VoodooShield ?

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,613
    Location:
    South Wales, UK
    Hi Dan, you know my views about this...VS is a 6 start product...2 starts at least for every year you have worked on it...at least.

    The further opening up for the freeware versions is a good idea...and I hope that the review goes well...please post a link as soon as you have one as I for one will be very interested to view it. Cheers, Baldrick
     
  2. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,613
    Location:
    South Wales, UK
    Completely agree, Dan...sleep well!:)
     
  3. Did not realise it had an Free option also.

    Tips:
    a) Facilitate ASLR to increase effectiveness of memory protection (DEP, SEHOP, ASLR)
    b) Exclude allow run in Windows folder for the folders a medium level process/un-elevated user has write access to.
    c) When in default mode: icon/desktop gadget stays red, provide color feedback for protection level (red = off, blue = default, green = on)

    Liked the low system overhead (CPU usage & Disk access)
     
  4. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,978
    Location:
    Poland - Cracow
    Dan,
    I like your software and I'm respecting all your activity to still growing functionality and possibility of your sotware but...unfortunately there is one "but"...official info on VS page is not clear for not only users who don't know well VS. See screenshot below...and try to imagine what they can think

    VS.jpg
     
  5. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,613
    Location:
    South Wales, UK
    I think that you have a point, ichito, but only because people do not take time to read the terms & condition associated with VS...they just look at the headline (I see this all the time at work when people respond to emails having read the first sentence and not bothered with the rest of what has been written...:().

    What you are saying is that this should be changed to "And free for non-commercial use!", i.e., drop the 'completely'? If so then as stated above I sort of agree.

    Regards, Baldrick
     
  6. WSFfan

    WSFfan Registered Member

    Joined:
    May 10, 2012
    Posts:
    374
    Location:
    The Earth
    It looks as if VoodooShield's process - Voodooshield.exe and VoodooShieldService.exe could be terminated via Windows Task Manager at least on Windows 7 Ultimate SP1 -64 bit.Does VoodooShield have self-protection feature like NoVirusThanks EXE Radar Pro or AppGuard?
     
    Last edited: Oct 19, 2014
  7. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,613
    Location:
    South Wales, UK
    Hi WSFan

    A good question that I am sure that Dan will answer or will take into account and look into. But given that malware would have to get onto the system protected by VS (and possibly another app as in my case WSA) and be allowed to run to do whatever it needs to do to terminate the VS components using Task Manager functionality would VS itself not prevent that? Just asking as I am not an expert in how malware could work re. this.

    Regards, Baldrick
     
  8. fs2com

    fs2com Registered Member

    Joined:
    Sep 20, 2014
    Posts:
    118
    Okay I didn't know VS relying on VT for that.. Yes eventually I turn VS off in order to install it

    Just a suggestion here... maybe you can put the detection ratio from VT so the user can better inform to handle it...
    Usually if I confront with that then I will take precaution to scan the file with my AV and anti malware to decide if it really safe/false positive or dangerous

    And I do agree to Cutting_Edgetech suggestion above. Beside block and remove the threat button there's another option to allow once to run the program..
    IMO it's better than having to block first then disable in order to run the program which lead to exposed the system unprotected...
    If you introduced the allow once then only that program allowed to run and still block the others...
     
  9. Houley456

    Houley456 Registered Member

    Joined:
    Feb 9, 2007
    Posts:
    186
    Win 7 64 bit....
     
  10. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you. I am not really sure where you post some reviews, I better not make any suggestions ;).
     
  11. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    I don't gamble either, but there is always something to do :).
     
  12. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, we can definitely do something with this and tweak it a little. We just have to figure out the best thing to do, and make sure it is safe, and we always want to error on the side of caution. Thank you!
     
  13. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hmmm, thank you for letting me know. Have you experienced the issue since?
     
  14. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, but 6 out of 10 is the same as 3 stars, right ;).

    I got your email, thank you for the suggestion on creating an option for switching from Basic to Advanced Mode for the Pro version. I will try to implement that before the review, I think that will help a lot. I think including the UserLog and Whitelist Editor in the free version probably saved us a half a star or one star on the upcoming review ;). I think it is great that there are some people who are critical of VS, it just makes it a better product in the end! I will reply to your email soon, things are kind of crazy right now ;).
     
  15. fs2com

    fs2com Registered Member

    Joined:
    Sep 20, 2014
    Posts:
    118
    Great VS... Hopefully you can figure out the best way to handle those FP on the next version...
    Best of luck for the upcoming review... thanks for the 1 year VS :thumb:
     
  16. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hey Windows_Security, yeah, I agree, we need to implement ASLR ASAP ;). There are actually a lot of things I would like to add, I just have not had the time, but I have a list of around 50 or so things that I would like to add, and ASLR is at the top. The thing is... it takes time to add features like this, and for the time being, I think we have an extremely solid, user-friendly toggling computer lock that is protecting quite a few computers, and they simply do not get viruses. Believe me, I know, 80% of my clients run VS, and I have lost 40-50% of my computer consulting business because of VS. We could hold off to release VS until it had every feature imaginable and was absolutely perfect, but I think every software project is a work in progress, and there is always room for improvement. Besides, there are other things in the works, and to make a long story short, I will not be the "lead" developer of VS very soon. I had a blast working on it, and you guys made it a lot of fun and were a tremendous help, but I have pretty much reached the limit of my abilities, and it is time for us to choose a path.

    On the Windows folder issue, I could be wrong about this, but I do not think that VS is the only somewhat similar software that does this. I think VS is the only software that allows you to disable this function, and I think the others just do it automatically... but like I was saying, I could be totally wrong about this. VS only allows a handful of Windows folders, and I believe starting with Vista, these folders require admin permission to write to them. And besides, an executable or script has to execute in order for malicious code to do anything, right? But if you or anyone else has an idea how we can allow all of the critical windows processes automatically (and safely), that would be a tremendous help.

    BTW, please try this, you will see what I mean:

    1. Enable UAC in its default settings
    2. Copy an exe to C:\Windows\System32... in my test, it did not even have to be digitally signed.
    3. Click yes to give it admin permission ;).
    4. Then run the file. UAC will not block it.

    On the icon, I am not exactly sure what you mean. We experimented with different colors in the past, but it kind became confusing. But I would really like to hear exactly what you have in mind for this. Specifically, I know what you mean by On and OFF, but what do you mean by default?

    Thank you for your help, I appreciate it!
     
  17. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Oops, good catch, thank you ichito and Baldrick! What I initially meant was that the free version of VS is totally free, with no strings attached, and definitely not a freemium model. But I see what you mean, I will change that.

    Also, I have already enabled the UserLog / Snapshot editor for VS 2.12. Are there any other features that I should enable for the free version? The idea is that 95% of users would probably just want a simple computer lock, and anything that is not necessary should be eliminated. I actually prefer the Free version because it is exactly what I want... just a very simple toggling computer lock.
     
  18. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hey WSFFan, if you set a password for VS, it will do exactly what you are talking about. I just figured that no one would want to lock themselves out, but I can enable that feature all the time, even if there is no password. But for me, that would be a huge pain because I am constantly starting the task manager. Please let me know what you guys think!
     
  19. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Thank you, we appreciate that!
     
  20. @VoodooShield

    You are basically saying why bother with Windows write-able folders, when UAC in default allows windows own binaries to put something in the UAC protected folders. When your application is directed to Average User you have a point, so keep it on folder level.

    With default I mean the smart option (when I remember correctly). At least I thought there were three protection levels OFF (learning) - SMART (default) - ON (locked) or something similar.
     
  21. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Well, what I am saying is that you can copy and paste any exe into the system 32 folder, with UAC in default mode, and it will not block it. Well, I do not know about any, but it has never blocked anything that I have pasted into system32, whether it was digitally signed or not. Who knows, maybe there is an even better way.

    Ultimately VS is either ON or OFF... your computer is either locked or not. The 3 modes just simply determine whether the lock is on or not. But if it would be advantageous to display a third mode, that sounds great to me, we can at least try it and see.
     
  22. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,009
    :thumb:

    ----------------
    @ VoodooShield,
    Thank you for the Pro license!
     
  23. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,613
    Location:
    South Wales, UK
    Hi Dan, no rush...I am sure that you have a great number of more important things to do then reply to my email...and with the serous review of VS coming up you need to make sure it as as perfectly formed as possible. BTW...6 Stars in my book is 12 out of 10...:thumb:

    Regards, Baldrick
     
  24. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,613
    Location:
    South Wales, UK
    Hi Dan, I thought I understood what WSFFan was referring to but now I am confused. I understand what you said about password protection and assume that this is to stop someone grabbing one's system and clicking the Exit option? But what about an attempt by malware to detect VS and neutralise it by kill the .exe & service? Will the password setting protect from that, i.e., is VS hardened against that as well or should there be an option to set the requirement for the close down to only be allowed with admin rights which if I understand correctly it is harder for malware to simulate, etc.

    Am rambling now but hopefully you understand what I am think off/asking here? Perhaps a future option is this is above and beyond what the password option provides?

    Regards, Baldrick
     
  25. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Sure, thank you!
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.