VoodooShield ?

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Oh, I know what you mean now. I am seeing that too. Let me refine the logic a little more and it will work perfectly! It is funny, 1.23's logic is better, but the flash drive support doesn't work. Everything works in 1.24, but the browser will not activate in Smart Mode once it turns OFF, until it is the active window (has focus). That is what you are seeing, correct? Thank you!
     
  2. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Thank you for your help!
     
  3. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Sorry, are you talking about the shield not coming up at all, or the fact that it doesn't activate quite as fast when a browser is launched, or the issue in post #1901.

    Basically, since Cutting_Edgetech discovered that bug in the new USB feature, I had to totally rework the logic of the Smart Mode. It is now all secure, but now we have to optimize it for speed. That will take a couple of days.

    Please let me know which issue you are having! We are aware of these and they will be fixed soon. The good new is that it is secure. Thank you!
     
    Last edited: Jul 29, 2013
  4. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,648
    Location:
    USA
    Any time!
     
  5. AlexCross

    AlexCross Registered Member

    Joined:
    Apr 21, 2013
    Posts:
    81
    Location:
    Romania
    Well VS doesn't turn ON (in Smart Mode) as fast when a browser is launched, sometimes it takes like 20 sec, sometimes minutes and sometimes it turns ON in a blink of an eye).

    I have experienced a browser session in wich VS didn't turn ON at all (session that last like 3-5 minutes). * This happened only 1-2 times but after deleting the VS folder in AppData seemed to be fixed but the delay is still there. So now VS turns ON when a browser is launched but in a manner described in the first sentence.

    I wish that my English were better so I can explain in a more detailed fashion.
     
  6. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,648
    Location:
    USA
    It seems I don't have to work for now. The person I was helping had something else he had to do. So seems like I have more time to help out than I thought.

    I was going to mention earlier that the protection in smart mode needed to be optimized since there seemed to be a delay in the shield activating for both USB devices, and Web Browsers. More so for USB devices than Web Browses. That was my experience anyways. I already expected it would have to be optimized though. This can be expected when making so many changes in such a short time. It would be more surprising if it did not have to be optimized.
     
  7. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,648
    Location:
    USA
    I experienced that in version 1.23. It actually was more like 10 minutes for VS's shield to activate in version 1.23 when using a web browser after using a USB flash drive. I have not experienced that so far in version 1.24. I have not used it long at all so maybe I will find I have the same problem. It's too early to tell. So far has been good though.
     
  8. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,563
    I am talking about the shield not coming up for about 90 seconds when you boot up and so you do not know whether it is on or off. Even starting the Bat does not bring it up.
     
  9. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,648
    Location:
    USA
    You mean The Bat mail client? Does it start with a delay with The Bat or not at all?
     
  10. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,273
    Location:
    USA
    Problem noted here when VS in smart mode it takes about 10 seconds for the tray icon to turn from red to blue when Mozilla Firefox is opened in latest beta VS 1.24. Running Windows 7 Home Premium SP1 x86.
     
  11. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    You might try uninstalling VS, then deleting your VoodooShield settings... Just delete all of the folders in this folder and reboot.

    C:\Users\"UserName"\AppData\Local\VoodooShield


    Sorry for the inconvenience everyone, I will get this fixed soon, I am working on it right now.

    Thank you!
     
  12. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,648
    Location:
    USA
    I have noticed that VS does not enable it's protection in smart mode when opening Pdf files. It seems to me that it is a quite common practice to embed threats in pdf files. Will pdf files be added to the list of things to trigger VS's protection? Seems like adobe products in general are problematic for acting as a vessel for infected payloads. I would also recommend making a list of applications that employ flash, and the java runtime environment that could be a security threat. They don't release patches for these applications often for no reason lol

    There's just so many ways to get infected. It's hard to cover them all. Even media files such as images, videos, and music can have executable code embedded in them to infect you. The code will target the applications used to open the media. One good example is Windows Media Player which uses the file extension .wma. If your version of Windows Media Player is not patched or there is an unknown vulnerability for it then you can become infected. Malware writers like to target popular applications used by many people so Window Media Player has a big Bulls Eye stamped to it. Also any media formats that support java script can become a vessel for an infection.
     
  13. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,648
    Location:
    USA
    I just ran Windows Media Player, and VS did not activate it's protection in smart mode. I thought it did. I operate in always on mode except for testing.
     
  14. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,648
    Location:
    USA
    Applications to add to the list to activate VS's protection in Smart Mode

    Adobe Acrobat, Adobe Pdf Reader, Adobe Flash Player, etc..

    Windows Media Player

    Any Media applications that support java script


    If anyone can think of more to add to the list then list them. Keep in mind it's the application that the payload exploits, and that malware writers like to code infected payloads for popular applications.
     
  15. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, for a virus to do anything significant, it has to spawn a new process, that is when VS kills it. Obviously pdf's are allowed because Acrobat reader is allowed, but it would be a good idea to add that and Windows Media Player to the list of apps that activate VS in smart mode. I just have not had time to make a list of all of the apps, but I will soon. I know you have a list started, and that will help a lot. Thank you!
     
  16. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,648
    Location:
    USA
    I will look into this as I have free time, and send you my findings. Exploits is something that really interest me. I actually had some samples once of infected media files. I wish I would have kept them now. At the time I did not want them around for someone to accidentally click on. I researched this once before several years ago so my knowledge is not so fresh on the topic now. I will enjoy researching this regardless. :cool:
     
    Last edited: Jul 29, 2013
  17. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    You can think of exploits as pathways for viruses, but they are not viruses. If for example, a hacker finds a hole to exploit in WMP, he will use this to drop the payload, which is the executable code. That is when VS kills it.
     
  18. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,273
    Location:
    USA
    Dan - That worked. Nothing else to report.
     
  19. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you! I am still working on optimizing the engine to show the icon faster and to respond better to the browser. Version 1.24 was just kind of a patch to fix the bug that Cutting_Edgetech found. Everything works in this version, but it is not as quick and as optimized as it should be, since I had to get it out in a hurry. I will have 1.25 for you guys very soon! There will also be a button to reset factory defaults. Thank you!
     
  20. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    i just wonder if you ever consider changing the name voodoo?i dont know but for me it sounds strangeo_Osome like voodoo i heard something scary about it:D
     
  21. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    I am deeply offended! I am totally kidding!!! Actually, a lot of people have a problem with the name but we cannot think of anything else to call it. Some of my clients wont even install it because of the name!!! Or when they refer to VS, they never say the name, they just say, "how is that software you are working on coming along?" We spent at least 3 months trying to come up with a name, but we couldn't. If anyone has a great name, please let us know!
     
  22. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    it will be nice to have a new name:) let;s reaserch for it:) but i really offended you i a appologize
     
  23. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    what about guardshield or malwareshield,programshield or secureshield
     
    Last edited: Jul 29, 2013
  24. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,045
    Location:
    Ontario, Canada
    I like the name Voodoo (Malware) Shield everyone is to superstitious. :D

    Daniel
     
  25. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,045
    Location:
    Ontario, Canada
    I will get the Voodoo Doll and start poking you with needles. :D

    Daniel
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.