VoodooShield ?

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you Kardo!
     
  2. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hi Spruce, are you by chance using the Polish version of Windows? If so, that would explain it, but please let me know either way. Thank you!
     
  3. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, that should work, but I will fix it and make it automatic. Thank you!
     
  4. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,975
    Location:
    Boston, MA
    No worries. That's why its a beta. Glad I could finally find an issue with it.
     
  5. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you, it is fixed now. I will wrap up a few more things and post a new release tomorrow sometime.
     
  6. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hey Mike,

    Just curious... In the Polish version of Windows, is the C:\ProgramData called C:\ProgramData, or is it in Polish? Also, if it is called C:\ProgramData, are you able to drag and drop a file to that folder (do you have write permissions to that folder)? Also, are there 5 files in that folder? 2 .log and 3 .dat. Thank you!
     
  7. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Ok, who is feeling adventurous? ;). Since we have had a few isolated issues with the service not starting, I completely rebuilt the service from scratch. I have tested it on 3 computers - 8 64bit, 7 32bit and XP 32bit, and I am not sure it if it just my imagination, but it seems to be running a lot faster than before on all 3 computers.

    If you do run into problems, just please install 2.23f for now, but I highly, highly doubt that will happen.

    Also, the Sandboxie issue is fixed as well. If VS is OFF and you delete the contents of the default sandbox, it will train automatically. If VS is ON, it will be blocked, so then just click allow and it should not be blocked again.

    So now we just have the Polish Windows Edition bug and a few other minor things, then I think we are good to go.

    I have been working with a new developer and we have been researching which KMD method we are going to use. I think we are getting close on deciding which one, and after that, it should only take about a month to implement it.

    Here is the latest version, you should be able to either install over the top or uninstall and reinstall.

    http://www.voodooshield.com/freeoffer/Install VoodooShield.2.23g beta.exe

    So that is where we are! There are a lot of other things going on as well, and I will keep you updated as much as possible. Oh, and we are redoing our website and the GUI graphics as well ;). I should have a final example of the new website tomorrow and I will post it to see what you guys think.

    Thank you guys!

    Edit: BTW, the sandboxie command line will look something like this: rmdir /s /q c:\sandbox\dan\__delete_defaultbox_01d045c67874c001, so it has changed a little, but this is correct.
     
  8. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,653
    Location:
    USA
    There is another product similar to VoodooShield that uses the KMD method that has a limitation that I do not like. I'm not sure if it's the KMD method itself, or the way it was coded. When it prompts the user for an action it will not allow them to execute anything else until they respond to the prompt. If the user wants to launch their web browser to research what is attempting to execute then they can't because they have to respond to the prompt first before it will allow them to launch their browser. I definitely want to avoid that if at all possible.
     
  9. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,977
    Dan, I am having problems with the new web filter in another program, which results in a BSOD...So, I haven't got around to trying the previous VS version, just yet. I am still with 2.23c beta.
     
  10. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, that will not be a problem, and VS will work exactly the way it is now since the KMD will be multithreaded just like the AppCertDll is currently. It was a little difficult for us to figure out the multithreading in VS 2.0, but I am happy we did, because otherwise the computer is "frozen" until the user responds to the affirmative prompt. Basically, we had to make it multithreading, so that VS could use deny by default and not require a response to the affirmative prompt. Also, it lessens the chance that the user will accidentally click yes when they shouldn't. But thank you for mentioning that!

    BTW, I just found something that I need to change in the new service. It isn't really a bug, and it should work great, but I do need to fix it. I will have it fixed tomorrow sometime.
     
  11. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you! BTW, that scared me when I first saw your post and word BSOD stood out ;).
     
  12. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,977
    Keep you on your toes! ;) :)
     
  13. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    835
    Location:
    UK
    Hi Dan and thanks,
    A couple of days ago I decided to uninstall and then reinstall VS 2.23f and I haven't seen that particular issue again. ( red taskbar icon and blue shield at the same time).
    But I have noticed when the PC is booting the VS taskbar icon is red just for a second when it first appears on my desktop, then goes blue, I'm not sure if it's meant to be that way, but it is something I've not seen before.

    Gordon
     
  14. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    Hi All,
    What happens when I opt for VS Sandbox. I mean other than pop of black box screen. Has VS Sandbox been fully implemented.
    Has VS Quarantine been fully implemented. Thanks !
     
    Last edited: Feb 11, 2015
  15. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    2.23g ~ 8 64bit
    Over-install. Pop of black box screen before restart prompt. Normal afaik ? Edit Snapshot Clear Log
    Insert Thumb Drive ~ VS Training. User Log > c:\windows\system32\werfault.exe and c:\windows\system32\wermgr.exe ~ error ? (#5825)

    EDIT: First time noticed event for MSRT > c:\2b2c5f5de2db568a964e6f16\mrtstub.exe
     
    Last edited: Feb 12, 2015
  16. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,975
    Location:
    Boston, MA
    Installed 2.23g over the top of 2.23f. Sandboxie delete sandbox error resolved. Strong work. Running it on a win 8.1 64bit along with WSA beta. Nothing new to report. Running smooth so far.
     
  17. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you Gordon. Yeah, it sounds like it is working properly.
     
  18. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, the Sandbox is finished, although we can add some cool new features and develop it a little more in the future. The quarantine function is working, but we still have to create a database so that if a user does quarantine something, they can easily recover the file from quarantine if they need to. Currently files can only be recovered manually. Thank you!
     
  19. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you, I appreciate that!

    Here is the latest version with some new features to make the desktop shield gadget more interactive and even more user friendly. There is a new option in Settings / Tweaks that allows you to adjust the number of times VS flashes when it blocks something. It used to be 3, but now I set it to 11 by default, and the reason I did this is because there is a new feature that when the shield is flashing, if the user clicks on the shield, it will either scan the file or prompt the user, depending on how your settings are set.

    Also, there is a new feature that prompts the user if they click on the shield to turn VS OFF... basically what it does is prompt the user to reactive if a web app is launched or gains focus. That way it does not turn on automatically and disrupt a software install or something.

    Basically, the goal of these new features is to make the desktop shield gadget more interactive and user friendly. That way, users will hopefully become more accustomed to interacting directly with the desktop shield gadget. This is not as important right now, but I think it will be as everything transitions to mobile, and we start to offer VS on the various mobile devices. That way, the user is not required to respond to an affirmative prompt. They will simply just see a flashing VS desktop shield gadget and they will know that something is being blocked.

    I made a lot of changes to the toggling, so please let me know if you see something funny going on ;).

    I hope this makes sense, if not please let me know! Have a great weekend everyone, and thank you for your help and support! BTW, the new website should be finished this weekend.

    http://www.voodooshield.com/freeoffer/Install VoodooShield.2.23h beta.exe
     
  20. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    h is not working for me....with my system config + my VS settings + the way I think VS should work. I do appreciate and understand your focus on gadget. My focus for now is on "Computer Lock".
    Click FF > VS bubble and NO Aert.... click FF again > VS bubble and NO Alert > after three iterations. FF opens VS goes Blue.
    Where is "Computer Lock" Where is Alert dialog. As long as VS offers me the option for my scenario. VS is not a "lock" if I may open FF sans Alert Allow. One way to test VS...to test VS will be a Computer Lock is to readily see VS is action. What easier way to see VS in action....by blocking an easy to see executable. VS bubble NO Alert + FF opens ?
    Respectfully submitted
    EDIT: tested again. Only took one re-try. FF opens NO Alert dialog
     
    Last edited: Feb 13, 2015
  21. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, I totally agree, the focus should be on the computer lock! And it is the desktop shield gadget that controls the lock. Anyway, I think we are thinking the same thing.

    I just tried this with FF and it worked perfectly for me, even when I turned off the feature to automatically allow program files. What setting are you using that are different from the default settings? Or basically, how do I reproduce the behavior you are seeing? Thank you!
     
  22. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    You keep asking how to reproduce....I keep posting....then I give up...as I am only one observing this behavior.

    Drag to scan also not working for me....

    Over install....Edit Snap ...Clear Log...hands off Training....no timer...Auto allow not checked...

    After 5 min approx...I set VS to Smart....click FF....VS balloon....no VS Alert...FF opens....on second or third FF click to open....

    once FF is in Snap...delete FF .... try again with same results....balloon and no Alert...FF opens...despite no Alert and no Allow
     
    Last edited: Feb 14, 2015
  23. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,599
    Location:
    South Wales, UK
    Hi Dan

    You have been busy...just clean installing it now and sending you a PM re. some Command Lines recorded, in case you need to look at them.

    Regards, Baldrick
     
  24. Miquell

    Miquell Registered Member

    Joined:
    Feb 8, 2015
    Posts:
    32
    Location:
    Poland
    Hi Dan,

    In the Polish Windows 8.1 this folder is called "C:\ProgramData" (so it's the same as in English version).
    I'm also able to drag and drop a file to that folder and indeed there are 5 files - two .log files and three .dat files.

    Now I've been testing VS beta 2.23h - looking very good :thumb: and working very smooth :thumb: on my board with the latest WSA beta as well as with SpyShelter Firewall :)

    The only exception is the issuue with "save setting" caused probably by my Polish version of Win8.1 :(


    Best wishes,

    Mike
     
  25. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    After clean install of h and three restarts. Drag n Scan working. Firefox still a problem. FF not trained > click FF Icon > VS bubble and VS Blue but, no Alert. FF does not open. Multiple tries... FF either gives in and opens or VS hangs Blue requiring set to Train back to Smart. Maybe a Windows update is not settled or upset Framework.

    EDIT: tested with more un-trained executables. VS bubble VS blinking ~ no Alert ~ exe no run. e.g: Start Menu > Control Panel > Explorer.jpg Disable or Training VS and Control Panel opens.
    Vista SP2 32bit + VS 2.23h
     
    Last edited: Feb 14, 2015
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.