VoodooShield ?

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. VladimirM

    VladimirM Developer

    Joined:
    Sep 16, 2015
    Posts:
    153
    Location:
    Jerusalem, Israel
    Hi Dave
    Thanks for the log.
    I think I have the fix, so it will be included in the next release

    Thanks for your help!
     
  2. VladimirM

    VladimirM Developer

    Joined:
    Sep 16, 2015
    Posts:
    153
    Location:
    Jerusalem, Israel
    Hello
    VoodooShield doesn't use the windows gadget infrastructure (I assume that you mean the sidebar gadgets). I agree that the name is misleading a bit, so probably we need to think about some other.

    Regarding VoodooAi it's better to ask Dan, he makes the most development work, so he knows better than me.

    Thanks
     
  3. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,001
    Location:
    Among the gum trees
    No Vlad, thank you for your help. :)
     
  4. 71Darrin

    71Darrin Registered Member

    Joined:
    Dec 4, 2008
    Posts:
    25
    Hi VladimirM ! What is the purpose of the gadget and can it be disabled? From what I've seen in your video on your site the balloon pop ups are coming from the taskbar icon, not the gadget. So then if both the gadget and the taskbar icon provide the same options menu then whats the gadgets purpose and can it be disabled permanently and not hidden? ThankYou for your timely response. Darrin
     
  5. Gillor

    Gillor Registered Member

    Joined:
    Jul 12, 2013
    Posts:
    84
    Location:
    UK
    Despite instructing Voodooshield to block this application it keeps reappearing every time I open Chrome (since the last Chrome update I think).

    According to the log the Path and Hash are always the same so any ideas as to how I can permanently block it?

    Software Reporter.jpg

    2016-01-09 16_37_31-VoodooShield Scan.jpg
     
  6. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    VS has had both of these features for a very long time now, at least since 2.75, possibly before.

    We just need to add the new Windows 10 dismhost.exe process / hash to the hardwired list, and this issue will be resolved. We could always include fulltime whitelisting by publisher, but after seeing all of the fake digital signatures in the VoodooAi sample data malpack sets... believe me, that is the LAST thing we want to do.

    VS is a computer lock, and there will be blocks from time to time... there is no way around it. With our toggling and other proprietary features, we have done A LOT to reduce the total number of blocks, but we will never be able to safely eliminate all of the blocks. Thank you!
     
    Last edited: Jan 11, 2016
  7. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Sure, thank you!
     
  8. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Not anytime soon. The code is already written, but we just need to integrate it in to 3.0, but we will asap. Thank you!
     
  9. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    No worries... you did not open a can of worms. The VS desktop shield gadget looks like a gadget, but is actually not one of the Windows gadgets that are subject to vulnerabilities. It is actually just a plain form / window that looks and behaves like a gadget, but it is not, so there are no worries there at all.

    The purpose of the shield is explained here: https://www.wilderssecurity.com/threads/voodooshield.313706/page-335#post-2553512

    Basically, if you are going to lock a computer, you need to make it easy to use, and to be able to turn the lock off quickly. Also, our desktop gadget lets the user know the status of the lock at all times, and also makes them feel safe. I have heard hundreds, if not thousands of times how our desktop shield gadget makes the user feel safe. And honestly, that is priceless. Thank you!
     
    Last edited: Jan 12, 2016
  10. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    All tray notifications come from the tray area... we could make the notifications come from the desktop shield gadget... but it just works better keeping them as they are.

    If you want to hide the desktop shield gadget, just right click and choose "Hide". Thank you!
     
  11. 71Darrin

    71Darrin Registered Member

    Joined:
    Dec 4, 2008
    Posts:
    25
    Thanks VladimirM for the info! I didn't realize how many functions this gadget provided. Have a great day! Darrin
     
  12. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,648
    Location:
    USA
    I've been using VS 3.07 beta on Windows 7X64 Ultimate for 5 days now without any issues. All the bugs I had experienced with VS version 2 have been fixed in version 3. I have not done a lot of testing, but things have been running smoothly. I have checked about half the settings of VS, and VS is operating in accordance with the different configurations.
     
  13. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,648
    Location:
    USA
    Not allowing all software from Program Files causes VS to disable it's protection if the user tries launching Hitman Pro. VS treats it as an installer when you choose allow from VS prompt. I remember Dan informing me that it can be difficult to distinguish from installer, and plain .exe with some software. I just manually reenabled the protection.
     
  14. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,001
    Location:
    Among the gum trees
    Hi Vlad,

    Call me impatient if you will but I'm keen to try your next beta. Are we getting close?

    Thanks,
    Dave
     
  15. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    That was actually me (Dan), but thank you either way!
     
  16. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Thank you, yeah, we have come a long way and Vlad did a great job on 3.0 and finishing up fixing all of the bugs... so we are almost there!
     
  17. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, some software has their own "Installer", and is pretty much impossible for VS to detect. I am not exactly sure what you mean on this, so if there is a bug we need to fix, please let us know.
     
  18. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Sorry, Vlad is a little preoccupied at the moment, but I think he will be back with us shortly (you will understand) ;).

    BTW, VoodooAi is almost ready... I have been tied up in meeting after meeting, working on taking VS to the next level. I will say this... man, hehehe, it is frustrating to get ML / Ai just right, but I really think it will be worth it, and highly valuable to VS for analyzing unknown files.
     
  19. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,971
    Location:
    Poland - Cracow
    I've noticed on my Vista bug of VS in version 3.0.5 and 0.7...pop-up alert is completely empty and I can see only grey area so I don't know about what is an iformation. In effect I'm not able to react and proscess is blocked without my decision.
     
  20. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, we are trying to track down this bug. Do you know what item VS blocked? If so, it will be super easy fix. Can you maybe look at the User Log to see what it blocked and let us know? Thank you!
     
  21. 71Darrin

    71Darrin Registered Member

    Joined:
    Dec 4, 2008
    Posts:
    25
    Hi Dan! Correct me if I'm wrong but is there an adjustment for the auto block time of 20 seconds in the upper right corner of the pop-up alert for allow/sandbox/block? If not can this be added with incremental 20,30,40... including a no time limit in case I'm away from my comp.? Thanks!
     
  22. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, thank you Darrin, that would be cool! Vlad or I will add that soon, thank you!

    BTW, just to clarify, the issue that ichito experienced is when VS blocks something, but does not have any graphics or buttons on the prompt at all. It should disappear after 20 seconds (or whatever) as long as the mouse does not enter the box. We already know what the issue is... and it is quite simple. When the User Prompt is shown, there are initially no buttons or graphics on it at all. Then, depending on what was blocked, VS will determine which buttons and graphics to add to the box. The problem is, VS is blocking something that is not covered in our If Then statements, so it does not add any graphics or buttons. Once we figure out what is being blocked, we will just make sure whatever criteria is being missed is included in our If Then statements. The problem is that it hardly ever happens, so we have no idea what blocks are causing the blank grey box. But once we discover a process that shows a grey box, it will be super easy to fix. I hope that makes sense ;).
     
    Last edited: Jan 21, 2016
  23. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,648
    Location:
    USA
    I'm not sure if it's a problem. If an application on the user's machine triggers VS to disable itself then we just need to make sure VS does not stay disabled long. We don't want them surfing, etc.. unprotected. I just turned the protection back on manually for myself.
     
  24. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,648
    Location:
    USA
    I added licquerryapp.exe to the whitelist on the 1/19, and today it blocked it again. I think I added it anyway. I trigger it to run so I could allow it by VS's prompt. Is VS still suppose to add executables to the whitelist if the user allows them by the prompt? It is located in the Program Files (x86) Appguard folder.

    Edited 1/ 21 @ 3:58
    I just added it to the whitelist again by right clicking on it in the user log. I will see what happens.
     
  25. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,391
    Location:
    Under a bushel ...
    I have seen this on Win 7 as well.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.