VoodooShield/Cyberlock

VS protection remained off for a while after choosing install to install Total Commander. The installation had already completed, and it took VS about a minute to enable protection again. I was in Always On Mode. Is this expected behavior?

 

I am new to this shield. have 2.39 installed. shield is always red with mode setting at smart and when opening any of the tabs in settings, none of the check boxes are accessible. is this normal?

 

No you need to get a free license to Beta test from Dan of VoodooShield at dan@voodooshield.com

Cheers,

TH

 

Getting this warning when trying to run the newest Antirootkit from MAlwarbytes.

 

Thank you... I am not sure if I got the entire command line correct or not, so if it happens again, can you please email it to me? VS 2.40 will add the command line to the Commands Tab in settings, if you choose to allow it, and you will be able to copy it from there.

 

Cool, thank you, it is added in 2.40!

 

Cool, thank you, I added both of these to 2.40!

 

Thank you for letting me know. I think it is fixed in 2.40, but let's keep and eye on it.

 

Thank you for all of your help!

 

Thank you, I added that too!

 

Hey djg05, I am not sure what you mean by background process... do you mean the VoodooShieldService? I am not sure why the tray icon is disappearing, but please let me know if that continues.

Yeah, the beta installer automatically removes the old settings, but I think we are now at the point where we do not have to do that anymore, so I will fix that in 2.41. Thank you!

 

Thank you MrGump for pointing that out. I just tried it, and sure enough, I had the same result that you did. Let me look into that. I should be able to add regsrv32 commands to VS, just like I did with rundll32.exe and cmd.exe.

 

Yeah, I changed VS to start in Smart Mode since it really does not need to train anymore. I had a lot of users ask why it was not turning ON, so I figured that was the way to go.

Hmmm, I will look into Disable Protection Mode, VS really should not block anything when it is in this mode.

The CMD issue should be fixed in 2.40, if not, please let me know.

I will look at the Training Mode / rebooting issue. If VS was in Smart Mode, and the computer is rebooted, it should start in Smart Mode, right? And same for Training Mode? Thank you!

 

Hehehe, sounds good, thank you!

 

Sounds good, thank you. Hopefully C_E answered all of your questions, if not, please let us know. And like TH said, if you need a Pro license, just shoot me an email. Thank you C_E and TH for your help!

 

Yeah, the service alone will not kill anything, both the service and the gui must be running for VS to work properly. Besides, we do not want to block anything unless we can notify the user that something has been blocked.

The service will run all of the time, whether the gui is running or not. If you stop the gui, you should be able to start it again from the VS desktop shortcut. If this is not the case, please let me know. Thank you!

 

Let's hope this was just a fluke! Also, since VS is now blocking and alerting for command lines (for rundll32 and cmd (new)), hopefully the issue is completely resolved.

 

Thank you for letting me know! I am sure there will be some false positives, but thankfully they are extremely uncommon.

 

Here is 2.40... I finished refining the Command Line feature, and added cmd.exe command lines as well. The RoboForm issue should now be resolved, and there was a way to do it without having to resort to wildcards, so it is a little more "automatic". Basically, I found a really cool algorithm that allow VS to compare new command lines to the "whitelisted" command lines. If the 2 command lines are extremely similar, then VS will allow it. The threshold of similarity is adjustable, and it is currently set so that the command lines have to be EXTREMELY similar in order for VS to allow it. So if for some reason VS is still blocking random command lines, I can dial this back a little. BTW, this only applies to the command lines listed in Settings / Commands. All of the hardcoded command lines have to match perfectly in order for it to be allowed.

I have a few small things to finish up, but other than the new sandboxing feature and adding a few more hardcoded command lines, we should be good to go! I have made progress on the sandboxing feature, but I think it might be 3-4 weeks before it is ready for prime time .

Please let me know if there are any bugs or command lines I need to hardcode.

Thank you!

http://www.voodooshield.com/freeoffer/Install VoodooShield.2.40 beta.exe

 

Hey C_E, I was just testing this and I wanted to get everyone's opinion. This is by design, but we can change it if everyone thinks we should. I personally think that VS should start in Smart Mode (OFF), because it will protect the user space. Since most viruses live in the user space, I think it might be good to keep it the way it is. It may make training a little more difficult, but I think it might be a good idea to keep it this way. But I would like to hear everyone's opinions... we can go either way on this. Thank you!

 

I can't access the task manager by using Alt-Ctrl-Delte on Windows 7X64. VS silently blocks the task manager when I click on it from the options after pressing Alt-Ctrl-Delete. My electricity is trying to go out from a storm right now so I have to jump off here for a moment. I will email Dan about this as soon as this storm lets up.

 

Good catch, thank you! This will be fixed in the next version.

 

No problem!

 

Hi Dan. On 2.40 I noticed btvstack acting up in the web apps tab.


It happened when I clicked 'edit whitelist' thereby launching browser. I don't even use bluetooth and have ipv6 disabled. Guess once I restore an image, I will completely disable driver from loading. Hmm actually when I click btv in the list and it adds it to the right column, then it keeps bringing up several instances of something else like dell update service. And the GUI becomes sluggish and almost non responsive.

Edit: Ok it is all better now that those are over on the list to the right. I am just out of slots for web apps, though nothing else seems to need adding.

 

I just tried updating Java again with build 2.40, and it failed again. I tried the update multiple times, and it failed each time. I shut down VS, and java updated without incident. The update is definitely being blocked by VS. I have VS in Disable Protection Mode so it should not be blocking anything.

CMD is working now so that's good. Microsoft Silverlight is no longer being blocked from updating also.