VoodooShield/Cyberlock

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    4,638
    How good is the Whitelist in VS protected?
    Mere "hypothetical" situation:
    A program (let's say some malware) is unknown to VS; it runs for a few milliseconds (or whatever time-frame). It is specifically aimed at VS. It wants to make some change in the Whitelist of VS (for example it wants to put some (malicious) program in that Whitelist).
    (yes, I do hear the echo of the answer of Vesselin Bontchev when I posted something like that more than ten years ago in a different situation).
     
  2. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Well, it is encrypted if that helps any.
     

    Attached Files:

  3. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    I found another bug maybe? When you do Disk Clean Up it runs files in %Temp% Folder and I tried everything Training mode and in the end I have to exit VS.

    Daniel

    01-08-2013 12-18-13 AM.png 01-08-2013 12-20-29 AM.png

    01-08-2013 12-16-13 AM.png 01-08-2013 12-24-36 AM.png
     
  4. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Wow, very cool, thank you! It is probably pretty important that they do not blacklist us, especially since we recommend them on our website ;).
     
  5. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    If you use the Fabian code, it will kill VS, but in all fairness, it took him awhile. He is really good though.

    Before we are on any hackers radar, VS will have chosen the best kill method and will be totally secure!
     
  6. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yes, that really helps a lot, good point!
     
  7. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Thanks, They are a great pair WSA & VoodooShield. :thumb:

    Daniel, Dan, Danny :blink:
     
  8. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Wow, disk cleanup runs from the appdata directory? I better check this out.

    Why would MS do that? They are the one's who who created the app data folder so that developers can store non executable files that need write permission (for program settings, etc). See, any file in the program files directory can be an executable, but you cannot write to it. So MS created the appdata directory so that developers can store files that need to be changed can be written to. And files in here really should not be executable files, and that is why this is one of the hangout spots for viruses.

    There is the option to not whitelist items in the appdata directory, but we need to find a better solution. Thank you for letting me know! Wow, this is crazy!
     
  9. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Have you guys seen the pcmag review of VS? My absolute favorite part was the intro…“Antivirus developers often joke that if false positives weren't an issue they could create the perfect antivirus utility. To be sure of catching every virus, Trojan, and other malicious programs, they'd simply design a tool that blocks every program. It turns out that idea isn't as far-fetched as it might sound.” I think he understands the big picture.

    Neil did an exceptional job of explaining and reviewing our software… VS is extremely hard to describe how it works (even though it is ridiculously simple to use), and we have been trying for 2 years to describe VS, but we have not been able to do so.

    He did find one hole that we need to fix, I swear that I tested this during development, but he was correct. For Windows XP, Windows folders are not protected, and VS relies on that, so we need to fix that for XP. I am pretty sure that affected our rating.

    I think once we figure out the best kill method and protect Windows XP System folders, things will be good.

    One thing that I thought was funny was that “Easy to turn off protection” was listed as a Con. While this is true, it would have been really funny if it was listed as a Pro too. Because in all fairness, it is good and bad ;).

    Anyway, please feel free to read his review and comment if you wish!
    Thank you!

    http://www.pcmag.com/article2/0,2817,2422274,00.asp
     
  10. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I will leave a review tomorrow. I'm tired, and my review would probably need a translator if I wrote it now lol
     
  11. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    I still don't understand what's wrong with the current name?
    o_O
    It adds a bit of magic...
     
  12. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,565
    I am using Win 8/64. Could try it on 7/64 later.

    It seems that VS gets buried in the background as an unimportant process. Maybe when you get it to be a service it will be activated sooner, but just a guess as it is way beyond me.
     
  13. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,565
    Just tried Win 7/64 and it behaves the same way. This is an ASUS/AMD machine if that is of any significance.
     
  14. AlexCross

    AlexCross Registered Member

    Joined:
    Apr 21, 2013
    Posts:
    81
    Location:
    Romania
    I found a bug in version xx5, some exe files are whitelisted without no notification, even when VS is in Always ON mode, exe files that I had in other partitions, some are blocked some are automatically whitelisted, wired thing is that VS log file don't give any info about who was blocked or allowed from exe files I ran.

    (The exe files are some programs that I saved on my PC).
     
  15. Feandur

    Feandur Registered Member

    Joined:
    Jun 15, 2005
    Posts:
    429
    Location:
    Australia
    @ VoodooShield
    Superb ! :thumb: :thumb:


    @ Cutting_Edgetech
    Super ! :thumb: :thumb:



    @ djg05
    I'm aware that a service can be delayed to start,....
    ...quoting from from "WS2008: Startup Processes and Delayed Automatic Start".....here ...http://blogs.technet.com/b/askperf/archive/2008/02/02/ws2008-startup-processes-and-delayed-automatic-start.aspx

    But how to increase process priority ? Maybe something like Process Explorer or Autostart from http://technet.microsoft.com/en-us/sysinternals/default

    ..over to voodooshield. :)

    -cheers,
    feandur
     
  16. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    I think so too!
     
  17. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    I have to admit the name has grown on me a little, but if we can find something even better, that would be really cool too! I really like the names that everyone has come up with so far. I cannot wait to see the poll results!
     
  18. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    In Windows Task Manager, once VS finally comes up, what is the Base Priority of VS? If Base Priority is not displayed, you can show it in View / Select Columns. Thank you!
     
  19. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    That is really odd, what other security software are you running on both machines?
     
  20. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yes, 1.25 is a really bad version. It would be best if everyone installed the 1.24 current version for now. I should have a new release that is working correctly very soon. Thank you!

    http://voodooshield.com/download/versions/Install VoodooShield.1.24.exe
     
  21. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Thank you feandur for thinking of that! Hopefully that will help him, lets see what he says!
     
  22. silver0066

    silver0066 Registered Member

    Joined:
    Dec 31, 2004
    Posts:
    994
    I am not running AVG. Are you aware that Chrome installs in the C:\Users\xxx\AppData\Local\Google folder and not Program Files or Program Files (x86)?
     
  23. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Ahhhh... this might be why it is not working!!!! Thank you for mentioning this!

    Chrome used to install there until about 6 months ago or so, and it was an issue for security developers. The new version of Chrome installs into the Program Files directory (where they should have put it in the first place), we are happy they fixed it!

    What version of Chrome are you running? You might have to copy and paste the C:\Users\xxx\AppData\Local\Google folder to your desktop as a backup, uninstall Chrome, reboot, and install the latest version. It should install into the Program Files folder.

    I bet this fixes it, please let me know! Thank you!
     
  24. AlexCross

    AlexCross Registered Member

    Joined:
    Apr 21, 2013
    Posts:
    81
    Location:
    Romania
    In version xx4, VS allows an exe , basically it whitelists it, the exe is in another partition and it's just a software. I loged in into my account, and there it is. I tested with more softwares that I saved in my computer, in different partitions, and some were blocked, some allowed.

    (Before testing I cleared log file and whitelist)

    Same bug from xx5.
     
    Last edited: Aug 1, 2013
  25. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    What Mode was VS in? Smart / ON, or Always ON? If VS is in Smart Mode / OFF, it will not protect other partitions, it will only protect the user space. Thank you for testing this, and please let me know!

    I just tried it with Smart / ON mode, and it blocked a file from another drive.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.