VoodooShield ?

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. fs2com

    fs2com Registered Member

    Joined:
    Sep 20, 2014
    Posts:
    118
    GO ROYALS indeed.. make it 2 great news this weeks :D
    anyway thanks for your generous gesture no matter what the outcomes :thumb:
     
  2. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    835
    Location:
    UK
    Hi Dan,
    I've noticed what appears to be a minor bug in VS. Sometimes I 'Hibernate' my machine for a short while so that I can quickly get on with things a little later. When I wake the PC up, VS starts up no problem but goes into 'USB' mode even though there are no USB's or drives plugged in - see screenshot.
    If I exit VS then start the programme again all is back to normal. Using version 2.12.

    Thanks Gordon

    PS Thanks for your generous gesture.

    VS USB 1.png
     
    Last edited: Oct 26, 2014
  3. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Ohhh, I see what you are saying! Yeah, you guys spend a lot more time with VS than a reviewer would ever have time to. I was surprised though how thorough he was, for example... do you guys remember when I kept saying that I was going to test the sandbox with real viruses? I totally forgot to, I just kind of kept forgetting and never got around to it. Anyway, it sounds like he tested the sandbox quite a bit. Another example are in the screen shots, he had screen shots of our "cloud" interface on our website. Whereas when you guys and I run VS, we are mainly looking for bugs, since we are already familiar with the features.

    Also, I wanted to mention, there are still very, very few bugs that have been reported to support@voodooshield.com. We have had tons and tons of downloads and people signing up for a free year of VS Pro, but only a couple of bugs, mainly on Windows 10. So you guys did a great job in finding the bugs!!! Thank you guys!
     
    Last edited: Oct 27, 2014
  4. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Very cool, thank you! Man, as soon as I posted that, we lost 2 games in a row ;).
     
    Last edited: Oct 27, 2014
  5. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, it sounds like some kind of conflict with one of the other security softwares you mentioned. Can you please email me (dan@voodooshield.com) the 2 .log files in the C:\ProgramData\VoodooShield directory? That might give me a clue as to why this is happening. Thank you!
     
  6. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Definitely, thank you!
     
  7. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hi Gordon, thank you for the info. Wow, this is something totally brand new... I will have to think of what might be causing this, especially since you do not have any USB drives plugged in. I will see if I can reproduce this oddity by putting my computer in hibernation. What OS are you using? Do you have a CD in your CD drive? The method we use to detect the USB unfortunately (or fortunately, however you want to look at it) also detects CD's as removable devices. I am guessing that maybe after hibernation, the CD spins up. But I need to quit guessing on Wilders, because every time I do (3-4 times in the past), I am dead wrong ;). Thank you!
     
  8. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    835
    Location:
    UK
    Thanks Dan,
    My set up is Win 7 64 bit Pro.
    I think you have already nearly solved this. Sorry, I forgot about and failed to mention I have an external DVD drive permanently plugged in ( but no discs in - just double checked), which looks to be the culprit. When I boot up, 'USB' mode is not initiated, even though the DVD drive is always switched on, this only happens when I wake the PC up from hibernation and it seems VS recognises the DVD drive and goes into USB mode. The thing that is puzzling me though is why VS only prompts after waking from hibernation and not on boot up ? -- plus there are no discs in.

    Regards
    Gordon
     
  9. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    I am trying VoodooShield right now for the first time and am a little bit unsettled on certain things in order to decide whether or not to stick with this software.

    • How does the methods used in VoodooShield compare to typical Software Restriction Policy options built within Windows?
    • I have read that the SRP built within Windows has several known flaws that Microsoft intentionally put in there in which attackers can use to easily bypass SRP; Does VoodooShield have any intentional backdoors such as this? Does VoodooShield utilize SRP behind the scenes, or use it's own technology?
    There are a few issues that I am unsettled on (aside from the questions above, but I will leave that be and let time tell.

    Thank you, VoodooShield, for provide such an interesting and intriguing software product and also for providing a free version as well. I think that will help to elevate the success and reach of VoodooShield to a much larger user base. I will continue to test VoodooShield for a few more days. I wish you great success.
     
  10. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    5,746
    Location:
    DC Metro Area
    I was unable to install VooDooShield on Windows 8.1 this AM

    I was inspired to try it after reading this article which shows at the bottom a list of other articles written by the author.

    http://www.pcmag.com/article2/0,2817,2470962,00.asp

    One of his other articles was a very favorable review of VooDooShield: http://www.pcmag.com/article2/0,2817,2470799,00.asp

    VooDooShield needed to search for some Windows Files (program), I think Net FrameWork or one of those type files and with Firefox set as my default browser it couldn't find the necessary files, although it continued searching till I finally gave-up. I switched my default browser to IE and after a few minutes the search froze.
     
  11. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,466
    So Voodoo Shield is a HIPS, but one that only kicks in - automatically - when it actually makes sense to be restricting processes? Like a normal HIPS with learning mode, but in reverse?

    That is a brilliantly simple idea, and makes a great deal of sense for a desktop machine. It might even be useful on a development workstation. I really have to commend @VoodooShield for coming up with this, as it is an actual sensible way to implement system-wide MAC on a desktop. Wow.

    Edit: to be clear I haven't actually used the product, and don't intend to. But it's nice to see an approach to mandatory access control on desktops that actually makes sense.
     
  12. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,613
    Location:
    South Wales, UK
    Hi GJ

    I completely agree and have done so for a long time...the man has a vision and has made it happen...just hope that many others see the light! :thumb:

    I use it on every device that I have and so do the Family...it is even on my Windows tablet where the lightness is a REAL boon.

    Welcome to the realm of the 'Enlightened' :)

    Regards, Baldrick
     
  13. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,466
    I actually don't use Windows... at all, at this point. So VS is not really on the menu for me. Also it's a bit antithetical to my usage patterns; I tend to have a browser opened to Google and StackOverflow on one virtual desktop, terminals and remote desktop sessions on another, text editors on another... So for me something like AppArmor makes more sense, with per-program restrictions.

    But I really like the idea of having the OS change its behavior depending on what the user is doing. That makes more sense for typical desktop use cases, and is something I would like to see in other security software.

    (e.g. antivirus: "Hey, no internet connection, let's turn off the realtime engine and save battery life.")
     
  14. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Effective immediately, VoodooSoft, LLC and its subsidiary's will be relocating their corporate headquarters to Silicon Valley. As a result, they will be cheering for the Giants in the next World Series game. Hehehe, obviously I am totally kidding ;). Go Royals ;).

    I see there are a few posts I need to catch up on, I will soon, thank you guys!
     
  15. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Sorry, I will respond to the other posts very soon...

    FYI, there are some fake giveaway sites that are offering fake versions of VS!!! They are not the real VS installer... the real installer is approximately 3.06 mb, and the fake installer is less than 1 mb. I am doing what I can to correct the situation.

    Please ONLY download VoodooShield from our official website!!!!!
     
  16. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,613
    Location:
    South Wales, UK
    Well, Dan...in a twisted sort of way it could be construed as a complement as why would anyone waste time on faking a product that no one would be interested in...quite to the contrary...the fakers obviously think that VS is of interest more generally.

    Shame, though...that nothing is sacred anymore:(
     
  17. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hehehe,it is quite ironic, huh? I will say, things are looking pretty good ;).

    Here is an example of a fake VS, OBVIOUSLY DO NOT INSTALL THE FILE FROM THIS LINK, AND ONLY VISIT THIS SITE IF YOUR COMPUTER IS PROTECTED.

    "hxxp://linkdownload123.com/voodooshield-2-11-final/"
     
  18. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,004
    At the website...ironically, I am in another snapshot, which doesn't have VS installed. Nothing bad happening to my computer, by visiting the site. ;)
     
  19. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,613
    Location:
    South Wales, UK
    Oh so amateurish :argh:...but as you ironic indeed...yep, things must be looking pretty good.

    Regards, Baldrick :)
     
  20. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,004
    LOL I tried to download, and I couldn't. ;)

    EIS_ blockes malicious site_01.gif
     
  21. fs2com

    fs2com Registered Member

    Joined:
    Sep 20, 2014
    Posts:
    118
    The newest one is 2.1.2 isn't it?
    Those fakers had to catch up :p
     
  22. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hmmm, I am not sure. That method we use to detect USB devices is the best I have found so far, but I can look for another if it is not acting right. Thank you!
     
  23. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hey WildByDesign, I think SRP is quite similar to VS in many regards, and SRP is great, but the whole idea of VS is that it trains and whitelists automatically for the most part, because of the toggling. I remember when we started development on VS, we looked into SRP to see if we could see if VS could just automatically configure SRP, but I do not remember the reason we chose not to integrate SRP at the time. But that is not to say that we cannot integrate SRP in the future. I have not read about the security flaws inherent in SRP, but if you still have those links, do you mind posting them on here or emailing them to me at dan@voodooshield.com?

    VS uses a method written by Microsoft to monitor and deny process creation. There is not a lot of documentation on the web about it, but some people refer to it as Application Security, or AppCertDll. It is the exact same method that Remote Desktop utilizes for admins to restrict users from launching applications that they are not allowed to launch, so it is one heck of a method. VS 3.0 will be using a Kernel Mode Driver, but we wanted to get all of the code exactly where we wanted it before we implemented the KMD. Otherwise, we would risk having blue screens of death on user's computers. The current method we are using is very similar to the KMD, so implementation of the KMD will be quite easy, and our KMD driver is already written.

    Thank you for using VS and for the compliments, we appreciate it! If I have not set up a free Pro license for you yet, please email me at dan@voodooshield and I will set one up for you! Thank you!
     
  24. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hmmm, I think there is a chance that you might have stumbled upon one of the fake VS download sites. If that is the case, we apologize, I am working hard to shut them down. If it still does not work, please let me know! Thank you!

    Please download VS from here: http://voodooshield.com/download/
     
  25. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hey Gullible Jones, yes, that is what VS is all about ;). I have been trying to come up with a way for 3.5 years to describe VS, but could not do so, but you just described it in a couple of sentences ;). Thank you for taking the time to figure out what VS is all about before just dismissing it as just another snake oil product ;). If it is ok, I might see if I can borrow some of your thoughts from your post!
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.