VoodooShield ?

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool! I think the taskeng issue is fixed now too... at least I ahve not seen it come back.

    I am testing a new method for the silent blocking after 2-4 hour issue. I really think this will work, I do not know why I did not think of doing this before ;). So I should know here in 2-4 hours if it really is fixed, and if so, I will upload a new version. I will also see if I can finish up the new sandboxing feature within that time.

    Then we will just have to figure out what bugs remain and we will be good to go!

    Thanks again for everyone's help!
     
  2. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    I agree... the malware situation has gotten way out of hand. As I was saying, even the US government is starting to take notice and have realized how bad it is.

    That's cool, we can make it free to schools as well, I did not think about that! Actually, let me talk with the other guys and see if we can offer free VS Pro to schools, that way you can use the password feature... that would think that might come in handy at schools. Either way, I will make sure your school gets a free license, please email me and I will set that up. Thanks again!
     
  3. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hi Novastar 3d, that is great to hear, thank you for letting us know! Yeah, the issue is that torch.exe is in the appdata folder. The developers should have put their program files in program files. I just downloaded torch and noticed something odd. When I run it, it spawns 10-15 torch.exe's, so that is kind of weird, although they all seem to close when you close the browser.

    But what you can do is to move the Torch folder that is in the C:\Users\Greg\AppData\Local folder to C:\Program Files (x86)\Torch (since it is a 32bit application). Then simply add "torch" to one of the six boxes on the Custom tab in VS's Settings. The new version that is almost ready will detect torch automatically, and you will just go to the Web Apps tab and select it there.

    If you do not like the idea of moving the Torch folder, you should be able to temporarily disable the "Protect User Space in Smart Mode when VoodooShield is OFF", on the Settings / Advanced tab. Then after you use Torch for a minute or two, you can enable that option again. I have not tested this, so I am not sure what all exe's are in the Torch folder, but it should work. Although, moving the Torch folder to C:\Program Files (x86)\Torch is a more permanent fix in my opinion. Please let me know if this does not work for you, thank you!

    Edit: BTW, I am unsure how moving the Torch folder will affect auto updates or if you want to uninstall Torch at some point, so you might consider the just disabling Protect User Space temporarily.
     
    Last edited: Jul 13, 2014
  4. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,599
    Location:
    South Wales, UK
    Hi Dan

    Excellent news...well done...looking forward to trying the next beta very much.

    Regards, Baldrick
     
  5. MrGump

    MrGump Registered Member

    Joined:
    Sep 5, 2009
    Posts:
    406
    cant wait to test it but im still using 1.30. How can I help?
     
  6. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hey Baldrick, thank you, here it is ;).

    http://www.voodooshield.com/freeoffer/Install VoodooShield.2.33 beta.exe

    I think we are good to go, hopefully all of the bugs are worked out. Well, except I saw one small but where Windows 8.1 blocked a rundll32.exe out of the blue, it will be an easy fix, I just have to run it awhile on that machine to figure out where that was coming from.

    The new sandboxing feature is not quite ready, but it is very close. Actually, it is probably best to introduce that after 2.0 is completely stable anyway.

    There are a lot of new feature in this version. I was thinking about moving the Web Apps out of settings, and making it a stand alone form / window... i have a lot of ideas on how we can expand this a little more and make it a little more user friendly.

    This 2.33 version is not completely tested, but it did run for 7-8 on my main development machine (windows 7 x64) without any issues at all, so i think we are good to go. I will check out that small 8.1 bug tomorrow and finish up the new sandboxing feature.

    I made a lot of changes to optimize the startup of VS (mainly for TH and Baldrick, you know how those WSA guys are ;) ), so hopefully the first start up of VS (after installing and rebooting) will work well, and we will not have any issues like "VoodooShield Service is not running, blah, blah, blah". But it will be super easy to fix if there are any issues. And you can always start the service manually, then launch VS from the desktop icon until all of the bugs are completely worked out.

    Thanks again!

    Edit: Ooops, the Windows 8.1 issue it worse than I thought, although it will be very easy to fix. It will work with 8.1, but you might have to actually train VS for a few minutes ;). But I will fix it tomorrow.

    Edit 2:
    Appearently all I have to do is to post the new version to make it crash on my system ;). It was running at least 8 hours perfectly, then 1 hour after I posted the link, it crashed.

    It’s cool, I have 2 new things I can try. Overall it is working great, but on some systems it still has the same silent blocking issue after 2-4 hours. All you have to do is exit VS and start it again, and everything is fine.

    This will be fixed soon, very soon. Sorry for the troubles ;).
     
    Last edited: Jul 14, 2014
  7. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
  8. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,838
    @VoodooShield

    Could you implement this feature, please?

    I like how you have password options available for all option selections, but one thing I do wish you had a password option for, is when a user clicks on the VoodooShield "On" and "Off".

    To me, it just makes it too simple to turn off VoodooShield protections, especially if a family member is on my computer and clicks to "Off" and lets all go through.

    I had this happen the other day and it concerns me.

    Please implement a feature to password protect shield operations.
     
  9. ifacedown

    ifacedown Registered Member

    Joined:
    Oct 12, 2013
    Posts:
    121
    Location:
    Philippines
    Thanks so much Dan!

    I am not only impressed by your team's dedication to make a quality software, but also much more impressed that I could see very well your genuine desire to help people - with money or no money to fight off malware!

    Well I guess I will have to train our students and teachers to use VS... well anyway like what I told you before, one great feature of VS is its simplicity! So I assume the training wouldn't hurt!

    I just sincerely hope that despite all the added features and the extra ones that you will add (even in the long future when VS reaches version 7!) will not make the basic usage of VS go complicated... the "Deny-Default" philosophy and the simplicity of VS are simply two of the great things that make VS stand out from the crowd of Anti-Exes... I think if VS will lose its simplicity, it will also lose much of its beauty... even if it is a solid product. Just think of Comodo... it is a solid product... only if properly tweaked and configured. That is why many choose not to use it even though its great in protection... most are turned off by it because it is hard to configure to adapt to any system... you know what I mean :)

    But I could be sure that right now VS is on the right track. Keep going!
     
  10. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,977
    I installed v2.33 over the top and got the retry/ignore scenario which I had in late May and early June with version 2.08, I think. I chose to ignore.

    After the required reboot, I needed to register again, which was confirmed.

    ScreenShot_VoodooShield_v2.33_install_17.gif
     
  11. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,599
    Location:
    South Wales, UK
    Hi Dan

    Thanks, am somewhat late to the feast but will look to uninstall/clean install this latest version tonight and then give it some serious 'wellie' over the next couple of days.

    Regards


    Baldrick
     
  12. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,599
    Location:
    South Wales, UK
    Well, Dan...installation went smoothly, and I have to say that the system seems a little snappier since installing the latest version of the beta...possibly a matter of perception but there none the less. Currently trying out the whitelisting now that the whitelist feature is active...and then should be running a battery of tests on various apps that I have...to see how VS reacts.

    But so far...so good :)

    Regards


    Baldrick
     
  13. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,653
    Location:
    USA
    I installed the latest beta this morning, but i'm just now getting to try it out. I had some bad thunder storms here so I had to keep the computer off for a while. I will report back as I find any bugs.
     
  14. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,653
    Location:
    USA
    I was just prompted by VS asking if I wanted to allowed rundll32.exe. I allowed it, but when I looked in VS log file it says it was blocked. I think VS allowed it though. I'm using Windows 7X64.
     
    Last edited: Jul 14, 2014
  15. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,057
    Location:
    Ontario, Canada
    Working very well on Win 7 x64 nothing to report Dan!

    Daniel
     
  16. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,653
    Location:
    USA
    VS tray icon, and desktop shield was red in training mode on my machine. I'm using Windows 7X64. What OS are you using?
     
  17. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,232
    Location:
    USA
    Hi all,

    Here's what I don't understand about this type of protection... Suppose I want to install an app so I download the installer. Not knowing that there's an exploit 'buried' in the installer, I allow VS to whitelist the app (and thus, the exploit). Isn't this a limitation of VS and similar security software?

    Cruise
     
  18. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,653
    Location:
    USA
    VS is configured by default to scan the installer with Virus Total before installing it. Is it possible to do more than that with what is available on the market? I can't think of anything. If you don't trust the installer you could install it in a virtual environment using something like Shadow Defender, or install it on a VM. If it requires a reboot to install you will have to use a VM of course since SD does not support carrying changes across a reboot.
     
    Last edited: Jul 14, 2014
  19. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,232
    Location:
    USA
    C_E,

    Thanks for that explanation; I didn't know that VS scans all installers before allowing them to proceed. I believe that in itself satisfies my VS concern.

    Cruise
     
  20. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,057
    Location:
    Ontario, Canada
    I think Dan doesn't want the name VT used but as it says under the advance tab in picture below and I'm sure he has his reasons.

    TH

    2014-07-14_21-36-11.png
     
  21. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,653
    Location:
    USA
    Ok, duly noted.
     
  22. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,653
    Location:
    USA
    Well, I'm back online again. It has been storm after storm here. I shut down the computer since the electricity goes out often here when storming. I placed VS in deny by default without learn new program with bubble enabled. VS blocked an instance of rundll32.exe within a few minutes of turning my computer on. I reenabled learn new program with bubble alert from tray icon, but I can't do anything further with VS now because as soon as I left click on the VS tray icon VS prompts me about another instance of rundll32.exe attempting to run each time. Every single time I left click on the VS tray icon i'm prompted about an instance of rundll32.exe attempting to run. I click allow to each prompt, and as soon as I left click on the tray icon i'm prompted about another instance of rundll32.exe attempting to run. I can't access the settings menu for it now. I can't shut down VS either. I'm going to have to reboot now.
     
  23. Sir Percy

    Sir Percy Registered Member

    Joined:
    Apr 22, 2010
    Posts:
    266
    Installed the new build, but never really got far because of a slightly strange happening. Everything was going fine i training mode until i executed Chrome, immediately i was told Roboform was an old build that didn't work anymore and a download link to the new (I had the newest installed). Anyway i proceeded to "upgrade" Roboform and the same thing happened. Hmm, so i uninstalled roboform with TotalUninstall and reinstalled....same thing happened and i also got the prompt from Windows what i wanted to do eg reboot, logoff etc.

    Ok, now i suspected VS and uninstalled it and rebooted. Immediately everything is back to normal....any idea what this could be? :)
     
  24. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,653
    Location:
    USA
    I suspect that VS is blocking some functionality of Roboform. Did you check in the log file to see if VS reported blocking anything from Roboform. VS may have even blocked something of Roboform without notifying you, or logging it. VS has a silent blocking bug right now where VS will block some applications without notifying the user. Dan is working on this bug now. Maybe your problem with Roboform is related. Regardless, i'm glad you reported it hear so Dan can look into it.
     
  25. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,057
    Location:
    Ontario, Canada
    What I do since VS is in Beta WSA will monitor VS processes so I set them to Allow from Monitor as I have no issues on my Win 7 x64 and once VS 2 has been released I can get the files whitelisted.

    TH

    2014-07-15_18-37-07.png
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.