Windows users have plenty of options at their disposal when it comes to protecting their system. Some solutions are recommended to all users, the installation of a good anti-virus solution comes to mind.
Others may be considered optional but they may improve the security in a way that anti-virus software can't. A sandboxing application like Sandboxie enables you to run apps in protected environments so that they cannot manipulate the system.
Anti-exploit software such as EMET or Malwarebytes Anti-Exploit mitigate specific attacks against the computer.
And then there are so-called anti-exe programs. What they do basically is whitelist programs that are allowed to run on the system and block any other program that is not whitelisted.
VoodooShield is such a program for Windows. It is free for personal use and a new version of it has just been released.
You are asked during installation whether you want UAC to be turned off with the program recommending to do so as it may interfere with program functionality if you don't. The choice is up to you however.
The program displays a welcome screen after start that explains its functionality. The program takes a snapshot of the system in that time to allow software that is already on the computer to run without issues.
This means that the system needs to be clean and without malware, as malware would be permitted to run as well if already present on the system.
Once you flip the switch and turn VoodooShield on, it will block all new programs automatically from running on the system. You do get a notification whenever that happens and an option to run that program and make an exception.
This is useful as you don't need to switch between on and off state all the time when you want to run a new program on the PC.
You find three modes listed when you right-click the desktop widget or system tray icon of VoodooShield.
The program displays notifications on the screen whenever executions are blocked so that you can allow it after all.
Another interesting feature is that it will scan any executable that is blocked on Virustotal automatically when you try to allow. It displays information about threats found in that program in a notification with options to block, sandbox (run with limited rights) or allow its execution.
If at least one hit is found, it recommends to block the application from running on the system. You can also run a manual scan of any file by dragging and dropping it on the VoodooShield desktop widget.
The free version of the program is limited. It does not provide you with options to change advanced settings, for instance directories that you want blacklisted or whitelisted, or manage the whitelist in any way.
This is a serious problem as you have no control or even access to the whitelist to check whether a program is in it or not. If you accidentally allow malicious software to run in training mode, then it won't be blocked by the application later on when you turn it on.
VoodooSheld is an easy to use program that adds another layer of protection to Windows PCs. It is fundamental though that the PC is clean during installation and first run though and you may find that it lacks options and settings that you want control over. The paid version of the program resolves that and it is available for $19.99 at the company website.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.