Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.
2.23i beta installed over the top, so far no problems.
I have been having problems with VS failing to give the bubble alert to allow applications, or other executables. Many times I would have to make 3 attempts to execute them before VS would give the bubble alert giving the option to allow them. Well, now VS gives the bubble alert, but will not allow the application/executable no matter how many times I click on the bubble alert. Also windows gives me a message stating, "can't open this item", it might have been moved, renamed, or deleted. Do you want to remove this item". I think this message from Windows should be suppressed. The user may accidentally click yes even though the application is still installed on their machine.
If I untick "Deny by default- Uncheck to show prompt instead of balloon" then i'm able to allow applications not on the whitelist then. VS will give me the prompt instead of the bubble alert so it's the bubble alert that is not working. I still get the message though from Windows "can't open this item", it might have been moved, renamed, or deleted. Do you want to remove this item". I think this message should be suppressed. I unticked Automatically allow all software from the Program Files Folders so I would have plenty of executable not on my whitelist to demonstrate how bad the problem is. I attached a video with this post that I made. You can download it from the link with this post. It is 27.9 mbs. https://www.dropbox.com/s/9c59grbq53ff3a9/VS%20bubble%20alert.avi?dl=0
Edit: I'm using Windows 7X64 Ultimate, and I don't have the parent child process feature enabled.
Interesting to read I'm not the only one....reporting anomalies.
Dan, discovered the issue. I enable the option in the VS settings that says, " disable left click activation, and deactivation of the shield". Dan, said that also disables the option to allow new items using the balloon tip. I informed him that is a problem since it does not inform the user that it also disables the option to allow new items using the balloon tip. He is working on it now.
Does anyone else believe the balloon, and user prompt language in the settings needs to be simplified? I was thinking it may be confusing for some users. I was thinking something similar to what I have below may be easier for some user's to understand. I'm trying to word it in a way that only one option is ticked. I'm not sure that's possible since when you use the balloon you also receive the user prompt. How would you word the balloon, and user prompt options in the settings?
Use balloon to allow new items.
Use user prompt to allow new items.
Deny new items by default
Use balloon to allow new executions.
Use user prompt to allow new executions.
Deny new executions by default.
Enable balloon to allow new items.
Enable user prompt to allow new items.
Deny new items by default.
Enable balloon to allow new executions.
Enable user prompt to allow new executions.
Deny new executions by default.
I just though of another way to word it.
Allow new items by balloon tip.
Allow new items by user prompt.
Deny new items by default.
Allow new executions by balloon tip.
Allow new executions by user prompt.
Deny new executions by default.
I should be able to reply to the posts tonight or tomorrow. I think this version is bug free, with the exception of the Polish Windows bug, which I am determined to figure out one way or another very soon . If this version runs well for everyone, I will release it to the public in a couple of days. And I will be working on the Polish Windows bug the next day or two. Thank you!
http://www.voodooshield.com/freeoffer/Install VoodooShield.2.23j beta.exe
2.23j is working good on Windows 7X64 so far. I will report back if I discover any issues.
So, if I only want the Prompt because the Balloon is a redundant step. What Option ?
Settings are too many and too unknown sans a Help file.
Oh...geez. I've always had that checked. I though it meant disable left click toggle activation of the shield. Since activating the shield makes no sense. Why would I activate deactivate the shield. So, I checked the box as disable left click for something that makes no sense. I also hide the shield so, figured that was a safe check to make. I C the Shield as a redundant appendage to the system tray Icon. If I need the Shield / Gadget than why have a hide option. If the gadget is a functionality portal. Then make the intrusive gadget an intuitive requirement.
KUDOS C_E !!!!
over install j ~ upon sandbox Firefox
Upon re-train ~ this path is with my snapshot and custom blocked folders c:\program files\windows defender\mpcmdrun.exe
How does c:\program files\windows defender\mpcmdrun.exe end up in my new snapshot if custom has block.
This is in my Custom Block > c:\program files (x86)\google\update\googleupdate.exe < and I'm still receiving Prompt for c:\program files (x86)\google\update\googleupdate.exe
That's the exact same thing I thought because that was the description given for that feature in the GUI. Dan said he had originally intended to use that feature for a different purpose, and did not change the description in the GUI. The strange thing is I have always enabled that option, but I had a different problem until build 2.23i. The problem I experienced before this was I would try to launch a lot of applications 3 times before VS would give me the balloon option to allow them. Starting with build 2.23i I received the balloon option every time, but no matter how many times I clicked on the balloon VS would never give me the option to allow the application. I would click on the balloon, and the balloon would just disappear without doing anything. I'm not positive having that feature enabled was causing the problems I was experiencing before build 2.23i, but there is a good possibility it was. I'm glad I made a video of it, and was persistent about working the problem out with Dan. I would have never thought having that feature enabled in the GUI would lead to not being able to allow executables with the balloon tip. The description of the feature definitely needed to be changed.
Yeah, I either had the balloon and no prompt or neither balloon or prompt....just flashing sys tray Icon....
OK...now with j I just get Prompt but, no visible virustotal scan....
I don't want the balloon as it's redundant. The prompt is where the rubber meets the road. So, what magical setting do I need to have virustotal scan report for a potentially informed decision. Currently, I block then copy / paste hash to virustotal.
I do not understand. Allow all -- Allow by parent --- Allow temp --- temp allow till reactivation....afaik and please correct me... malware can drop a payload anytime anywhere....
VS really needs a Help File....because "what is" and "how does" seems to remain in Dan's mind. Time to share....IMO
With j I have a prompt but, no virustotal ?
EDIT: appears with j and my VS settings...virustotal scan is hidden ... then I C Prompt box threat not detected. Still getting Prompt for Custom Block
j along with fix to my ES settings is a big move in the right direction...ES sys tray still holding blue sometimes when not web facing...toggle to Training then Smart returns red.... .... at some point ES remains as a stand alone or is integrated....ES = ExecutableShield
That is an awesome news!!
Of course while testing another new versions I will be informing you up to date what it looks like and how it works in practice.
Many thanks Dan!
re: Automatically allow specific critical Windows processes.
What are the critical Windows processes allowed under Automatically allow .... ?
Hi Miquell Nice to see you in this place
Hey, our new site is almost ready. We just have to add some quotes, videos and web badges. What do you guys think so far?
I should be able to respond to the posts above tomorrow, and I still have not figured out how to debug that Polish Windows error yet, but we will figure it out. Thank you!
Hi Dan, the new website looks very good, things explained simply for the average user to understand.
PS Installed 2.23j beta over the top without issues so far.
First impressions Dan is it is good looking site. Have read through it yet but strikes me that you should have a comparison between Free and Paid
Hi Dan, the site looks good. I think you may want to consider changing some of wording on the Home Page though. I would say, "ADD A Lock To Your Computer" instead of "ADD A Lock To Your Antivirus". Maybe its just me, but it makes more sense to say add a lock to your computer than your antivirus. Also as others have already stated above you definitely need to have a chart showing which features are offered in the free version vs the premium. I haven't had any sleep so I will look at the rest of the site later when i'm more alert.
Yeah...the site looks nice!