VoodooShield/Cyberlock

Thank you Pete, I appreciate your help! I just tried it again with putting the DeveloperLogs in a different folder and excluding those, and it seemed to work great, and there were no errors in the logs. So then I got to thinking... maybe VS gets upset when it cannot write to the DeveloperLogs (this has actually happened before). So then I put the DeveloperLogs back where they go, and right now it seems to be doing ok. So I am not sure what to think at this point, all I can do is keep testing . I cannot think of anything in particular to look at, but if you find anything, please let me know! I tested on Win 7x64 as well... it was the same computer that completely froze earlier.

 

Most issues with people using SD is that they use others security softs alongside it ; and forgot to add SD processes to the other softs exclusions.

SD virtualize the full partition so no issues like the one described earlier should even happen. also adding a folder into SD exclusions is more like letting a door open to the real system for infections, it defeats the whole purpose of SD; if folders have to be excluded, countermeasures must be applied to them , like sandboxing or blocking execution.

 

So what are some of the issues that other softs have with SD? I know a few people have said that there have been incompatibilities with VS and SD, then when I tried the combo the first time, it really messed up.

That is a great point guest, users should not Exclude the entire C:\ProgramData\VoodooShield folder (assuming that this even turns out to be necessary). If it turns out that we do have to exclude items, it would be best to Exclude the specific .dat and .log files in that folder. Thank you!

 

Thank you stapp for letting us know!!!

Anyone who has had issues with SD and VS, please let us know what issues you had so we can get to the bottom of this.

 

SD shouldn't interfere with VS , because SD would just redirect all the system into a hidden partition, i tested SD with almost all software possible , i never encountered any issue like the one described (maybe im lucky) .
However, I admit i have not tested VS with SD. Since VS is an anti-exe , i think that whitelisting every SD's processes is necessary (i always did that with every security softs i used alongside SD).

You are welcome.

the worst case scenario that would happen with an excluded folder is :

- user download and allow execution of a ransomware in Shadow Mode
- the ransomware start encrypting all files in Shadow Mode; since a folder is excluded, the ransomware access the real system and then encrypting it.

to counter that , the excluded folder must be shielded or isolated, i often advice to people excluding folders in SD , to either use Sandboxie (to isolate it) or any kind of execution blockers.

 

The same in Admin account.

 

I see, thank you. Hopefully we will not have to worry about it either way, because hopefully we will hear from the users who had issues with SD and VS, and get to the bottom of it.

I am really getting tired of bugs... even my Ruko box has bugs. How can a Roku box have bugs?

 

Do you mean you have the same error when running in an admin account? Can you please send me your DeveloperLog.log file from the C:\ProgramData\VoodooShield folder? Thank you!

 

Yes, I've installed VS in my routine SUA and dropped in Admin acc. to check this.

 

Got it, thank you! Is this an intermittent issue, or does it happen all of the time? I will look at your log closer tomorrow and see what all I can find.

This might be a silly question, but when you installed VS, did you log in as administrator first? I am just curious because I know there are ways to install software when running under a SUA, and I have never tested that scenario with VS, but I imagine it probably would not work that well.

 

Actually I never use AA - only SUA. All progs, including security ones are installed in SUA. I hope VS will work in SUA as it's expected.

Hmmm btw is VS is supposed to be used in Admin account only?

Just checked again VS can't work in the same way. All other security progs (W10FC Sphinx, MBAE, Avira free) installed in my SUA are OK in AA.

 

i won't do that personally. Since you are doing daily tasks on SUA , if you have a malware waiting for elevation , it may takes advantage of it.

SUA is for working or browsing
AA is for managing the OS

 

Thank you.

Never heard of malware waiting for elevation. Insidious.

So if I routinely use SUA it's better to install all soft in Admin acc?

Maybe it's better to install in SUA-1 and daily use SUA-2?

 

Indeed some malwares will exploit a legit process (requesting elevation) to reach admin rights. It is the way UAC is bypassed.

Yes. since AA will be used only to install softs; no browsing/downloads in it. Also be sure your installer is clean ^^
i personally tweaked my admin account to ask for the password (like in SUA).

not needed, it will gives you too much of hassle. Installing a software request "high" privileges so basically you will run the installer at admin level.

 

Thank you. So browsing and downloading only in SUA, and installing only in AA. Though some installers need Internet connection - I think this is not a big problem.

Thanks a lot!

 

So I've installed VS in AA. Now it works fine in all accounts - AA, SUA and Guest.

Thank you @guest, @VoodooShield!


Hm "AA" I don't like this abbrev. Reminding me notorious "AAAAAA"

 

I have been running 321 with Webroot and MBAE for several hours now and it has been totally solid.

I have not yet tried it in shadow mode again. I should perhaps point out that when I was having the freezing issues, I always ran SD first and then installed VS. VS would usually run quite perfectly for anything between one and three hours before freezing part of the OS. Not sure if this is relevant Dan but thought that it was worth mentioning.

 

My pc is always in shadow mode and I install VS in that mode, keep it for a 5-6 days and then reboot pc and start again.
I have no issue with VS or SD running like that.

 

That's very interesting. The mystery deepens!

 

You should be running VS in Sandboxie in Shadow Mode on a virtual machie

 

So you installed VS in shadow Mode...interesting... does any of you ever considered that VS may need a reboot to perform properly? (im not a VS user so i may be wrong)

SD isn't made for testing complex softwares like security softs, because they often need a reboot.
for those kind of tests, you have Rollback RX.

 

no it isn't

you are welcome.

 

VS does does not need a reboot after installing.

 

I just test VS for now and don't want to install on "real" system jet.
Checking how my other programs/drivers work and when I see that is everything fine (and when the VS is out of beta) then i will install and also recommend to all others people.
For now VS is working fine in Autopilot Mode .

You said to me that Rollback RX is no good on SSD so this is the second best thing to do the tests.