VoodooShield discussion

Status
Not open for further replies.

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Right. I should have seen that, sorry.
Well, It looks like you had a double bug there, because just I reinstalled VS 4.00b, and I have no problem clicking on links in Outlook 2016, they open just fine for me in Chrome
Maybe because i'm using the Chrome Enterprise version?
From mister x (at wilders)
Differences between Consumer and Enterprise versions
1. Enterprise lands in Program Files (x86) even though x64 is used, while Consumer in AppData.
2. In a multi-user scenario, msi installs Chrome for all users by default.

Here are a couple other features you should be aware of:
1. If a user already had the Consumer version installed and you push out the Enterprise edition to their machine, the next time they launch the Consumer edition it will detect that the Enterprise edition is installed. After displaying an explanatory message to the user, the Consumer edition uninstalls itself, the user's Chrome shortcuts are updated and the Enterprise edition is launched.
2. The user's personal settings from the Consumer edition will be picked up by the Enterprise edition, as long as the version number of the Enterprise edition is greater or equal to the Consumer edition.

FAQs (Enterprise version)
Frequently Asked Questions - The Chromium Projects

Policy List for Enterprise version: Policy List - The Chromium Projects
 

paulderdash

Level 6
Verified
Well-known
Apr 28, 2015
271
Installed 4.00b on two machines after a full Revo Uninstall of 3.59b.

On one machine, VS consistently does not start although service is set to 'automatic'. Have to start manually. Should I reinstall?

Only other problem is occasional high CPU usage +/- 25% on same machine, +/- 13% on other machine.
 

blueblackwow65

Level 23
Verified
Well-known
Dec 19, 2012
1,243
at this time I am getting cpu usage at 3% max for now and 20 megs ram ,hope it stays in that range.
 

boredog

Level 9
Verified
Jul 5, 2016
416
Could someone check something for me?
Right click on the VS icon on desktop, click on rules, at top it shows number of rules you have. Now left click on the number of rules and see if the screen changes to number of threats blocked. Then go back to the rules tab and on my machine instead of the number of rules created, it shows threats blocked.
You can also go to main GUI, click on rules, click on one of the other tabs such as advanced or any other, then the rules are reset to show threats again.
The rules themselves don't disappear.
 

boredog

Level 9
Verified
Jul 5, 2016
416
CPU
 

Attachments

  • ScreenHunter_82 Sep. 05 11.18.jpg
    ScreenHunter_82 Sep. 05 11.18.jpg
    8.5 KB · Views: 483

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Installed 4.00b on two machines after a full Revo Uninstall of 3.59b.

On one machine, VS consistently does not start although service is set to 'automatic'. Have to start manually. Should I reinstall?

Only other problem is occasional high CPU usage +/- 25% on same machine, +/- 13% on other machine.
This will fix the startup prob:

@scootnod said:
It looks like if you uninstall the old version before installing the 4.0 beta version it removes the registry key C:\Program Files\VoodooShield\VoodooShield.exe from HKLM-Software-Microsoft-Windows-CurrentVersion-Run.
You can manually add it back by creating a new String Value called VoodooShield with the value C:\Program Files\VoodooShield\VoodooShield.exe in this location.
 

askmark

Level 12
Verified
Top Poster
Well-known
Aug 31, 2016
578
@danb

All working normally except for high cpu usage of main exe: 25-30% constantly. If i reboot, then initially cpu is less than 5%, but after opening and closing applications it rises, reaches 30% and never drops again.
I've checked process activity for voodooshield.exe in Process Hacker and there are 5 threads (mscorlib.dll) running approx 5% cpu each.
I've uninstalled VS, removed the ProgramData\Voodooshield folder, and reinstalled, but it has not made any difference. This is on Windows 8.1.
 

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
@danb

All working normally except for high cpu usage of main exe: 25-30% constantly. If i reboot, then initially cpu is less than 5%, but after opening and closing applications it rises, reaches 30% and never drops again.
I've checked process activity for voodooshield.exe in Process Hacker and there are 5 threads (mscorlib.dll) running approx 5% cpu each.
I've uninstalled VS, removed the ProgramData\Voodooshield folder, and reinstalled, but it has not made any difference. This is on Windows 8.1.
Did you tried disabling scanning of child processes like Dan asked here?
VoodooShield discussion
 

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
You don't even need VS rules, because you already have custom folders, if you are on the paid version. But I am sure you already knew that. Are you trying to do something specific that only rules can do? Just curious.

I try the free version (not the paid one), want to know if i can suggest to others friends for free.
Creating rules is able in free version?
 

VecchioScarpone

Level 6
Verified
Well-known
Aug 19, 2017
278
Installed 4.00b on two machines after a full Revo Uninstall of 3.59b.

On one machine, VS consistently does not start although service is set to 'automatic'. Have to start manually. Should I reinstall?

Only other problem is occasional high CPU usage +/- 25% on same machine, +/- 13% on other machine.
@mekelek reckon that %appdata% does not get deleted when deleting VS Program data folder with Revo. I did notice that Revo even after advanced scan removal leave things in the computer. I used Everything search tool to scan afterward and manually removed the remnants leftovers.
Without Everything I wouldn't know how to access the leftover files.
 

codswollip

Level 23
Content Creator
Well-known
Jan 29, 2017
1,201
I'm guessing Dan is doing tricks behind the scenes as my Event Viewer errors have ceased, and all is OK when I set the service to Automatic (Delayed Start) much like v3.59. I've rebooted several times today and things seem stable.

FWIW, I have not disabled scanning of child processes and CPU is 0.1% to 0.4%, so no major worries there for me.

My wish list item for the Management Console... that we could multi-select items for deletion (if that is already available, I'm not figuring it out). As an individual user, I don't see the advantage of the console. Maybe someone more astute can clue me in.

I'd also like to see true full-screen capability for user log/whitelist/command line... not a major issue, but helpful when reviewing/editing entries.
 

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
I'm guessing Dan is doing tricks behind the scenes as my Event Viewer errors have ceased, and all is OK when I set the service to Automatic (Delayed Start) much like v3.59. I've rebooted several times today and things seem stable.

FWIW, I have not disabled scanning of child processes and CPU is 0.1% to 0.4%, so no major worries there for me.

My wish list item for the Management Console... that we could multi-select items for deletion (if that is already available, I'm not figuring it out). As an individual user, I don't see the advantage of the console. Maybe someone more astute can clue me in.

I'd also like to see true full-screen capability for user log/whitelist/command line... not a major issue, but helpful when reviewing/editing entries.
Yeah, I am getting close ;). Believe it or not, we are in much, much better shape than I initially thought we would be. I figured we would have at least 50-100 bugs to work out, but really there are only around 10 or so total. The error reporting system really worked out well... it is exposing little bugs that I am sure have been around a while, and typically, they are very easy and quick to fix.

When I released the initial version the other day, I had ran VS 4.0 for 3 or so days, with zero, and I mean zero errors. But since there were sooo many massive changes, it was inevitable that we were going to have some bugs. See, VS has always been kind of cobbled together, but what I did was go through all of the code and unify everything... it really needed it. I mean, VS 3.59 was very stable, but the code really needed to be completely redone so that it is more maintainable in the future. It will also be a lot faster and easier to add new features in the future.

Yeah, the web management console will have a lot of new features very soon. We had to wait until I was finished with VS 4.0 before we could add all of the features, but they will be very quick and easy to add.

Sorry I have still not been able to reply to any emails, pms or posts... but I will catch up as soon as VS 4.0 is stable, which should be this week. Things are going really well.

Here are the remaining bugs...

I believe the registration issue is fixed in VS 4.01, which I will release either tonight or tomorrow at the latest. It is ready, but I just want to do a little more testing. Anyway, if the there are any other registration issues, then I will see if Alex can take a look at it... he is the one who wrote all of that code, and is much more familiar with it than I am. He is just kind of busy right now, but will be free soon.

The only remaining bug that has been difficult to fix (so far) is the one where VS does not start with the VoodooShieldService on startup. That code really should work... it is actually some well known code that a lot of people use from github, although a few other devs have had the same issue that we had with the token. See, most of the VS code is custom, but sometimes it is better to use time tested code and libraries for certain functions or tasks. In this case, I needed some code that would start a GUI process from a service, and instead of writing it all from scratch, it is better to use code that you know that works.

BTW, whoever is having an issue with VS not starting on startup, can you please post the following info?

Is UAC enabled?
Are you running as a limited user?
What other security software are you running?

The regedit fix that you guys came up with is cool because it will work as a temporary fix, but we need to fix this permanently, so that the GUI starts from the service. Otherwise, when multiple users log in and out, VS will not start... along with other issues. Anyway, if we cannot find a fix for the token issue, we have a couple of other options.

Thank you guys for tracking down the high CPU utilization bug... I have not looked at it yet, but if you guys have it narrowed down that far, it should be a 5 minute fix.

I will try to catch up on some posts, pms and emails asap, thank you guys!
 

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
Why did Dan get barred from Wilders?
I am actually quite disappointed how things were handled... especially how all of the members have been kept in the dark.

You guys have the right to know exactly what happened, and if you ask me, you should demand that the story be told.

For me, it is quite simple. I was no longer willing to put up with my posts being edited and deleted by someone with an agenda, so I stood up for myself. Basically, nothing was being done about the trolling that I was experiencing, so I was going to end it one way or another.

You cannot disrespect and silence someone year after year, start an argument with them, then delete their post when they prove you wrong, and then not expect them to react.

I believe all involved parties should write an open letter so everyone can understand what really happened.

Either way, believe me, you guys are going to know what happened very soon.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top