[Request] VoodooShield tweaking guide

[Evjl's Rain]

Hi everyone. I just owned a 2-year pro license of voodooshield.

I read the official User guide from voodooshield but now I still have no idea what to tweak to make it better and not more annoying

What I did:
- Uncheck "Automatically allow parent process..."

Thank you

 

[shmu26]

What I did:
- Uncheck "Automatically allow parent process..."

that tweak is both a good idea, and also likely to make it more annoying. better check your log and see what is being blocked.

 

[_CyberGhosT_]

Here are my settings, I have not changed many as there is no need to.
Remember until you train it you will receive popups but be patient.
Password protecting your settings is also a good idea.

 

[shmu26]

if you keep getting prompts from device related command lines, such as your printer,
then open up the command line and edit it, look for all the places where there are variable/random characters, and replace each place with a *

 

[Evjl's Rain]

Here are my settings, I have not changed many as there is no need to.
Remember until you train it you will receive popups but be patient.
Password protecting your settings is also a good idea.

Thank you. I copied some of your settings

 

[shukla44]

Hi everyone. I just owned a 2-year pro license of voodooshield.

I read the official User guide from voodooshield but now I still have no idea what to tweak to make it better and not more annoying

What I did:
- Uncheck "Automatically allow parent process..."

Thank you

I would love a tweaking guide too. When i first installed it, messed with the settings to make it more secure & robust.... Messed up my installations & system.

Then, after resetting VS & system, i found out that keeping the settings at default for VS is likely the best option.

One thing that was a life saver for me - Custom Folders. When i enabled it, i found out that, even if the VS is OFF, it is still protecting the USERS folder (most likely for ransomware protection). When i disabled that & enabled some of my own custom folder, it is a lot more manageable & user friendly than default.

Spoiler: Advanced

Spoiler: Basic

Also, i have some other Web Apps in the list. Custom Folder is enabled with everything uncheck in section 'When VS is OFF'.

Do you agree with these settings? Should i make any changes?

 

[Evjl's Rain]

I would love a tweaking guide too. When i first installed it, messed with the settings to make it more secure & robust.... Messed up my installations & system.

Then, after resetting VS & system, i found out that keeping the settings at default for VS is likely the best option.

One thing that was a life saver for me - Custom Folders. When i enabled it, i found out that, even if the VS is OFF, it is still protecting the USERS folder (most likely for ransomware protection). When i disabled that & enabled some of my own custom folder, it is a lot more manageable & user friendly than default.

Spoiler: Advanced

View attachment 125101

Spoiler: Basic

View attachment 125102

Also, i have some other Web Apps in the list. Custom Folder is enabled with everything uncheck in section 'When VS is OFF'.

Do you agree with these settings? Should i make any changes?

good but "automatically allow by parent process (...)" must be unchecked (in Advanced tab) so a will be protected against ransomwares
if it's on + you allow the jscript to run -> it will download its payload exe files and those will be allowed automatically without being scanned -> infected

you can also uncheck "Deny by default..." -> popup with options to allow or block will show immediately, you don't have to click the yellow popup to show this anymore -> less clicks, less annoying

 

[shukla44]

good but "automatically allow by parent process (...)" must be unchecked (in Advanced tab) so a will be protected against ransomwares
if it's on + you allow the jscript to run -> it will download its payload exe files and those will be allowed automatically without being scanned -> infected

you can also uncheck "Deny by default..." -> popup with options to allow or block will show immediately, you don't have to click the yellow popup to show this anymore -> less clicks, less annoying

I have "Deny by default..." on because i don't need popups to select the allow or block. I need it to automatically lock down my system as anything i am doing is already whitelisted. Also, everytime i install a update or software, i close all the web apps so the protection is OFF as i already checked the downloaded file for anything malicious.
For me, having this setting on, is more user friendly.

And for "automatically allow by parent process", nice suggestion. Fixed it.

Any more suggestions? What about Voodoo Ai sensitivity? Is 110% alright?

 

[Evjl's Rain]

I have "Deny by default..." on because i don't need popups to select the allow or block. I need it to automatically lock down my system as anything i am doing is already whitelisted. Also, everytime i install a update or software, i close all the web apps so the protection is OFF as i already checked the downloaded file for anything malicious.
For me, having this setting on, is more user friendly.

And for "automatically allow by parent process", nice suggestion. Fixed it.

Any more suggestions? What about Voodoo Ai sensitivity? Is 110% alright?

it's OK. VoodooAI sensitivity is nothing but just shifting the Ai score to the more Safe or Unsafe side, as far as I observed

 

[XxX Legolas XxX]

For VoodooShield setting skip to the 39:00

 

[Anker_by]

I love to test voodoo shield on my VM, great tool!!!

 

[Evandro]

Best Free Security Combo:
===================
- Comodo Firewall
- Forticlient Antivirus
- VoodooShield Free
===================

 

[XxX Legolas XxX]

Best Free Security Combo:
===================
- Comodo Firewall
- Forticlient Antivirus
- VoodooShield Free
===================

Good combo !!!

 

[shukla44]

I downloaded the user guide of VS to better understand the settings & other features & found out that version 3 beta had a blacklist of most commonly exploited items. See the image.

Why was this removed from the later on beta releases?

I really think having these blacklist items to toggle ON/OFF is a good thing for advanced users. What do you guys think?

 

[Deleted member 2913]

shukla44,

Those are hard coded now. I had asked Dev about the options & he had mentioned options will be back in the GUI, dont know when?

I too think blacklist items ON/OFF is a good thing for advanced users, etc...

 

[shukla44]

shukla44,

Those are hard coded now. I had asked Dev about the options & he had mentioned options will be back in the GUI, dont know when?

I too think blacklist items ON/OFF is a good thing for advanced users, etc...

Thanks for this info. My guess will be 'back in Stable Release'....

 

[shukla44]

I downloaded the user guide of VS to better understand the settings & other features & found out that version 3 beta had a blacklist of most commonly exploited items. See the image.

View attachment 126091

Why was this removed from the later on beta releases?

I really think having these blacklist items to toggle ON/OFF is a good thing for advanced users. What do you guys think?

This option should have been back in 3.5 stable release.

One thing to notice: Restoring snapshot or setting doesn't restore command-line rules.

IMO, these two things should be dealt with. VS is very good of a product to pass on.
Regards.

 

[reboot]

It is interesting to note that Dan (the developer) uses and recommends the default settings for most users.

 

[Petrovic]

I love to test voodoo shield on my VM, great tool!!!

https://my.mixtape.moe/xjcfhc.webm

samples
Antivirus scan for 8b7aaf799bb41b2605433871c91246dde05aba4e0a52ec043dc5bbde1fe50f65 at 2017-02-06 08:48:52 UTC - VirusTotal
Antivirus scan for 6b3c0b436f7848ba02d0c0d2aa45570ad521320fab1bf1d661b946e72f2b3bb8 at 2017-02-06 08:49:08 UTC - VirusTotal