VoodooShield 5.70

Forums VoodooShield Support Forum VoodooShield Releases VoodooShield 5.70

  • Post
    Dan
    Keymaster
    US
    Hey Guys, VoodooForums is not working well at all.  It is built on wordpress / bbpress and I have read that these types of issues are typical with bbpress.

    So I updated the entire site and started this new topic to see if it is working better.  If not, we will either have to chose another platform, or maybe since most of the development and debugging for VS is finished, we figure out another way to communicate.

    BTW, I just checked my PM’s and it seems as though I missed a lot of PM’s the last 5 months, sorry about that.  I always forget to check my PM’s anyway, so it is best to email me at support at voodooshield.com.

    Anyway, let’s try this thread and see how it does now that everything is updated.

    Thank you guys!

    3
    0
Viewing 15 replies - 271 through 285 (of 314 total)
  • Replies
    Dan
    Keymaster
    US

    Krusty: Hi Dan,

     

    I forgot #1, but without that step, after deleting Weather_Tracker from the whitelist and restarting my machine, Weather_Tracker was once again “Not Safe”, but no firewall rules were created.

    Cheers.

    Hmmm, very odd, thank you for letting me know.  If you really want to test this, you might try…

    1.  Uninstall VS

    2.  Restart the computer

    3.  Delete the C:\ProgramData\VoodooShield folder

    4.  Reinstall VS and see what happens

    The only thing I can think of is that maybe the old settings.db is somehow being carried over from a previous install?

    0
    0
    Tarnak
    Participant
    I got  a whole slew conhost. exe blocks, but then allowed for –  https://answers.microsoft.com/en-us/windows/forum/windows_10-security/what-is-this-waasmedic-and-why-it-required-to/e5e55a95-d5bb-4bf4-a7ce-4783df371de4

    2/11/2020 7:08 PM Auto Blocked conhost.exe c:\windows\system32\conhost.exe 5EAD300DC7E4D637948ECB0ED829A072BD152E17 baf97b2a629723947539cff84e896cd29565ab4bb68b0cec515eb5c5d6637b69 c:\windows\system32\conhost.exe 0xffffffff -forcev1 885760 7z.exe c:\program files\secureage\whitelist\7z.exe Owner

    3/11/2020 10:44 PM Auto Allowed waasmedicagent.exe c:\windows\system32\waasmedicagent.exe 5EAD300DC7E4D637948ECB0ED829A072BD152E17 74253b0fea39bbe6fd6a825ad640e6c6e25ad7cb84b8566d379ec631070f281a c:\windows\system32\waasmedicagent.exe ac588a3f70a00ed836c418a1ca0a9496 i1a06ukc00wnvlfwetsbxq.0.1.0.0.0 89088 svchost.exe Owner

    3/11/2020 10:44 PM Auto Allowed conhost.exe c:\windows\system32\conhost.exe 5EAD300DC7E4D637948ECB0ED829A072BD152E17 baf97b2a629723947539cff84e896cd29565ab4bb68b0cec515eb5c5d6637b69 c:\windows\system32\conhost.exe 0xffffffff -forcev1 885760 waasmedicagent.exe c:\windows\system32\waasmedicagent.exe Owner

    baf97b2a629723947539cff84e896cd29565ab4bb68b0cec515eb5c5d6637b69

    Interesting…I think so.

     

     

     

    • This reply was modified 4 weeks, 1 day ago by Tarnak.
    • This reply was modified 4 weeks, 1 day ago by Tarnak.
    0
    0
    Tarnak
    Participant
    This alert has popped before, and I always allow:

     

     

    0
    0
    Dan
    Keymaster
    US
    @Tarnak, thank you for letting me know… those all look perfect.  Basically VS should not be blocking waasmedicagent.exe, but it should be blocking c:\program files\secureage\whitelist\7z.exe.
    0
    0
    Krusty
    Participant
    AU

    Dan: The only thing I can think of is that maybe the old settings.db is somehow being carried over from a previous install?

    Thanks Dan, but as I said, this was a clean install.  There were no old VS files left on the machine last time I uninstalled VS.  It happened on 2 machines by the way.

    Anyway, I guess I’ll not worry about it.

    _______________________________________________________
    • Windows 10 x64 20H2
    • Mint Cinnamon 20
    0
    0
    Dan
    Keymaster
    US
    Thank you Krusty, I will keep my eye in this, and if anyone else experiences this issue please let us know.

    Here is 6.06 that we just released to the public.  It is essentially the same as the 5.05 beta, with only a couple of very minor unnoticeable changes, mainly just reducing the logging.  Thank you guys!

    VS 6.06
    https://voodooshield.com/Download/InstallVoodooShield.exe
    SHA-256: b4d4300dae3ea4e6a9923f55079ebb2e5cfe4d6a5923edaf50bc63e0acf6bcbf

    2
    0
    Tarnak
    Participant
    Updated thru the GUI.   A few lines from C:\ProgramData\VoodooShield\DeveloperLog.log

    It is looking good, I think.

    [11-04-2020 09:38:34] [INFO ] – Snapshot Scan: 4/11/2020 9:38:34 AM
    [11-04-2020 09:38:36] [INFO ] – IsProcessInCurrentWhiteList: c:\program files (x86)\unhackme\unhackme.exe | 1
    [11-04-2020 09:38:36] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\program files (x86)\unhackme\unhackme.exe
    [11-04-2020 09:39:39] [INFO ] – IsProcessInCurrentWhiteList: c:\program files (x86)\unhackme\unhackme.exe | 1
    [11-04-2020 09:39:39] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\program files (x86)\unhackme\unhackme.exe
    [11-04-2020 09:39:47] [DEBUG] – UpdateDownloader::Download complete. Canceled=False, Error=No
    [11-04-2020 09:39:51] [INFO ] – IsProcessInCurrentWhiteList: c:\users\owner\appdata\local\temp\installvoodooshield.exe | 0
    [11-04-2020 09:39:55] [INFO ] – Queried Database for c:\users\owner\appdata\local\temp\installvoodooshield.exe
    [11-04-2020 09:39:55] [INFO ] – VoodooAi scan: True | False | 0 |
    [11-04-2020 09:39:55] [INFO ] – VoodooAi scan: c:\users\owner\appdata\local\temp\installvoodooshield.exe
    [11-04-2020 09:40:17] [INFO ] – Process allowed by VoodooShield Update: c:\users\owner\appdata\local\temp\installvoodooshield.exe
    [11-04-2020 09:40:17] [INFO ] – Update requested. Exiting.
    [11-04-2020 09:41:12] [INFO ] – *************************** User started VS 6.06 ***************************
    [11-04-2020 09:41:33] [INFO ] – The Windows Defender Firewall Service is running.
    [11-04-2020 09:41:44] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\program files (x86)\unhackme\unhackme.exe
    [11-04-2020 09:41:50] [INFO ] – The Windows Defender Firewall Service is running.
    [11-04-2020 09:42:29] [INFO ] – The Windows Defender Firewall Service is running.
    [11-04-2020 09:42:46] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\program files (x86)\unhackme\unhackme.exe
    [11-04-2020 09:43:26] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\windows\syswow64\dllhost.exe
    [11-04-2020 09:43:33] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\windows\system32\openwith.exe
    [11-04-2020 09:43:39] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\windows\system32\notepad.exe

     

     

     

    0
    0
    Geri123
    Participant
    none
    @Dan just installed the latest stable 6.06 and the popup is back….
    Update was done via VS “internal” updateprocess.

     

    • This reply was modified 4 weeks ago by Geri123.
    Attachments:
    0
    0
    Geri123
    Participant
    none
    Btw how about an option to check for updates “weekly” or snooze for 1-5 days or so?
    0
    0
    Geri123
    Participant
    none
    And another one with Windows own stuff.

    After 5 minutes and still “analyzing” I used the “get second opinion” and got a result and a VT rescan in way under 1 minute.

    Btw 6.06 still got the popups for the powershell block for compatibility runner for me.

    Edit: No clue how to delete duplicate picture 😀

     

    • This reply was modified 3 weeks, 5 days ago by Geri123.
    0
    0
    Tarnak
    Participant
    Resource usage went overboard for awhile, see  2nd and 3rd screenshots, especially:

     

     

    0
    0
    Jasper The Rasper
    Participant
    GB
    This new build is working great for me Dan.
    Webroot® SecureAnywhere® Complete Beta Tester v9.0.27.55 - VoodooShield v5.78 Beta - Glasswire Firewall Elite  - Microsoft Windows Insider MVP
    1
    0
    Dan
    Keymaster
    US
    Hey Guys, sorry I have been away, I have been finishing up the CommandLineCloud feature, and it is fully up and running now, so command line blocks should be few and far between now.

    In this version, the MpSigStub.exe issue is fixed, along with a fix for when a firewall was blocking WLC and VoodooAi.

    VS 6.06a
    https://voodooshield.com/Download/InstallVoodooShield606a.exe
    SHA-256: 22e504f453955d8ca54a1e0157f95168295d00751fdf5f310de5dcd891365589

    Thank you guys!

    0
    0
    Baldrick
    Participant
    none
    Hi Dan

    Thanks for that. Will be installing very soon and as per usual will post back if I come across any issues…not that I am expecting to…

    Regards, Baldrick

    0
    0
    Tarnak
    Participant
    I did an over the top install, but it seems to not have gone well. CPU usage abnormal. Refer to recent post mentioning this.

     

     

     

     

     

    0
    0
Viewing 15 replies - 271 through 285 (of 314 total)
  • You must be logged in to reply to this topic.