VoodooShield/Cyberlock

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. hayc59

    hayc59 Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,841
    Location:
    KEEP USA GREAT
    Dan, that sounds very cool and I agree..would make it a lot
    more efficent.
     
  2. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    +1 :thumb:
     
  3. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Hi Dan

    Am following the logic and agree with it...would be a great usability enhancement to VS IMHO.

    Regards, Baldrick
     
  4. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    If you decide to allow executions in the appdata, and program data folder when "Protect User-Space in Smart Mode when VS is OFF" is enabled then would all other areas of the user-space be protected when the bolded option listed above is enabled? What about external drives that are already connected to the computer that will not cause VS to toggle? Can you make VS consider all other Partitions other than C the user-space, or give a tickbox option to enable protection for all other partitions when in Smart Mode? I think that would be a great option for VS to have. I always use an external drive as my user-space. I don't even download installer to C drive. I download everything to external drives, and my biggest fear is that malware will execute from one of my external drives. I have projects I have been working on for 6 years on external drives, and I would be literally in tears if that data was lost. If you don't want to automatically allow the appdata, and program data folder in Smart Mode you could also give an option in the settings the user can tick to allow executions in those folders

    Dan, the method you described in your post would work fine. I would be ok with that method. You could also give the user the option to block executions in the appdata, and program data folder with a tickbox when "Protect User-Space in Smart Mode When VS is OFF" is enabled. I don't think it's a must have option though. It may satisfy some users. I really would like to see the option to protect partitions other than C when Smart Mode is enabled though. That's an option i've been wanting to see for some time now. I tested VS in the past to see if it prevented executions from external drives in Smart Mode, and I got inconsistent results. Sometimes it blocked executions from external drives, and other times it did not when the shield was red. When I brought the inconsistency to your attention you informed me that VS should not be blocking any executions from external drives/partitions other than C in Smart Mode when the shield is red. This was several months ago though.
     
  5. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    835
    Location:
    UK
    I think CE's suggestion of an option to block executions in appdata and program data in 'Smart mode when VS is off' is a good one.
    However, I run VS in the 'always on' mode, so I'm assuming that changes to how Smart mode is handled won't affect the 'always on' users.

    Gordon
     
  6. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    No, it want have any affect on users that use Always On Mode.
     
  7. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    @VoodooShield - May I make a few suggestions:

    Settings change:

    Since Windows 8 and Windows 10 both use the modern interface, can the following setting be changed for future versions?

    This is what we have now = "Automatically allow Windows 8 Metro Store app installations"

    Can it be changed to something like this = "Automatically allow Windows Store app installations"

    This just makes more sense, putting into consideration that a Windows 10 user isn't going to be using a Windows 8 only option.

    and

    If you have both Windows 8 and Windows 10 users, the option "Automatically allow Windows Store app installations" applies to both of them.

    Threats Blocked :

    1. Can the "Threats Blocked" text be a larger text, possibly Bold? Something that is more readable?
    2. Can the "Threats Blocked" text automatically disappear if a person decides to deselect the setting "Automatically scan blocked files with cloud based scan engine"?
    No point in having it present if the user isn't utilizing this feature.

    Whitelist:

    If it's possible, can you add a button "Add to local Whitelist" or "Add custom", for those of us who don't want to Edit the whitelist online?

    Example 1: User clicks "Add to local Whitelist" or "Add custom", a new/blank Process and Path line appears for them to add what they want (Manual process).
    or
    Example 2: User clicks "Add to local whitelist" or "Add custom", an explorer window appears so the user can browse the process they want to add (Path adds itself once the user selects the process)


    Once any whitelisting has been done, the data automatically uploads to the online whitelist.

    User account:

    When a user logs into their account, Can you add an option for everyone to change their own Email address, without emailing support?

    I just retired the email that I used for this account and would love that capability to change it to something I am currently using.



    That is all I got, keep up the great work as always...

    :thumb: Long live VoodooShield :thumb:





     
    Last edited: Apr 29, 2015
  8. hjlbx

    hjlbx Guest

    And what happens when an autorun memory hollowing script or other malware launches automatically from AppData\Temp folder? Some malwares autorun as soon as they hit the Windows file system - independent of any web app being open... not common, but does anyone want to find out what that can do to a system?

    Really bad news, that's what...

    Nothing should be allowed to run from any AppData\Temp folders unless manually white-listed by the user... that includes installer temp files.

    That's how I have to do it using AppGuard and Comodo... the whole point - theoretically - being that the multi-step process forces the user to take pause and think about what he\she is doing.

    It can be a pain, but the increased security is well worth it.
     
  9. MrGump

    MrGump Registered Member

    Joined:
    Sep 5, 2009
    Posts:
    406
    2.51beta seems to block command lines but doesnt supply much info , if any at all, about them. I dont see anything in logs. Still i guess im happy if its blocking threats!
     
  10. hjlbx

    hjlbx Guest

    AOMEI Backupper Pro 2.5

    Select "Utilities"
    Select "AOMEI PXE Boot Tool"

    VDS blocks cmd.exe and xcopy.exe which are needed to create the boot image.
     
  11. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    I have the same and all I do is set VS in training mode and once the Back Up is done I turn it back on.

    Daniel
     
  12. Gillor

    Gillor Registered Member

    Joined:
    Jul 12, 2013
    Posts:
    86
    Location:
    UK
    Hi Dan,
    Doesn't appear to be completely fixed as I am still getting this alert from time to time running on Windows7.

    Also, the reference to Sandboxing when no Sandboxing option is available.

    2015-04-22 17_22_38-VoodooShield Alert.jpg
     
  13. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hey everyone, I have made a lot of progress and I am getting close. I am thinking 3-5 more days at the most for the new version. Then I will catch up on the posts, thank you!
     
  14. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Thanks Dan!

    Daniel :)
     
  15. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    Go for it, D-boy! :)
     
  16. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    835
    Location:
    UK
    Thanks Dan. Patiently waiting.

    Gordon
     
  17. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    Dan, you're the man...

    Keep up the great work! :thumb:
     
  18. ProTruckDriver

    ProTruckDriver Registered Member

    Joined:
    Sep 18, 2008
    Posts:
    1,444
    Location:
    "An Apple a Day, Keeps Microsoft Away"
  19. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Take your time Dan. We will be around.
     
  20. hjlbx

    hjlbx Guest

    Anyone getting a Runtime Error "ngen.exe (Native Image Generator) insufficient memory" ? (paraphrase)

    ngen.exe creates images - particularly linked to apps created with Visual Studio.

    Not sure if it is somehow connected to VDS or something else... Runtime Error started "out-of-the-blue."
     
  21. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Hi Dan

    I will say it again...but a masterpiece cannot be rushed...so don't...just take your time...as you have always done...and I am sure that we will be in awe of the outcome...;)

    Regards, Baldrick
     
  22. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Yes, no need to rush.
     
  23. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Yes, the wording for the prompt needs to be corrected. This was reported recently by someone else as well.

    Edited 4/30 @ 11:18: I went back, and looked. It was you that reported it before. I thought it was someone else. I also found another prompt with the same problem reported by someone else though that needs corrected as well. I guess Dan will have to go back through the prompts again when he has time.
     
    Last edited: Apr 30, 2015
  24. Gillor

    Gillor Registered Member

    Joined:
    Jul 12, 2013
    Posts:
    86
    Location:
    UK
    Thanks CE, it's not a major problem for me but I thought it worth mentioning as Dan indicated he had fixed it.
     
  25. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    During installation of VS, it is recommended to turn off UAC, which I have done.

    I just had to install an update to some software via a Windows Installer .msi file. However, I kept getting 2503 / 2502 errors (see below). On googling this error, it appears this is because (on Windows 8.1 at least, though I don't see it in Windows 7 either) there is no 'Run as Admin' option in the context menu for .msi files, though this can be added via a registry hack (http://sys-solutions.co.uk/installer-error-2503-and-2502-in-windows-8/). I performed the hack and then and managed to proceed with the install using the new 'Run as Admin' entry.

    I contacted the developer of the software and his response was 'I tested the package on Win7 and Win8.1 before deploying, and it went fine – I was prompted for UAC elevation automatically during the setup, and I did not have a need to Run As.'

    So my question is: Could the deactivation of UAC recommended by VS lead to install problems with .msi files because no elevation prompt is issued?

    Edit: I was using an account with Administrator rights throughout.
     

    Attached Files:

    Last edited: May 1, 2015
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.