VoodooShield 5.70

Forums VoodooShield Support Forum VoodooShield Releases VoodooShield 5.70

  • Post
    Dan
    Keymaster
    US
    Hey Guys, VoodooForums is not working well at all.  It is built on wordpress / bbpress and I have read that these types of issues are typical with bbpress.

    So I updated the entire site and started this new topic to see if it is working better.  If not, we will either have to chose another platform, or maybe since most of the development and debugging for VS is finished, we figure out another way to communicate.

    BTW, I just checked my PM’s and it seems as though I missed a lot of PM’s the last 5 months, sorry about that.  I always forget to check my PM’s anyway, so it is best to email me at support at voodooshield.com.

    Anyway, let’s try this thread and see how it does now that everything is updated.

    Thank you guys!

    3
    0
Viewing 15 replies - 316 through 330 (of 411 total)
  • Replies
    Dan
    Keymaster
    US
    That is really odd Krusty, thank you for letting me know!  Can you please send me your DeveloperLog?  There has to be a very simple explanation for this, I will start thinking about what we need to do to isolate this bug.  Do you have a link to the Weather Tracker download?  I will install it on my main computer.  Since I have to constantly uninstall and reinstall VS or reset everything, the bug should appear pretty quick.
    0
    0
    Krusty
    Participant
    AU
    Hey Dan,

    Please check your emails… one may end up in your Spam folder.

    Cheers,
    K

    _______________________________________________________
    • Windows 10 x64 20H2
    • Mint Cinnamon 20.1
    0
    0
    Dan
    Keymaster
    US
    Thank you Krusty!

    Hey guys, here is the latest version that includes a few minor bug fixes / refinements that you guys have found, and a few that I always wanted to fix but never got around to doing so.

    1. VS will now only display the digital signature file insight for files that can actually be digitally signed. It kind of worked this way before, but VS’s list of signable files included files (mainly scripts) that could not actually be signed. (Thank you McMcbrad!)

    2. Some of the WhitelistCloud file types did not scan correctly for manual scans (and possibly on execution scans), but this is fixed now.

    3. VS Free users are now limited to creating 3 Rules. I also removed the Rule combo box in the user prompt for Free uses so they do not think it somehow magically disappeared. (Thank you Lenny_Fox!)

    4. The countdown timer in the user prompt is now fixed. Users used to be confused why the countdown would pause at times (due to the mouse hovering on the user prompt), so now it should make more sense to the end user.

    5. The VoodooShield Rules should be just about right now, but if you guys find anything, please let me know!

    6. Several other small minor refinements

    None of these changes should affect the results of the current Malware Hub tests, except for possibly the #2 item above (and it would be a minor issue if it did).

    VS 6.06d
    https://voodooshield.com/Download/InstallVoodooShield606d.exe
    SHA-256: f1a21862697589291d7d17511975bfdc291b238672c5f107668502d597c428c6

    Thank you guys!

    0
    0
    gorblimey
    Participant
    none
    Hi Dan – Just had a look at the Malware Hub test…  FWIW, I still use Java for two apps, notably an oldish Universal Media Server.  What’s worse is that the JRE is (in IT terms) VERY old, mostly because the UMS version is also getting to be geriatric.  And I’m sure I’m not the only one either.

    (As long as something is working properly, I won’t upgrade unless forced to.)

    I guess your take-away is that old malware problems never die, they don’t even have the decency to fade away!  The good news is, 😀 you don’t enumerate malware! 🙂 so keeping old tech under surveillance is just as easy as dealing with new tech.  Which is why I like VS so much.

    _________________________________

    Understanding the scope of the problem is the first step on the path to true panic. [Florence Ambrose, "Freefall"]
    0
    0
    Triple Helix
    Participant
    CA
    Dan the last 2 versions I keep getting these pop-ups again!

     

     

    Microsoft® Windows Insider MVP - Windows Security - VoodooShield Pro - Webroot SecureAnywhere Complete - Glasswire Elite
    0
    0
    Dan
    Keymaster
    US

    gorblimey: Hi Dan – Just had a look at the Malware Hub test…  FWIW, I still use Java for two apps, notably an oldish Universal Media Server.  What’s worse is that the JRE is (in IT terms) VERY old, mostly because the UMS version is also getting to be geriatric.  And I’m sure I’m not the only one either.

     

    (As long as something is working properly, I won’t upgrade unless forced to.)

    I guess your take-away is that old malware problems never die, they don’t even have the decency to fade away!  The good news is, 😀 you don’t enumerate malware! 🙂 so keeping old tech under surveillance is just as easy as dealing with new tech.  Which is why I like VS so much.

    The way I see it, if a file is able to execute on your machine, it is not old malware ;).  Old malware would be 16 bit samples that are unable to execute on your machine ;).  I think we would all be surprised how often malcoders use old IDE’s to build their malware, and how much effort they might put in to distinguishing their malware from new samples, simply because they know that a lot of modern security products do not look for these types of files.  Just a guess ;).

    1
    0
    Dan
    Keymaster
    US

    Triple Helix: Dan the last 2 versions I keep getting these pop-ups again!

     

     

     

    Hey TH!  I added a few new vulnerable apps the other day, so this is why this is happening.

    All you have to do is go to VoodooShield Settings / Advanced tab and uncheck the “updater” vulnerable app.  Or you can just manually allow that file and VS should remember it.  If for some reason it does not please let me know!

    0
    0
    Triple Helix
    Participant
    CA
    Well it’s not remembering? Now I unchecked from the list so we will see what happens.

     

    [12-06-2020 17:18:18] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:18] [INFO ] – Process blocked by initial AntiExploit stage: c:\windows\system32\conhost.exe
    [12-06-2020 17:18:18] [INFO ] – User Prompt: c:\windows\system32\conhost.exe | 0 |
    [12-06-2020 17:18:18] [INFO ] – VoodooShield Blocked: c:\windows\system32\conhost.exe | c:\windows\system32\conhost.exe 0xffffffff -forcev1 | c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:18] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:18] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:18] [INFO ] – Process blocked by initial AntiExploit stage: c:\windows\system32\conhost.exe
    [12-06-2020 17:18:18] [INFO ] – User Prompt: c:\windows\system32\conhost.exe | 0 |
    [12-06-2020 17:18:18] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:18] [INFO ] – Process blocked by initial AntiExploit stage: c:\windows\system32\conhost.exe
    [12-06-2020 17:18:18] [INFO ] – User Prompt: c:\windows\system32\conhost.exe | 0 |
    [12-06-2020 17:18:18] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:18] [INFO ] – Process blocked by initial AntiExploit stage: c:\windows\system32\conhost.exe
    [12-06-2020 17:18:18] [INFO ] – VoodooShield Blocked: c:\windows\system32\conhost.exe | c:\windows\system32\conhost.exe 0xffffffff -forcev1 | c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:18] [INFO ] – User Prompt: c:\windows\system32\conhost.exe | 0 |
    [12-06-2020 17:18:19] [INFO ] – Process blocked by initial AntiExploit stage: c:\windows\system32\conhost.exe
    [12-06-2020 17:18:19] [INFO ] – User Prompt: c:\windows\system32\conhost.exe | 0 |
    [12-06-2020 17:18:19] [INFO ] – VoodooShield Blocked: c:\windows\system32\conhost.exe | c:\windows\system32\conhost.exe 0xffffffff -forcev1 | c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:31] [INFO ] – User Allowed: c:\windows\system32\conhost.exe | c:\windows\system32\conhost.exe 0xffffffff -forcev1 | c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:31] [INFO ] – VoodooShield Blocked: c:\windows\system32\conhost.exe | c:\windows\system32\conhost.exe 0xffffffff -forcev1 | c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:32] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:32] [INFO ] – Process blocked by initial AntiExploit stage: c:\windows\system32\conhost.exe
    [12-06-2020 17:18:32] [INFO ] – User Prompt: c:\windows\system32\conhost.exe | 0 |
    [12-06-2020 17:18:32] [INFO ] – VoodooShield Blocked: c:\windows\system32\conhost.exe | c:\windows\system32\conhost.exe 0xffffffff -forcev1 | c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:34] [INFO ] – User Allowed: c:\windows\system32\conhost.exe | c:\windows\system32\conhost.exe 0xffffffff -forcev1 | c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:35] [INFO ] – User Allowed: c:\windows\system32\conhost.exe | c:\windows\system32\conhost.exe 0xffffffff -forcev1 | c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:41] [INFO ] – User Allowed: c:\windows\system32\conhost.exe | c:\windows\system32\conhost.exe 0xffffffff -forcev1 | c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:41] [INFO ] – VoodooShield Blocked: c:\windows\system32\conhost.exe | c:\windows\system32\conhost.exe 0xffffffff -forcev1 | c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:42] [INFO ] – User Allowed: c:\windows\system32\conhost.exe | c:\windows\system32\conhost.exe 0xffffffff -forcev1 | c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 17:18:46] [INFO ] – User Allowed: c:\windows\system32\conhost.exe | c:\windows\system32\conhost.exe 0xffffffff -forcev1 | c:\programdata\logishrd\logioptions\software\current\updater.exe

     

    [12-06-2020 20:45:18] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 20:45:18] [INFO ] – Process was manually allowed previously: c:\windows\system32\conhost.exe
    [12-06-2020 20:45:18] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 20:45:18] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 20:45:18] [INFO ] – Process was manually allowed previously: c:\windows\system32\conhost.exe
    [12-06-2020 20:45:18] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 20:45:18] [INFO ] – Process was manually allowed previously: c:\windows\system32\conhost.exe
    [12-06-2020 20:45:18] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 20:45:18] [INFO ] – Process was manually allowed previously: c:\windows\system32\conhost.exe
    [12-06-2020 20:45:19] [INFO ] – Process was manually allowed previously: c:\windows\system32\conhost.exe
    [12-06-2020 20:45:19] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\program files (x86)\google\update\googleupdate.exe
    [12-06-2020 20:45:20] [INFO ] – Process allowed by Current Whitelist Snapshot: c:\programdata\logishrd\logioptions\software\current\updater.exe
    [12-06-2020 20:45:20] [INFO ] – Process was manually allowed previously: c:\windows\system32\conhost.exe
    [12-06-2020 20:46:11] [INFO ] – The Windows Defender Firewall Service is running.

    Microsoft® Windows Insider MVP - Windows Security - VoodooShield Pro - Webroot SecureAnywhere Complete - Glasswire Elite
    0
    0
    Dan
    Keymaster
    US
    Hey TH, yeah there are multiple conhost entries because they are from different parent processes.

    Can you please send me a link to download the software that is being blocked so I can test to see why it is not remembering?  Thank you!

    0
    0
    Dan
    Keymaster
    US
    Hey guys,

    Here is the latest, here is what changed…

    1. Added encryption of quarantined files (thanks Harlan!)

    2. Fixed a bug that Krusty found in the WLC Firewall feature

    VS 6.06e
    https://voodooshield.com/Download/InstallVoodooShield606e.exe
    SHA-256: c6721bdb861b9c772f1e1edf67686d75cecd9fe3d0fafb9e264d55b548013b80

    Have a great week, thank you guys!

    1
    0
    Triple Helix
    Participant
    CA
    Here yea go Dan it’s for my Wireless Mouse: https://www.logitech.com/en-us/product/options
    Microsoft® Windows Insider MVP - Windows Security - VoodooShield Pro - Webroot SecureAnywhere Complete - Glasswire Elite
    0
    0
    Dan
    Keymaster
    US
    Thank you TH!  Did you try to uncheck the updater app in VoodooShield Settings / Advanced tab?

    Hey guys, here is 6.07, it should be ready for public release but if you guys find anything please let me know!  The bug that OS found is fixed also.

    VS 6.07
    https://voodooshield.com/Download/InstallVoodooShield607.exe
    SHA-256: dd8bb942ff26ca9b12fe0f182b768108905c70212f7ae831555a1c30be65ec62

    Thank you guys!

    0
    0
    HempOil
    Participant
    CA
    Hi Dan,

    Updated to 6.07. No issues experienced.

    Windows 10 Home 64-bit, version 20H2, build 19042.630 (hyper-threading disabled).
    Comodo Firewall 12.2.2.7062.
    Microsoft Defender Antivirus.
    HMP.A 3.8.8 Build 889RC & HMP 3.8.20 b314 (64-bit).
    VoodooShield 6.07.
    Google Chrome 87.0.4280.88 (Official Build) (64-bit) run in Comodo sandbox.
    0
    0
    Baldrick
    Participant
    none

    HempOil: Hi Dan,

     

    Updated to 6.07. No issues experienced.

    Hi Dan

    Ditto here…and as per udsual…all running tickety boo here as a result.

    Regards, Baldrick

    0
    0
    Mr.GumP
    Participant
    none
    6.07 installed over the top and working great
    0
    0
Viewing 15 replies - 316 through 330 (of 411 total)
  • You must be logged in to reply to this topic.