VoodooShield/Cyberlock

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Hi

    I had absolutely running; no apps and certainly no security apps and no dice..the message still came up. Ended up doing an install from the manually downloaded version.
     
  2. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Does this look correct VS ON OFF 2.JPG 2.50
    Notice this upon opening HMP.A w HMP.A not in snapshot...(that's HMP.A in the pic). VS Prompt dialog Blue > Install.
    Always On VS Blue goes Red Off opening HMP.A from desktop shortcut with HMP.A not in snap. VS stays Red Off after HMP.A close. Have to force Red Off to Blue.
     
    Last edited: Apr 12, 2015
  3. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Yeah, false positive is not an issue....just the lack of actionable Quarantine...Thanks
     
  4. simmersK00L

    simmersK00L Registered Member

    Joined:
    Mar 20, 2013
    Posts:
    323
    Location:
    USA
    update to my last, not only is vs_2.50 running aok, I installed hmp.alert3_181 and it seems to be playing well with mbae 1.06 and no obvious slowdown either :) this may be overkill, but until I run into a conflict I'll run all 3. When I was having issues with hmpa3 betas several weeks ago, I was running some other security software, now uninstalled.
     
  5. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    R U still running CryptoPrevent
     
  6. simmersK00L

    simmersK00L Registered Member

    Joined:
    Mar 20, 2013
    Posts:
    323
    Location:
    USA
    yes, running foolishit cryptoprevent 7.4.11 (paid)(iirc), but run it in its basic mode. I manually update it about once a week.
     
  7. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Yes, web apps would be better. :thumb:
     
  8. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    To be quite honest, you should not need CryptoPrevent alongside VS. But seeing as you paid to support development, I can understand. I used to use CryptoPrevent a ways back and it was a nice tool, for sure.
     
  9. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    What is it about ransomware that lends itself to VS protection.
     
  10. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Running very well Dan!

    Thanks,

    Daniel :)
     
  11. Gillor

    Gillor Registered Member

    Joined:
    Jul 12, 2013
    Posts:
    86
    Location:
    UK
    I am getting this alert, sometimes a couple of times a day. It’s always the same except for the number/letter combination.

    It doesn’t seem to cause a problem whether I allow it or block it but because the number/letter combination seems to be different every time I can’t fathom out a way of suppressing the alerts.

    Does VS allow for wild card whitelisting?

    Also I don’t quite understand the reference to sandboxing the application when there is no sandboxing option available with this alert.

    Not sure whether it’s significant but I am using VS with Sandboxie.

    2015-04-13 08_39_25-VoodooShield Alert.jpg
     
  12. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Ditto that here...working very well and playing very nicely with both WSA AND HMP.A v3.

    Regards, Baldrick
     
  13. simmersK00L

    simmersK00L Registered Member

    Joined:
    Mar 20, 2013
    Posts:
    323
    Location:
    USA
    Update: ended up with a BSOD this morning, & xp was pretty much on idle, so I uninstalled hmp.a3, and got another BSOD online with dragon, so at the moment running vs 2.50 with exploit shield disabled and letting mbae stop the exploits, although I'm not 100% sure what triggered the BSOD. :confused:
     
  14. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Good find :thumb:
     
  15. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    You can burn Linux OpenSuse to a disk, and run it at boot time. It has a memory tester on it that works well. At lease it did the last time I used OpenSuse. The only down side is the download is a little over 4GB's. I'm sure there are other dedicated memory test tools. I have used others in the past, but I can't remember what they were called at the moment. I'm sure a google search will bring up some options.
     
  16. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Did you try running BlueScreenView to see if it would identify the offending application? http://www.nirsoft.net/utils/blue_screen_view.html

    Edited 4/13 @9:28: You are not using HMPA, and MBAE on the same machine are you?
     
    Last edited: Apr 13, 2015
  17. simmersK00L

    simmersK00L Registered Member

    Joined:
    Mar 20, 2013
    Posts:
    323
    Location:
    USA
    yes have bluescreenview both same bluescreen
    The problem seems to be caused by the following file: ntoskrnl.exe
    IRQL_NOT_LESS_OR_EQUAL
    drivers found in stack: 1) only ntoskrnl and 2) hal & ntoskrnl
    nothing clearly pointed to hmpa3, mbae or vs...(that I could see -- not obvious to me)

    well yes was trying public hmpa3_181 same time as mbae. :doubt: dumb perhaps, but I think voodoo_Dan said something like they should work together and if they do, go for it, or something like that. I like features of hmpa3, but mbae has been more stable on my xp. Just noticed uninstalling hmpa3 seemed to disrupt something else too. more to do.
     
  18. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    I am running VS 2.5 / HMPA3 181 (paid) and MBAE 1.06 Free combination (the latter is redundant according to HMPA devs) with no problems on my machine, but it is Win 8.1. (Also WSA, CryptoPrevent, MBAM Premium, WinPatrol, WinPrivacy).
     
  19. Gillor

    Gillor Registered Member

    Joined:
    Jul 12, 2013
    Posts:
    86
    Location:
    UK
    An update on my previous post #6736.

    The sandbox option returned on the latest VS Scan alert so it looks like this could be an intermittent "fault".

    As for the alert in general, I have just noticed the option in Advanced Settings to "Automatically run file after scan if threat is not detected."

    I am not sure whether this is normally checked by default or whether I have inadvertently deselected it, but I'll check it anyway and see what happens.
     
  20. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    This is disabled by default cause IMHO it might be a security risk to always allow something that is still not detected by VT.
     
  21. Gillor

    Gillor Registered Member

    Joined:
    Jul 12, 2013
    Posts:
    86
    Location:
    UK
    Good point.

    Although it would remove the problem of the constant dismhost.exe alerts, I can see that to globally allow the running of all such files could possibly be a security risk. So sandbox? (assuming that option is available - see my previous post).
     
  22. Miquell

    Miquell Registered Member

    Joined:
    Feb 8, 2015
    Posts:
    32
    Location:
    Poland
    Hi Dan :),

    After a few days of testing, since I've done an upgrade, I can say that version 2.50 works very well on my board (Win8.1 64bit) and I've no issues to report - great job! :thumb:.

    Many thanks and best regards :).

    Mike
     
  23. simmersK00L

    simmersK00L Registered Member

    Joined:
    Mar 20, 2013
    Posts:
    323
    Location:
    USA
    Good I feel less redundantly dumb! :cool: For moment I removed both hmpa3 and mbae (both paid) and uninstalled and reinstalled vs 2.50 and enabled its antiexploit and xp seems stable again. I tried several of hmpa3 betas all without mbae running, and I like hmpa3 but it's never been stable here :doubt: I know Dan had a post about the antiexploits and he seemed to be in favor of running them if they coexist well, but if vs is doing the ae job now, perhaps best to keep it simple? feedback welcome re that question. Meanwhile Dan is looking at my BSOD minidumps, but even before looking he is certain that vs is not the culprit by design. good to know and curious to see his dump analysis.
     
  24. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Morning! I just re-installed 2.50 Voodoo Shield...and it gave me the same False Positive read in Firefox...the only reassuring thing is it admits it is a False Positive...and will fix it at a new version release. I have it in tandem with AppGuard...and Avira Pro A/V and so far its app friendly...but on Fire you might say for Firefox...Lol! Great product Dan! Sincerely...Securon
     
  25. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Image Backup Question:
    Do I need to change anything in VS while making /recovering backup image to /from external. From Windows or from rescue bootable media.
     
    Last edited: Apr 15, 2015
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.