwCleaner has stopped working :(( Malware Removal Assistance For Windows Nov 30, 2017