VoodooShield/Cyberlock

VisorShield ....but, I still like VoodooShield.

 

Cool, thank you! BTW, I found a small bug already, hehehe. It will fix the speed issue with shield toggling as well as soon as I figure out where the bug is.

 

I didn't get upset by the "conversation", it was entertaining and informative I think (thank you both ), and I wouldn't mind if it had continued for a while longer. But I got upset that the thread got closed. As I wanted to make a comment on this part....

Malware don't care about how old ones computer is...FYI my computer is 9yrs old.

 

It was not allowed and it killed VS. I am under the impression that he had to work at it a little to make it kill VS, but he did figure it out. He is a smart guy!

But this special code that kills VS would have to run first in malware in order to kill VS and get their malware through. He is right about the race conditions, but I am extremely curious what we will say about what I found. I was also thinking about it... UAC probably uses a kill method very similar to what Fabian is suggesting that we do, and is not subject to race conditions, and viruses pass right by it.

This is something that we need to fix, but most hackers could care less about VS at this point. When we run the engine as a service, that will help, and we can optimize the kill method.

Keep in mind, I highly doubt that anything is 100% bulletproof.

 

I guess I will just stick with v 1.24 for the time being, until I figure out how to get .NET installed correctly.

 

It was a fun thread! But Fabian and I decided it was best to close it, but thank you!

Actually, believe it or not, I really think hardware does make a small difference. And when someone is trying to kill VS, we are talking in terms of milliseconds, and it could be all of the difference in the world if the CPU is maxed out. Like if I run VS on a 15 year old computer, there is a better chance that something can slip by. I just think that if we are going to conduct tests, we should do everything possible to make it mirror the real world. Don't get me wrong, we should run these tests on old and new computers. But to run on a 10 year old computer in a VM, that just doesn't happen in the real world.

 

So...as I read such closed discussion I try to find answer "where is the problem?". Everybody here know that we have many certain kinds of security app...each one of them has some specific and unique features and abilities...so what sense is in comparing "full featured anti-malware" with easy constructed enti-exe? They have different tasks to do and different abilities...asking questions "who is better" is for me like "what is better - rain or lack of rain".

 

Sorry about that, I wish there was something I could do to help you fix that. Have you thought about maybe uninstalling all of the .net runtimes and then just install VS... it will reinstall all of the runtimes automatically.

 

Exactly! Do you like coke or pepsi? I have noticed that people either love or hate VS, there really is no in between . I didn't think this little guy would cause so much controversy .

 

I believe if anything is specifically targeted there's a good chance it can be killed. I think running VS as a service may help, but it could also introduce new bugs, and new challenges. The benefit of running VS as a service overall may be worth it for Government, Education, and the Business market alone. It might even satisfy those anti-VS groups that believe UAC will stop more threats than VS, but I would not hold your breath. To me this is ridiculous, but everyone is entitled to their own opinions.

 

Btw.. VS will stop unknown, and untrusted applications from running. Anything not on the whitelist, or not excluded in VS's custom settings will not be allowed to run.

 

I have been beta testing software in a live environment on my custom desktop since I got this computer nearly 7 years ago. Mind you, I have had to replace the motherboard twice, and the last one, just a week ago. I had installed .NET 3.5, previously for testing VoodooShield last year.

However, it was installed on a snapshot that had to sacrificed with install of the new motherboard. So, I have to start from scratch to get .NET 3.5 installed.

 

How does one do that? Through ADD/Remove in Control Panel?

 

Yeah, I agree about something being specifically targeted. Running as a service will help, and once we have everything right, it will be easy to create the service... it will use pretty much the same code. I just didn't want to mess with running VS as a service until we had everything just right. But I am sure we will have some issues when we run it as a service!

 

Exactly! Technically, the killed process runs for 1-5 ms, then we kill it. So Fabian is right, it does not INITIALLY block the virus, but it does once it detects it. It is all a matter of semantics.

 

Correct. I would uninstall 3.5 first, then reboot. Then uninstall 2.0 and reboot. Then 1.1, reboot, then 1.0 reboot. Then just install VS and it should install of them automatically. Please let me know if you have any problems. I am going to bed early tonight, but I will be available tomorrow. Thank you!

 

OK Thanks.

 

Ok - will try 1.25 later today when I get back.

 

How about XShield? when you say executable your making the 'X' sound is why...just a thought

 

Hi Cutting_Edgetech -

Sir, what is your view of running appguard together with voodoo shield?

Perhaps appguard would prevent specialized killing of voodoo shield...?

-cheers,
feandur


[Oh! I do hope I don't open another can of worms! ]

 

@ VoodooShield -

any plans to migrate to a higher version of .NET, say v4 or higher?
< it's possible you answered this already, but just worth asking again>

I ask only in that 3.5 is perhaps the most heavily patched and updated of all the .NET frameworks [at least for Win XP].

I usually install and update offline to avoid any install issues on my slow P/C [by downloading the patches and framework installers from the historical releases on Microsoft's update page].

My point being I usually end up with dozens and dozens of files to install just for v3.5 alone...many with similar or confusing names...I sometimes find that some are just not relevant.

Long story short...v3.5, in particular, is such a royal pain!

- any way, it is what it is....and everyone's experience is different.


-cheers,
feandur

 

When are you going to fix the "Edit Whitelist" not working problem for Chrome?

Is anyone able to use this tab who is using Chrome?

Another problem that might be related. Upload to VirusTotal does not work.

Any suggestions?

 

Great, thank you. Please let me know if that fixes it! I moved the UI initialization to the VERY top of the code, before checking for registration and everything else.

 

Hmmm, I like that one. What does everyone else think?

 

Yes, and it is a very easy conversion, and it would offer more features that we would find to be very handy... and it will run even better since 3.5 on XP is not great. But yes, we plan on doing this soon. Thank you!