In this guide we will have a look at VoodooShield, a free security app that has been around for quite a few years now. VoodooShield SHOULD NOT be used as a replacement for your realtime antivirus/malware security program, but rather as a second line of defense. Whilst it remains true that running more than one realtime antivirus/malware security suite at the same time is most undesirable, VoodooShield can be run alongside your existing realtime protection because VoodooShield runs only as a whitelisted file, or application, gateway. VoodooShield works by only allowing apps and files that have been whitelisted to run on your pc and blocks anything, or asks you, that is not known to be OK or has not been whitelisted.
Here we will look at the installation and an overview of VoodooShield.
There is both a free and paid for version of VoodooShield, but for this guide we will look at the free version.
VoodooShield IS NOT designed to remove viruses or malicious files that exist on your computer.
VoodooShield will run on Windows 7 through 10 on both 32 and 64 bit systems.
VoodooShield is light on system resources.
VoodooShield will scan unknown files with over 50 scan engines.
To get a copy of VoodooShield head over HERE and download it to somewhere you can find later.
Start the install by double clicking the downloaded file and should you receive any security warnings whilst the installation proceeds you can safely allow it to continue.
Accept the license agreement and click next.
As we are going to use the free version of VoodooShield you are asked to supply an email address. It's up to you to type in a email address and click on "Register VoodoShield Free"
VoodooShield then asks for a choice of operating mode, and in this case we will choose "Application Whitelisting Mode" Even though there will be a few more popups we will control what will be allowed to run and it will be more secure. Click anywhere within the blue box.
The welcome box advises VoodooShield will create a snapshot of your system, meaning everything currently on your system will be allowed to run and be regarded as whitelisted. Click "Next"
A dialogue box will then explain what VoodooShield will do and how it will do it. After reading it click "Next"
Finally there are brief instructions on how to include any new software in the whitelist. Click Previous to end the installation.
Your computer should now be rebooted, and on restart there will be a new red icon "OFF" at the bottom right of your screen. VoodooShield is currently inactive as everything on your PC known to be good has been whitelisted, but if you fire up your browser, or perhaps plug in a USB device the icon will change to blue "On".
Browser on
Browser on or off and usb flash drive plugged in
Should you try to run any software that VoodooShield does not know to be NON malicious , or download any unknown to VoodooShield, or suspicious code from a website then VoodooShield will produce a popup box asking what to do about it.
So if we click the above box to allow the file to run VoodooShield will scan the file and produce a report to allow us to make a more informed decision. Clicking "Allow" in this box will allow the file to run AND include it in our whitelist so we will not be prompted next time we run the file. If the file we are running is a program installer file there will be a another box added to the Block, Sandbox, and Allow choices. Any file not digitally signed will automatically be flagged by VoodooShield as possibly malicious.
Should we try to run a file that is known to VoodooShield as Malicious then we get a very different report advising the file be quarantined.
You can manually scan a file at any time by right clicking it and selecting "VoodooShield Scan" from the context menu.
The settings in VoodooShield can be accessed by right clicking the shield icon, but the majority of settings are disabled and only function in the paid for Pro version.
The free version default settings should suit most users but the options that can be changed include
The operation mode.
Moving or hiding the VoodooShield icon.
Editing the whitelist.
Viewing the logfile.
Editing command lines.
Deleting or restoring quarantined files.
Creating and editing rules.
This is a great free application that can add another layer of security to a system and worthy of at least giving it a try.
Please however do maintain your normal system backup regime, and also retain your usual realtime Av/malware software.
Here we will look at the installation and an overview of VoodooShield.
There is both a free and paid for version of VoodooShield, but for this guide we will look at the free version.
VoodooShield IS NOT designed to remove viruses or malicious files that exist on your computer.
VoodooShield will run on Windows 7 through 10 on both 32 and 64 bit systems.
VoodooShield is light on system resources.
VoodooShield will scan unknown files with over 50 scan engines.
To get a copy of VoodooShield head over HERE and download it to somewhere you can find later.
Start the install by double clicking the downloaded file and should you receive any security warnings whilst the installation proceeds you can safely allow it to continue.
Accept the license agreement and click next.
As we are going to use the free version of VoodooShield you are asked to supply an email address. It's up to you to type in a email address and click on "Register VoodoShield Free"
VoodooShield then asks for a choice of operating mode, and in this case we will choose "Application Whitelisting Mode" Even though there will be a few more popups we will control what will be allowed to run and it will be more secure. Click anywhere within the blue box.
The welcome box advises VoodooShield will create a snapshot of your system, meaning everything currently on your system will be allowed to run and be regarded as whitelisted. Click "Next"
A dialogue box will then explain what VoodooShield will do and how it will do it. After reading it click "Next"
Finally there are brief instructions on how to include any new software in the whitelist. Click Previous to end the installation.
Your computer should now be rebooted, and on restart there will be a new red icon "OFF" at the bottom right of your screen. VoodooShield is currently inactive as everything on your PC known to be good has been whitelisted, but if you fire up your browser, or perhaps plug in a USB device the icon will change to blue "On".
Browser off
Browser on
Browser on or off and usb flash drive plugged in
Should you try to run any software that VoodooShield does not know to be NON malicious , or download any unknown to VoodooShield, or suspicious code from a website then VoodooShield will produce a popup box asking what to do about it.
So if we click the above box to allow the file to run VoodooShield will scan the file and produce a report to allow us to make a more informed decision. Clicking "Allow" in this box will allow the file to run AND include it in our whitelist so we will not be prompted next time we run the file. If the file we are running is a program installer file there will be a another box added to the Block, Sandbox, and Allow choices. Any file not digitally signed will automatically be flagged by VoodooShield as possibly malicious.
Should we try to run a file that is known to VoodooShield as Malicious then we get a very different report advising the file be quarantined.
You can manually scan a file at any time by right clicking it and selecting "VoodooShield Scan" from the context menu.
The settings in VoodooShield can be accessed by right clicking the shield icon, but the majority of settings are disabled and only function in the paid for Pro version.
The free version default settings should suit most users but the options that can be changed include
The operation mode.
Moving or hiding the VoodooShield icon.
Editing the whitelist.
Viewing the logfile.
Editing command lines.
Deleting or restoring quarantined files.
Creating and editing rules.
This is a great free application that can add another layer of security to a system and worthy of at least giving it a try.
Please however do maintain your normal system backup regime, and also retain your usual realtime Av/malware software.
