VoodooShield discussion

[lowdetection]

Yesterday when the problem that dan fixed arised, I have had deregistration with the token still inside AppData, and cannot Shutdown nor Reboot the PC, I needed to force hardware shutdown through main power button. Something on the server side, not on host. Last time I have had similar problem using ESET Antivirus, was with WinAntiRansom and was a driver Kernel Incompatibility with ESET, given the fact that I use VodooShield everyday from 2 years alongside ESET I think was only server releated, anyway is under my http debugger for monitoring 24/24

 

[danb]

Yesterday when the problem that dan fixed arised, I have had deregistration with the token still inside AppData, and cannot Shutdown nor Reboot the PC, I needed to force hardware shutdown through main power button. Something on the server side, not on host. Last time I have had similar problem using ESET Antivirus, was with WinAntiRansom and was a driver Kernel Incompatibility with ESET, given the fact that I use VodooShield everyday from 2 years alongside ESET I think was only server releated, anyway is under my http debugger for monitoring 24/24

Yeah, this is the issue that happened last night with our account. I have no idea how long it was actually down, but I know it was up when I went to bed last night, so I am guessing 2-6 hours. This would explain the slow as molasses as well. Anyway, it is fixed now.

FYI... what happened with our Azure account is that we have a spending limit on it. We are charged for a lot of different items on the account, and a lot of it depends on how much it is used. Well, we hit the spending limit last night, so the server was shutdown. Eventually I will be moving everything to our new server, which is finally installed in the data center... I just have not had time to do so.

I think you guys have provided me with enough info on the token issue that it should be easy to fix. I hope to be able to get to it tonight, but I will want to test to verify that it really is fixed.

Beta tests are always rough, so if you do not want to deal with the headaches, by all means, please run 3.59 for a couple more weeks until these last few bugs are fixed.

Thank you guys for your help!

 

[Windows_Security]

Mhh I might have a wrong image of V3, because I was eagerly waiting for it. It seemed V3 was 95% of the one fix away from stable. Cross my fngers for V4, hope it will land soon.

 

[danb]

Mhh I might have a wrong image of V3, because I was eagerly waiting for it. It seemed V3 was 95% of the one fix away from stable. Cross my fngers for V4, hope it will land soon.

Hey Kees... 3.59 has been very stable for a very long time now... I have hundreds of local clients who literally never have a problem, and many more worldwide.

I am actually surprised that VS 3.0 and 4.0 are as stable as they are, considering all of the features they offer...

Toggling protection / code changes with all modes, full next-gen Ai, automated vulnerable process protection, automated command line whitelisting, installer detection, VoodooAi cloud lookups, blacklist scanner, user recommendations, web management console, automatic quarantine based on file insight, custom folders, rules wizard, cuckoo sandbox and local sandbox... and much, much more .

Besides, this applies to all software. If you want to advance your software and stay relevant, you have to make changes. And when you make changes, you have bugs.

Don't worry... a permanent fix is on the way .

 

[madirish]

Had something strange happen-had to download a new video card driver from MS (had VS turned off) and after the driver was installed and system rebooted I was hit with the register VS.Before installing the new driver I know I rebooted this pc 2 times today and had no register VS. Very strange.

 

[_CyberGhosT_]

Had something strange happen-had to download a new video card driver from MS (had VS turned off) and after the driver was installed and system rebooted I was hit with the register VS.Before installing the new driver I know I rebooted this pc 2 times today and had no register VS. Very strange.

Reading the thread will help, to keep it short, its a known issue and being worked on brother, good idea to read the thread while you wait, just a bit of helpful advise, take it or leave it

 

[simmerskool]

It's not just with win 7. Also on win 10, the system is not quite as responsive as one might hope.

fwiw, my win7_64 does not seem to be "gummed up," although lately I do have the re-registration problem.

 

[gorblimey]

fwiw, my win7_64 does not seem to be "gummed up,"

If I have time to pick up my coffee, drink, and set it down... The system is gummed up. That really is the difference between 3.59 and 4.09.

The box is only an i5-2400 @3.1GHz Sandy Bridge, but on VS 3.59 it really is quite snappy.

 

[codswollip]

It's not just with win 7. Also on win 10, the system is not quite as responsive as one might hope.

I had an incident yesterday. VS threw a notification about some randomly named file in AppData's temp directory. By the time I got to the location the file was gone and so was the notification window. At that point, my system crawled. It took around a minute to open browsers, file explorer, ... basically anything. A reboot was unhelpful and I had to re-image the OS partition to restore responsiveness. I can't say for 100% that VS was the culprit but it seemed coincidental with the notification. This is the first time I've seen that. After re-imaging, I left VS off for the remainder of the day. Today, it's back running and hopefully, things will remain stable.

 

[shmu26]

I had an incident yesterday. VS threw a notification about some randomly named file in AppData's temp directory. By the time I got to the location the file was gone and so was the notification window. At that point, my system crawled. It took around a minute to open browsers, file explorer, ... basically anything. A reboot was unhelpful and I had to re-image the OS partition to restore responsiveness. I can't say for 100% that VS was the culprit but it seemed coincidental with the notification. This is the first time I've seen that. After re-imaging, I left VS off for the remainder of the day. Today, it's back running and hopefully, things will remain stable.

Maybe Windows was doing automatic maintenance, and everything got gummed up?

 

[shmu26]

Maybe Windows was doing automatic maintenance, and everything got gummed up?

If you reimaged to the same build of Windows as before, try running Windows maintenance, and when you get the prompt for dismhost or whatever, allow it and check to make sure it was properly whitelisted.
If you reimaged to an earlier build of Windows, the event will probably not reoccur.

 

[danb]

Oops… I think I just figured out why VS 4.0 might have some issues with some VPNs. This is just a theory at this point because I just noticed this.

I just now launched TunnelBear and VS blocked an item and told me that an internet connection was not detected. So I imagine that TB is temporarily causing VS to think that the computer is not connected to the internet. When this happens, VS automatically blocks the item and does not even bother with blacklist or VoodooAi scans.

I really think the best thing for me to do is to explain each of the remaining bugs in detail, so you can see exactly what is going on, and see why they are essentially impossible to avoid (you kind just have to let them rear their ugly heads), and why they are difficult to reproduce and isolate. Once we can reproduce a bug, it is almost always super simple to fix. Just please keep in mind that there are going to be odd ass errors like this... there is NO way around it.

Also, FYI… VS should not be scanning any item that is already whitelisted with the blacklist or VoodooAi. If it is, please let me know how to reproduce this scenario. Thank you guys… I am trying to get 4.10 to you guys asap.

 

[danb]

Ok, here is 4.10b...

If the token does not stay in the C:\ProgramData\VoodooShield directory, or if one of the cleanup utilities deletes it, or basically if you have any more registration issues, please let me know!

I also added the new dismhost files, fixed the settings clear userlog / quarantine button, and also made a lot of progress on command line blocks.

www.voodooshield.co/Download/InstallVoodooShield410beta.exe

Thank you guys!

Edit: Depending one where the token was before, you might have to register one last time. If VS is not running extremely smooth, please exit out of VS and delete all of the .db files in the C:\ProgramData\VoodooShield directory... it can make a HUGE difference, and once VS 4.0 is finalized, you will not have to do this again.

 

[shmu26]

I installed VS 4.10b on Win 10, after I deleted db files, and I was a little confused by its behavior. Details were sent by email.

 

[codswollip]

I installed VS 4.10b on Win 10, after I deleted db files, and I was a little confused by its behavior. Details were sent by email.

Care to share? I'm a bit leery to jump on 4.10 hearing this.

 

[shmu26]

Care to share? I'm a bit leery to jump on 4.10 hearing this.

Sorry, I didn't mean it to sound leery. It seemed to me like VS was whitelisting totally safe files, but not prompting about them as I had expected. I probably needed a cup of coffee when I tested it, so I am looking forward to hear what other users have to say.

 

[danb]

Hehehe, sure, VS has had some minor annoying bugs, but I promise, it is not going to bork your system or cause BSOD, or anything like that .

I talked to shmu26 through email... basically, if a user manually adds a malicious script to Windows startup, VS will not block it. But if an actual malicious attack attempts to do so, VS will block the executable, script or command line long before it has a chance to add itself to Windows startup.

 

[FrFc1908]

Thanks once again this release , your time and effort to make this one hell of rocksolid Little program will install tonight and see how it plays next to bullguard and mbae...

 

[shmu26]

Sorry, I didn't mean it to sound leery. It seemed to me like VS was whitelisting totally safe files, but not prompting about them as I had expected. I probably needed a cup of coffee when I tested it, so I am looking forward to hear what other users have to say.

Okay, Dan explained to me the behavior I was seeing. I would have needed two cups of coffee at least, to figure it out on my own. Has to do with parent/child permissions, advanced snapshot, and more. All is quiet now on the western front.

 

[codswollip]

please exit out of VS and delete all of the .db files in the C:\ProgramData\VoodooShield directory

Is it OK after doing this to import settings/whitelist into 4.10, or must we build these again.

EDIT1: Just curious, but why the popup window to move the shield, or for that matter, why the "Move" menu item instead of click/hold/drag?