VoodooShield/Cyberlock

Oops, just found a bug on windows 8.1. VS is blocking an exe, and basically flashing 6 times, then allowing the process. Now that I can reproduce the error, it will be easy to fix tomorrow. This is the first time I have seen it.

 

There is a beginning for everything

Observations (on Win8.1 Upd 1 x64, real system )

Installation: successful , VS started properly and did not crashes like previous build.

Behavior (Always ON mode):

1- Launched Regedit via Run > touched nothing > regedit did not start. Issue seems fixed

2- Launched Regedit via Run > Balloon prompts: clicked on it > Scan done > Decision Popup prompt > clicked "Allow" > another Balloon Prompts (VS tray icon blinking ) for each "Allow" clicked > but no regedit window > Decision Popup still present > clicked "Install" > regedit window finally appears > VS tray & gadget went red but mode is on "Always on".

note : the issue happen with Regedit but not with other exe (like dnsJumper.exe) etc... i think the "Allow" function still has a bug (with some Win8 tools) which is not present with "Block" or "Install".

3- Launched Cmd via Run > nothing happened

4- Launched HostsXpert.exe (portable app) > Balloon Prompt > Scan Done > flagged as Threat (FP obviously) > Decision Prompt > "Quarantine" selected > file Quarantined and renamed


Behavior (Smart mode):

5- Tray icon and gadget red (OFF) , don't know if normal or not

6- did Test 1, 3, 4: regedit, cmd and HostXpert.exe open ; curious that Hostxpert is no more flagged.

question: does an exe, if allowed once, is whitelisted permanently after?


User Logs: appeared and filled with entries

 

I installed the latest version of VS, and I still have the following problem after the first reboot to complete VS installation: VS still blocks access to the customize function that unburrys icons in the desktop toolbar. VS also still blocks access to the safely remove hardware utility. The problem goes away after another boot. On a positive note, the tray icon, and desktop gadget are loading at startup now. I'm using Windows 7X64 Ultimate.

 

VS still blocks trustedinstaller.exe even though I have automatically allow all software from the Windows Systems Folders ticked.

 

Can you make it compatible with net framework 4 so it won't require to install 3.5 on windows 8.1?

 

After windows update today on reboot letters "USB" were in upper left hand corner of screen and no tray icon. The letters USB was the VS shield, but not showing the shield. Left clicked and no options were checked in choose mode. Had to show/move shield. You may want to run the windows update and see if this happens. I am running Windows 7 Professional SP1 x64 with VS 2.00.

EDIT: Ran some more updates and had VS in learning mode on reboot. Problem seems to have been corrected.

 

The VS crash I reported when choosing install from the VS prompt when running a .exe installer, and then choosing cancel from the installer is no longer occurring. It appears that issue has been fixed. VS is still notifying me that my protection is disabled when in Smart Mode, and Always On Mode. I think it has to do with the option to automatically deactivate protection after 10 minutes of system idle. I think I should only get this message if i'm in Training Mode, or if I have chosen to completely disable VS protection by choosing disable protection from the VS context menu.

I think I may have discovered two more bugs which I listed below:

1. When running a .msi installer I get the following message before I receive the VS prompt: Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item. I attached a screenshot of the message. I believe explorer.exe hangs when this occurs because i'm unable to navigate to any directory, or open any folders until I click ok to the message. After I click ok to the message from Windows I can still run the installer using the VS prompt. Is this expected behavior? Can this message from Windows be suppressed? I have not seen this with other AE, or HIPS.

2. VS began blocking files originating from systems folders about 15 seconds after starting a scan with HeardProtect. VS blocked Netsh.exe first. When I allowed it a dos command prompt appeared. VS then blocked mspaint.exe, and I got a message saying Windows could not locate it on my machine. VS always allowed mspaint on my machine until conducting a scan with Heardprotect. I believe if I would have tried other files from Windows Systems Folder then they would have been blocked also. I attached a screenshot of Netsh.exe being blocked. Bug report sent.

Regards,
Mike

 

If I click on a TrueCrypt container instead of receiving the open with menu from Windows I get the the following message: Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item. Using Windows 7X64 Ultimate. Bug report sent.

 

Something not as pressing....When you're in full screen mode you can still see the Voodooshield icon. Anyway to either disable for full screen or toggle to see it with a hot corner option?

 

Are you watching streaming video when this happens? I can see the desktop gadget when watching a streaming video in full screen mode, but not the tray icon. If i'm watching a video file locally such as an avi file, etc.. then I cannot see either one. I'm using Windows 7X64. What version of Windows are you using?

 

The VS bug I reported where VS was blocking TrueCrypt from mounting a TC Container was actually a bug where VS was blocking the, "open as" function in Windows which allows the user to choose which application to use to open an unrecognized file. Dan said it was an easy fix so it should be fixed in the next build.

 

Still a problem in VS 2.01 beta.

 

Confirmed still a problem with VS activate alert in 2.01 while in Smart mode. When I clicked yes to activate protection it then was disabled.

Excessive logging of allowed apps is fixed in 2.01

 

Dan is aware of it. It happens in Smart Mode, and Always On Mode. I'm hoping he will have fixed it in the next release.

 

I have discovered a new bug. When training mode completes, and I receive the message saying you are not protected would you like to enable your protection (I don't remember the message word for word). I then choose yes from the prompt to enable VS protection. Then when I right click on the VS tray icon it shows a check mark by disable protection. So when training mode completes VS switches from training mode to disable protection if I choose yes to enable protection when prompted. I have checked this 3 times, and I got the same result each time. I would appreciate it if others could check this as well. I'm using Windows 7X64.

 

Sorry I didn't mean the tray icon. I meant the desktop gadget. I'm running Win 8.1 64 bit. I was wondering if they had a full screen toggle option. Kind of annoying watching a full screen video with that gadget there.

 

Yes, I agree. That is annoying. I will try to remember to mention it to Dan the next time I email him. I'm trying my best not to send him any emails for a few days because I have literally emailed him to death about ever little issue I found with VS. I need to give him a few days just to focus on coding.

 

Yep. Seems like he has a little bit to do with the current build. So far so good though.

 

Just installed v 2.01 and looking good!!!!!

 

Sorry I have not been responding to the posts, but I have been reading the bugs you guys have found, and we are getting VERY close! I will respond to the posts this weekend.

Here is 2.03 beta... you might want to delete the .dat files in the following folders, then uninstall, reboot, then reinstall and reboot.

Vista, 7, 8 and 8.1 - C:\ProgramData\VoodooShield\
XP - C:\Documents and Settings\All Users\Application Data\VoodooShield\


http://www.voodooshield.com/freeoffer/Install VoodooShield.2.03 beta.exe


Fixed in 2.03:

More issues with the snapshot were fixed

Taskeng and taskhost issue fixed. If anyone notices VS block TrustedInstaller, can you please send me the path of the blocked file?

Optimized for Windows XP

Fixed an "Open As" bug that Cutting_Edgetech pointed out (and help me track down the source of the issue, thank you!)

Fixed the 10 minute Activation Warning in Training and Disable Protection Modes (this turned into a major ordeal, but it all worked out really well, and for the better)

VS SHOULD NOT let anything slip by (like blinking 6 times, etc), but if it does, please delete Snapshot.dat from the following folders (after exiting VS)

Vista, 7, 8 and 8.1 - C:\ProgramData\VoodooShield\
XP - C:\Documents and Settings\All Users\Application Data\VoodooShield\

There were several other fixes, but I forgot to keep track of them, I was a little "to focused" .



Still to do (this weekend hopefully)

Fix the new pubisher feature (should be pretty simple, I had it working in a different version)

I could not reproduce the UAC prompt during installation on XP. If anyone else notices it, please let me know! It is an easy fix.

Finish the Utility Tab (super simple)

Fix the cloud snapshot (simple)


Thank you guys!!! We really are almost there!!! I think all of the bugs will be worked out within 3-4 days from now!

 

I may not be able to test VS again until Monday if my plans work out for the weekend. I have not had a chance to test build 2.03 yet, but trustedinstaller.exe was being blocked from the following path in the last build. C:\windows\servicing\trustedinstaller.exe Using Windows 7X64 Ultimate.

 

No problem! I'm obliged to help in any way I can.

 

Thanks Dan!

I'll try it out and if there is anything wrong I'll let you know.

Regards,
Kardo

 

Same here . Will test it tomorrow

 

"Fixed the 10 minute Activation Warning in Training and Disable Protection Modes"
Still an issue here Win 8.1 64 bit. It gave me the warning and I said activate. It's still in training and haven't gotten a warning after 30 min.
Also when you first install and hit "Restart later" instead of "reboot now" is the protection still enabled or only after the reboot?