VoodooShield/Cyberlock

Well, it probably would not have made a difference I do not think. But whenever someone installs a new VS, they should just exit out of VS first... and even better, uninstall the old version, although starting with 2.08 it hopefully will not matter if you uninstall first or install over the top. Thank you!

 

I hope you've got some sleep...otherwise we might get some errors tomorrow. I don't know where in the USA you are based, but I just checked it is nearly 3.00 am in Chicago.

 

Maybe he is celebrating this last Hawks' game....

 

Yeah, thank you for the tip... we should probably do that. Maybe I can make the How it Works screen come up first and say something about it there, or the prompt that tells the user that VS is in Training (although I am thinking about getting rid of that since training is really now longer required with VS). Thank you!

 

hehehe, I have not been sleeping much, but we are getting close, then I will sleep for 2-3 days straight .

Here is the latest version, with the bug fixes from yesterday, I am hoping they are all fixed. If anyone has any weird issues, please download and install the "special" version. It will display a message box of everything that is allowed and blocked. So if VS starts acting funny, hopefully we can narrow down what triggered it.

http://www.voodooshield.com/freeoffer/Install VoodooShield.2.08 beta.exe

http://www.voodooshield.com/freeoffer/Install VoodooShield.2.08 special beta.exe


Thank you for all of your help!

 

Do you mean the Jayhawks? Or someone else? Just curious . I used to follow sports, but not so much the last few years!

 

I went the special route, a road less travelled.

Apparently, it still asks having to switch back into 'Trial Mode' to make changes to any settings.

Also, from the attached screenshots, Windows Picture and Fax Viewer is still getting blocked in smart mode.

 

Sounds good, thank you, I will check it out. That really should be working, there must be an simple explanation. I did not have a chance yet to look at the Windows XP Settings / Trial mode issue, but I will do that tonight or this weekend. Thanks again!

 

Glad to be of help...

Also, I exited VS before running the installer, as requested by you yesterday, however I experienced the retry/ ignore scenario, again. I ran the installer over the top, as requested. also.

But, this time it accepted the 'ignore', but not the 'retry' option, at each step. See some of the screenshots that I took, to show this.

 

hmmmm, that is odd. It worked on 7 and 8, I will test it on XP. I need to spend a day or so just testing with XP. Thank you!

 

I am the spanner in the works!

 

Does this version includes the "cloud multi AV" scan of files?

 

Hi Dan

Have now got 2.08 installed and appears to be running ok.

As soon as it was up and running I change it to Smart Mode. The only program it then challenged was Windows Explorer and anything else was allowed to run. I then noticed that by default it is set to allow anything in "Program Files Folders". Not sure if that is a good idea going on the assumption that a new user might not have a clean machine. Maybe better if that was left unselected with an option on the pop up that these can be reduced by selecting that option. Personally I would prefer that and also gives confidence that the program is working.

I move an installation program to a Program Files folder and no challenge was made when it was run. So does that mean that if something can sneak into PF then it is at liberty to run?

Not sure if the whitelist is being used. I deleted all the computers that had collected and it did not appear that any reference was being made to them.

Hope this helps you somewhat.

 

Sorry to say that VS sort of crashed. Not sure what happened but I downloaded Opera Dev
http://www.opera.com/download/get/?partner=www&opsys=Windows&product=Opera Developer

The installer opened ok but when I accepted the install nothing happened (VS basic defaults). Other programs seemed ok but could not open task manager, then noticed the icon has disappeared. Exited VS via the tray icon and TM and Opera sprung into action again. Restarted VS and seems ok again.

Tried it Opera again and this time VS popped up but when Opera started there was a note that it had got Administration privileges. Never had that before. Tried again and this time ok.

 

Problems continue.

Keep getting pop saying it is not activated when it is running in Smart Mode.

 

OK, appear to have a bug in the Settings under 'Custom Tweaks' in that any folder pat that one enters or navigates to and then saves gets lost., i.e., when you go back into 'Custom Tweaks' whatever was entered previously has disappeared.

Regards


Baldrick

 

Yes, it does!

 

Well, starting with Vista, the Program Files folder is a protected folder, so nothing can write to it without admin permission. And this is why quite literally all (or the VAST majority) viruses either write to AppData or ProgramData, and not to Program Files... so yeah, it is perfectly safe. And if it is denied from ever being created in the first place, then it would never write to Program Files anyway. What it comes down to is "what comes first, the chicken or the egg". Other security solutions do this automatically by default, but the only difference is that we have an option to disable this feature. Think of it this way... install pretty much any security solution, then run an unsigned exe from the Program Files folder. Odds are, it is not going to block it, right?

The only real issue is malware that has already infected the machine. But really, it does not matter where the malware is on the drive, because it is going to be whitelisted unless it is cleaned up. People ask me about preexisting malware all of the time, and I always say, "ok, you already have a cold, do you want to risk getting the flu also." But let's just suppose that there are 5 preexisting infections, and someone installs VS. Well, when the 5 infections run, VS will whitelist them. At some point, the traditional antivirus will clean up the infections. And while the infections might remain whitelisted in VS, the traditional AV is now aware of these infections, so it will stop the computer from being infected again with the same infection. Besides, most modern day viruses are polymorphic, so they either change their file name, path, or it is an "updated" virus, so it has a new hash. If any one of these 3 criteria changes, then it is no longer whitelisted by VS, and VS will block it. Besides, what are the odds of getting the exact same infection? I would think it would be pretty low.

Maybe one answer would be to ask the user if they would like to reset their whitelist every 3 months. VS trains extremely fast now, so training is pretty much no longer necessary, so this might work.

Thank you for your input, I appreciate it! Please let me know if I am over looking something, or just got something wrong.

 

Thank you, this helps a lot! Late last night I discovered a pretty bad bug that has eluded us for 8 months, and it might be related to this issue / the issue with VS blocking everything without prompting until you exit out of it and start it again.

I was in firefox last night, and I downloaded a new program. I ran it from the Firfox "Downloads window" (not windows explorer / downloads), and VS did not block it. It turns out, there is a bug in VS's code that makes VS blind to child processes. So if you try to run something from FF or chrome in the "Downloads window", VS does not see it. And this bug is in the code that denies process creation until the user or VS decides whether to allow it or not. So I emailed the developer of this section of code today, and he is going to look at it and fix the issue asap. I think once this is fixed, the issue that you described, and that others have experienced will be completely fixed. I hope to have the fixed code from him in a few days. In the meantime, I will be fixing the remaining small XP bugs, and working on the web / snapshot stuff. Thanks again!

 

Yeah, I saw that too this morning. I think it came back after I fixed something else, hehehe. It will be an easy fix, thank you!

 

Not the Tweaks Tab, right, you mean Custom Tab? I just tried it under Windows 8.1 and it is working. By any chance are you running Windows XP on the computer? There is a bug in Windows XP, the settings need some help! I will be able to work on that this weekend while I am fixing all of the other XP bugs. If it is not XP, please let me know. I will try it on 7 this weekend too, just to make sure. Thank you!

 

Yes, sorry...Custom Tab. Not running under XP but under Win7 64bit...will have to double check the finding.

 

I just installed 2.08, and it is blocking almost everything. There is no change. It blocked everything just as soon as VS loaded for the first time after install. As soon as I closed the VS tray icon the applications I tried to run all opened at once. It's weird how it blocks computer, and control panels. I'm using Windows 7X64.

 

Hi Dan

Not sure if this is the same. I have Opera running in Sandboxie and programs are downloaded to a special folder where they are released if deemed safe. The install is then run from Windows Explorer. The folder they are d/l to is not set as the official d/l folder.

Hope this helps

 

I have noticed another bug, or maybe it is just the way the program works. Anyway I have an email program that loads on boot up. It is set in VS as custom. However it loads before VS wakes up and so the icon remains off.