VoodooShield/Cyberlock

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Does VS Service need to start at boot or may I change to Automatic (Delayed Start)
    Does Dan publish a change log for release and beta?
    I wonder if VS would benefit via an Install / Uninstall Mode for Program Installers / Uninstallers?
    My old Vista box seems very happy with VS :thumb:

    Are the VS beta's stable. Usually don't run beta...but, v2.12 is so cool. Wondering if I should run VS v2.13 beta. Do I just over install? Is v2.12 Snapshot saved? Do I.. Disable Protection for VS Installer? Do I need to Train again?
    TIA
     
    Last edited: Nov 24, 2014
  2. DX2

    DX2 Guest

    Can VS replace a typical AV?
     
  3. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    No, but VS is the perfect complement to your traditional AV
    Remember your typical AV is only effective on typical viruses.
    Malware today is everything but, typical.
    http://voodooshield.com/FAQ/
     
    Last edited: Nov 24, 2014
  4. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Hmmm no, not really...where did you read that?

    virus = malware
    malware = virus

    malware = malicious software. Malware is a generic term that generally can be used for anything bad, virus, trojan, worm.... There is no AV that will detect viruses only.
    Even if the product is called >insert brand< Antivirus :D
     
  5. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,565
    Thanks Dan - will try that later today.
     
  6. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    2,177
    Location:
    Canada
    Beta working good here also. It seems it solved the problem I had at startup: "Voodooshield has stop working"
     
  7. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    741
    Location:
    United States
    Is there a way to export the log file? The print is so small its hard for me to see but I want to see where its pointing to. It doesn't seem to allow copying from the log file itself.
     
  8. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Your AV doesn't work!
    http://drwitherby.com/allow-listing/
    <<The security community is in a constant state of change as new infections appear and it takes time for them to be reported, samples collected, analyzed, and tested by anti-virus researchers before they can add a new threat to database definitions. Further, if you're dealing with zero-day malware it's unlikely the anti-virus is going to detect anything.>> quote BleepingComputer #
    If you feel a typical AV / Internet Security / Security app satisfies. I respectfully disagree
    NIS | Sandboxie | VoodooShield
     
    Last edited: Nov 25, 2014
  9. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    1) CSV Export of Log and Snapshot may be of interest for some users.

    2) flashdrive with v2.12 ~ Noticed USB on Desktop Icon one time. Subsequent use of flashdrive does not render USB in Icon.

    3) EMET > Is VS compatible with EMET 5.1 ~ Do I need EMET with VS.
    I have DEP with Vista but not ASLR to my knowledge.
    Comments?
     
    Last edited: Nov 25, 2014
  10. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    VS does not filter HTTP, SMTP, POP3, FTP, etc. VS Cloud AV only checks files when they attempt to execute so in the end VS should still block the threat. Also VS is not going to filter bad urls, or domains. VS will not alert the user if they are on phishing websites, or on website that serve malware.
     
  11. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    I wasn't having any problems with 2.13 or 2.12 either on Win 7 x64.

    Since VS blocks any execution not Whitelisted I don't see the need for EMET and I never used EMET to test yes but not full-time. And I just noticed USB does not show at all on the Shield when I plugin a flash drive but I get the blocks below. Hmm. 2.14 on Win 7 x64.

    25/11/2014 4:09:32 PM Blocked rundll32.exe c:\windows\system32\rundll32.exe f5691b8f200e3196e6808e932630e862f8f26f31cd949981373f23c9d87db8b9
    25/11/2014 4:09:32 PM Blocked rundll32.exe c:\windows\system32\rundll32.exe f5691b8f200e3196e6808e932630e862f8f26f31cd949981373f23c9d87db8b9
    25/11/2014 4:09:31 PM Blocked rundll32.exe c:\windows\system32\rundll32.exe f5691b8f200e3196e6808e932630e862f8f26f31cd949981373f23c9d87db8b9
    25/11/2014 4:09:31 PM Blocked rundll32.exe c:\windows\system32\rundll32.exe f5691b8f200e3196e6808e932630e862f8f26f31cd949981373f23c9d87db8b9
    25/11/2014 4:09:30 PM Blocked rundll32.exe c:\windows\system32\rundll32.exe f5691b8f200e3196e6808e932630e862f8f26f31cd949981373f23c9d87db8b9

    Also I see that the Remove Device Icon in the tray is not there either maybe that's what VS Blocked? Exit VS and the Remove Device tray Icon comes back.

    TH
     
    Last edited: Nov 25, 2014
  12. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    TH, I had something similar happen in the past for many builds before it was finally fixed. In my case the Remove Device tray icon showed in the toolbar, but VS would not allow me to access it. VS silently blocked me from accessing it. I had to exit VS before being able to access it. I think that bug was fixed about 2 1/2 to 3 months ago. I'm using 2.13 on Windows 7X64 Ultimate, and i'm not experiencing that problem anymore.

    Edit: I read your post again. I think you are right. That bug would likely have been introduced in build 2.14.
     
  13. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Could be I never seen it before as I don't use USB Devices so much?

    TH
     
  14. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I always have external drives connected to my computer. Hopefully Dan will know what changes in the code could have caused this. I don't know about the USB missing from the Shield. I will check to see if it happens in build 2.13. I have been using Always On Mode so I will have to switch to Smart Mode to check. It only appears in Smart Mode.
     
  15. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I just checked VS in Smart Mode when plugging a USB device in. VS toggled to protection ON USB Mode so it is working in 2.13. VS will not toggle to protection ON USB Mode if the USB device is already plugged in before booting up. That is how it has always been.
     
  16. l3l312

    l3l312 Registered Member

    Joined:
    Nov 11, 2014
    Posts:
    22
    Hi all,
    On VS 2.13 beta had a message popup at boot on 3 different occasions stating VS service did not start and prompted me to uninstall then re-install. Sorry late to post on this, but it's been a hectic week.

    I'm happy to report that on VS 2.14 beta I've had no such issue or any issues at all. Working like a charm.

    Keep up the good work Dan.

    l3l312
     
  17. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    VS works quite well alongside EMET, no conflicts. Also, both are quite low on resource usage. Is it needed alongside VS? No. However, it does provide great protection from exploit mitigations. VS is rock solid, as close to unbeatable as it can be. However, if VS were to be bypassed in the future, it would be done by way of exploiting a trusted application. My take on it is that if EMET works without issue on your system, go for it. If it causes you more headaches than anything else, go without it.
     
  18. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Yeah...I clicked allow for the rundll as it was an action I requested. Then the Safely Remove worked. I just couldn't reproduce the VS Icon USB. Don't recall if I was Default or Always On. This was added to Commands > "c:\windows\system32\rundll32.exe" shell32.dll,control_rundll hotplug.dll ~~ Settings > Tweaks > Rundll32 is checked by Default not to whitelist.
    How do you export Log text... just realized you did a copy paste :thumb:
    Thanks for feedback on EMET.
     
    Last edited: Nov 25, 2014
  19. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Okay ... Checked in Smart Mode On ~ no USB in Icon but, Safely Remove works as designed. Maybe VS has to toggle for USB in Icon. I'll have to test when I sign off. Thanks No biggy...was first time I saw USB so, was tickled that Dan thought of everything. Even a tiny USB. ;)
     
  20. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Good answer....I have EMET 5.1 saved to my Desktop. After reading the User Guide. I paused...quite a piece of technical writing. Gave me a headache ... I ran EMET 2 a short time and had pita conflicts...so, uninstalled.
    Cheers
     
  21. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    741
    Location:
    United States

    I run on demand scans with nothing running in real time AV wise. VS, AG, AntiLogger and WinPatrol plus. Very light and very effective.
     
  22. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    I only have 2.13 beta saved. Where does Dan publish the beta link's
     
  23. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Does AG stand for AppGuard...you're running VS + AG ?
     
  24. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
  25. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.