VoodooShield/Cyberlock

Oh, I know what you mean now. I am seeing that too. Let me refine the logic a little more and it will work perfectly! It is funny, 1.23's logic is better, but the flash drive support doesn't work. Everything works in 1.24, but the browser will not activate in Smart Mode once it turns OFF, until it is the active window (has focus). That is what you are seeing, correct? Thank you!

 

Thank you for your help!

 

Sorry, are you talking about the shield not coming up at all, or the fact that it doesn't activate quite as fast when a browser is launched, or the issue in post #1901.

Basically, since Cutting_Edgetech discovered that bug in the new USB feature, I had to totally rework the logic of the Smart Mode. It is now all secure, but now we have to optimize it for speed. That will take a couple of days.

Please let me know which issue you are having! We are aware of these and they will be fixed soon. The good new is that it is secure. Thank you!

 

Any time!

 

Well VS doesn't turn ON (in Smart Mode) as fast when a browser is launched, sometimes it takes like 20 sec, sometimes minutes and sometimes it turns ON in a blink of an eye).

I have experienced a browser session in wich VS didn't turn ON at all (session that last like 3-5 minutes). * This happened only 1-2 times but after deleting the VS folder in AppData seemed to be fixed but the delay is still there. So now VS turns ON when a browser is launched but in a manner described in the first sentence.

I wish that my English were better so I can explain in a more detailed fashion.

 

It seems I don't have to work for now. The person I was helping had something else he had to do. So seems like I have more time to help out than I thought.

I was going to mention earlier that the protection in smart mode needed to be optimized since there seemed to be a delay in the shield activating for both USB devices, and Web Browsers. More so for USB devices than Web Browses. That was my experience anyways. I already expected it would have to be optimized though. This can be expected when making so many changes in such a short time. It would be more surprising if it did not have to be optimized.

 

I experienced that in version 1.23. It actually was more like 10 minutes for VS's shield to activate in version 1.23 when using a web browser after using a USB flash drive. I have not experienced that so far in version 1.24. I have not used it long at all so maybe I will find I have the same problem. It's too early to tell. So far has been good though.

 

I am talking about the shield not coming up for about 90 seconds when you boot up and so you do not know whether it is on or off. Even starting the Bat does not bring it up.

 

You mean The Bat mail client? Does it start with a delay with The Bat or not at all?

 

Problem noted here when VS in smart mode it takes about 10 seconds for the tray icon to turn from red to blue when Mozilla Firefox is opened in latest beta VS 1.24. Running Windows 7 Home Premium SP1 x86.

 

You might try uninstalling VS, then deleting your VoodooShield settings... Just delete all of the folders in this folder and reboot.

C:\Users\"UserName"\AppData\Local\VoodooShield


Sorry for the inconvenience everyone, I will get this fixed soon, I am working on it right now.

Thank you!

 

I have noticed that VS does not enable it's protection in smart mode when opening Pdf files. It seems to me that it is a quite common practice to embed threats in pdf files. Will pdf files be added to the list of things to trigger VS's protection? Seems like adobe products in general are problematic for acting as a vessel for infected payloads. I would also recommend making a list of applications that employ flash, and the java runtime environment that could be a security threat. They don't release patches for these applications often for no reason lol

There's just so many ways to get infected. It's hard to cover them all. Even media files such as images, videos, and music can have executable code embedded in them to infect you. The code will target the applications used to open the media. One good example is Windows Media Player which uses the file extension .wma. If your version of Windows Media Player is not patched or there is an unknown vulnerability for it then you can become infected. Malware writers like to target popular applications used by many people so Window Media Player has a big Bulls Eye stamped to it. Also any media formats that support java script can become a vessel for an infection.

 

I just ran Windows Media Player, and VS did not activate it's protection in smart mode. I thought it did. I operate in always on mode except for testing.

 

Applications to add to the list to activate VS's protection in Smart Mode

Adobe Acrobat, Adobe Pdf Reader, Adobe Flash Player, etc..

Windows Media Player

Any Media applications that support java script


If anyone can think of more to add to the list then list them. Keep in mind it's the application that the payload exploits, and that malware writers like to code infected payloads for popular applications.

 

Yeah, for a virus to do anything significant, it has to spawn a new process, that is when VS kills it. Obviously pdf's are allowed because Acrobat reader is allowed, but it would be a good idea to add that and Windows Media Player to the list of apps that activate VS in smart mode. I just have not had time to make a list of all of the apps, but I will soon. I know you have a list started, and that will help a lot. Thank you!

 

I will look into this as I have free time, and send you my findings. Exploits is something that really interest me. I actually had some samples once of infected media files. I wish I would have kept them now. At the time I did not want them around for someone to accidentally click on. I researched this once before several years ago so my knowledge is not so fresh on the topic now. I will enjoy researching this regardless.

 

You can think of exploits as pathways for viruses, but they are not viruses. If for example, a hacker finds a hole to exploit in WMP, he will use this to drop the payload, which is the executable code. That is when VS kills it.

 

Dan - That worked. Nothing else to report.

 

Cool, thank you! I am still working on optimizing the engine to show the icon faster and to respond better to the browser. Version 1.24 was just kind of a patch to fix the bug that Cutting_Edgetech found. Everything works in this version, but it is not as quick and as optimized as it should be, since I had to get it out in a hurry. I will have 1.25 for you guys very soon! There will also be a button to reset factory defaults. Thank you!

 

i just wonder if you ever consider changing the name voodoo?i dont know but for me it sounds strangesome like voodoo i heard something scary about it

 

I am deeply offended! I am totally kidding!!! Actually, a lot of people have a problem with the name but we cannot think of anything else to call it. Some of my clients wont even install it because of the name!!! Or when they refer to VS, they never say the name, they just say, "how is that software you are working on coming along?" We spent at least 3 months trying to come up with a name, but we couldn't. If anyone has a great name, please let us know!

 

it will be nice to have a new name let;s reaserch for it but i really offended you i a appologize

 

what about guardshield or malwareshield,programshield or secureshield

 

I like the name Voodoo (Malware) Shield everyone is to superstitious.

Daniel

 

I will get the Voodoo Doll and start poking you with needles.

Daniel