VoodooShield/Cyberlock

Hi Dave
Thanks for the log.
I think I have the fix, so it will be included in the next release

Thanks for your help!

 

Hello
VoodooShield doesn't use the windows gadget infrastructure (I assume that you mean the sidebar gadgets). I agree that the name is misleading a bit, so probably we need to think about some other.

Regarding VoodooAi it's better to ask Dan, he makes the most development work, so he knows better than me.

Thanks

 

No Vlad, thank you for your help.

 

Hi VladimirM ! What is the purpose of the gadget and can it be disabled? From what I've seen in your video on your site the balloon pop ups are coming from the taskbar icon, not the gadget. So then if both the gadget and the taskbar icon provide the same options menu then whats the gadgets purpose and can it be disabled permanently and not hidden? ThankYou for your timely response. Darrin

 

Despite instructing Voodooshield to block this application it keeps reappearing every time I open Chrome (since the last Chrome update I think).

According to the log the Path and Hash are always the same so any ideas as to how I can permanently block it?

 

VS has had both of these features for a very long time now, at least since 2.75, possibly before.

We just need to add the new Windows 10 dismhost.exe process / hash to the hardwired list, and this issue will be resolved. We could always include fulltime whitelisting by publisher, but after seeing all of the fake digital signatures in the VoodooAi sample data malpack sets... believe me, that is the LAST thing we want to do.

VS is a computer lock, and there will be blocks from time to time... there is no way around it. With our toggling and other proprietary features, we have done A LOT to reduce the total number of blocks, but we will never be able to safely eliminate all of the blocks. Thank you!

 

Sure, thank you!

 

Not anytime soon. The code is already written, but we just need to integrate it in to 3.0, but we will asap. Thank you!

 

No worries... you did not open a can of worms. The VS desktop shield gadget looks like a gadget, but is actually not one of the Windows gadgets that are subject to vulnerabilities. It is actually just a plain form / window that looks and behaves like a gadget, but it is not, so there are no worries there at all.

The purpose of the shield is explained here: https://www.wilderssecurity.com/threads/voodooshield.313706/page-335#post-2553512

Basically, if you are going to lock a computer, you need to make it easy to use, and to be able to turn the lock off quickly. Also, our desktop gadget lets the user know the status of the lock at all times, and also makes them feel safe. I have heard hundreds, if not thousands of times how our desktop shield gadget makes the user feel safe. And honestly, that is priceless. Thank you!

 

All tray notifications come from the tray area... we could make the notifications come from the desktop shield gadget... but it just works better keeping them as they are.

If you want to hide the desktop shield gadget, just right click and choose "Hide". Thank you!

 

Thanks VladimirM for the info! I didn't realize how many functions this gadget provided. Have a great day! Darrin

 

I've been using VS 3.07 beta on Windows 7X64 Ultimate for 5 days now without any issues. All the bugs I had experienced with VS version 2 have been fixed in version 3. I have not done a lot of testing, but things have been running smoothly. I have checked about half the settings of VS, and VS is operating in accordance with the different configurations.

 

Not allowing all software from Program Files causes VS to disable it's protection if the user tries launching Hitman Pro. VS treats it as an installer when you choose allow from VS prompt. I remember Dan informing me that it can be difficult to distinguish from installer, and plain .exe with some software. I just manually reenabled the protection.

 

Hi Vlad,

Call me impatient if you will but I'm keen to try your next beta. Are we getting close?

Thanks,
Dave

 

That was actually me (Dan), but thank you either way!

 

Thank you, yeah, we have come a long way and Vlad did a great job on 3.0 and finishing up fixing all of the bugs... so we are almost there!

 

Yeah, some software has their own "Installer", and is pretty much impossible for VS to detect. I am not exactly sure what you mean on this, so if there is a bug we need to fix, please let us know.

 

Sorry, Vlad is a little preoccupied at the moment, but I think he will be back with us shortly (you will understand) .

BTW, VoodooAi is almost ready... I have been tied up in meeting after meeting, working on taking VS to the next level. I will say this... man, hehehe, it is frustrating to get ML / Ai just right, but I really think it will be worth it, and highly valuable to VS for analyzing unknown files.

 

I've noticed on my Vista bug of VS in version 3.0.5 and 0.7...pop-up alert is completely empty and I can see only grey area so I don't know about what is an iformation. In effect I'm not able to react and proscess is blocked without my decision.

 

Yeah, we are trying to track down this bug. Do you know what item VS blocked? If so, it will be super easy fix. Can you maybe look at the User Log to see what it blocked and let us know? Thank you!

 

Hi Dan! Correct me if I'm wrong but is there an adjustment for the auto block time of 20 seconds in the upper right corner of the pop-up alert for allow/sandbox/block? If not can this be added with incremental 20,30,40... including a no time limit in case I'm away from my comp.? Thanks!

 

Yeah, thank you Darrin, that would be cool! Vlad or I will add that soon, thank you!

BTW, just to clarify, the issue that ichito experienced is when VS blocks something, but does not have any graphics or buttons on the prompt at all. It should disappear after 20 seconds (or whatever) as long as the mouse does not enter the box. We already know what the issue is... and it is quite simple. When the User Prompt is shown, there are initially no buttons or graphics on it at all. Then, depending on what was blocked, VS will determine which buttons and graphics to add to the box. The problem is, VS is blocking something that is not covered in our If Then statements, so it does not add any graphics or buttons. Once we figure out what is being blocked, we will just make sure whatever criteria is being missed is included in our If Then statements. The problem is that it hardly ever happens, so we have no idea what blocks are causing the blank grey box. But once we discover a process that shows a grey box, it will be super easy to fix. I hope that makes sense .

 

I'm not sure if it's a problem. If an application on the user's machine triggers VS to disable itself then we just need to make sure VS does not stay disabled long. We don't want them surfing, etc.. unprotected. I just turned the protection back on manually for myself.

 

I added licquerryapp.exe to the whitelist on the 1/19, and today it blocked it again. I think I added it anyway. I trigger it to run so I could allow it by VS's prompt. Is VS still suppose to add executables to the whitelist if the user allows them by the prompt? It is located in the Program Files (x86) Appguard folder.

Edited 1/ 21 @ 3:58
I just added it to the whitelist again by right clicking on it in the user log. I will see what happens.

 

I have seen this on Win 7 as well.