Author Topic: VoodooShield Beta Thread  (Read 6859 times)

Offline Triple Helix

  • Administrator
  • Full Member
  • *****
  • Posts: 188
  • Troll Hunter
    • View Profile
    • Webroot Community
VoodooShield Beta Thread
« on: July 14, 2015, 05:58:22 pm »
Quote from: VoodooShield
I think this version is ready for public release, but if you guys find anything, please let me know. Thank you!

http://www.voodooshield.com/freeoffer/Install%20VoodooShield.2.74%20beta.exe
« Last Edit: July 17, 2015, 05:09:41 pm by Triple Helix »
Triple Helix

Microsoft® Windows Insider MVP -Windows Security
Webroot SecureAnywhere Expert Product Advisor & Gold VIP

Offline Triple Helix

  • Administrator
  • Full Member
  • *****
  • Posts: 188
  • Troll Hunter
    • View Profile
    • Webroot Community
Re: VoodooShield Beta Thread
« Reply #1 on: July 17, 2015, 04:48:41 pm »
Quote from: VoodooShield
Hehehe, sorry I have been away... I got a little carried away with the new features ;).  The Cuckoo Sandbox is pretty much ready, although we will want to refine and tweak it a little in the next few days.  There is still a little more work to do on the KMD, but it is getting there.  I might even take a little break for a few days before finishing that up.

Here is the latest version with the Cuckoo Sandbox integration.  So far I have not been able to get it to work with XP (and it may not ever), but it seems to work great with everything else.  So if you are running XP, there is no reason to upgrade to this version.

This version is all about the Cuckoo Sandbox / Remote Sandbox.  So either drag and drop a file, or have VS block a file, then choose “Sandbox”, then “Cuckoo”.

If you want to watch the analysis in real-time, in a remote desktop session, just make sure you check the option “Watch Cuckoo Sandbox analysis in a Remote Desktop session in real-time”, before you click the “Cuckoo” button. I was going to have it enabled by default, but I did not want to scare one of our other users that have no idea about the RDP features ;).  Besides, the more bandwidth (among other things) we can conserve, the better.

Version 2.77 Beta: http://www.voodooshield.com/Download/beta/InstallVoodooShieldbeta.exe

I have not tested the Cuckoo server other than just running internal tests, but I think it will do quite well.  It estimates that it can perform 13,000+ analysis per day (or 525+ per hour), but I guess we will see ;).  For now I limited the RDP sessions to 1 every 5 minutes, just to make sure I did not overlook something... and we end up crashing the server ;).  There are a lot of "moving parts" between VS and the Cuckoo Sandbox, and a lot of things that could potentially go wrong, but I think everything is pretty darn stable at this point.  Hopefully there will not be any firewall issues, but I think since it is just a standard RDP, it should be fine.

Hopefully I will be able to catch up on the posts I have missed this weekend... then after these last few features are finished, hopefully things will go back to normal.  Thank you, talk to you soon!
« Last Edit: July 20, 2015, 12:05:31 am by Triple Helix »
Triple Helix

Microsoft® Windows Insider MVP -Windows Security
Webroot SecureAnywhere Expert Product Advisor & Gold VIP

Offline Baldrick

  • Most Valuable Member
  • Youngling
  • *
  • Posts: 1
    • View Profile
Re: VoodooShield Beta Thread
« Reply #2 on: August 07, 2015, 06:21:26 pm »
I is here... ;) ;D

Offline Triple Helix

  • Administrator
  • Full Member
  • *****
  • Posts: 188
  • Troll Hunter
    • View Profile
    • Webroot Community
Triple Helix

Microsoft® Windows Insider MVP -Windows Security
Webroot SecureAnywhere Expert Product Advisor & Gold VIP

Offline ProTruckDriver

  • Most Valuable Member
  • Youngling
  • *
  • Posts: 9
    • View Profile
    • Webroot Forum
Re: VoodooShield Beta Thread
« Reply #4 on: September 16, 2015, 03:34:24 am »

Offline Jasper The Rasper

  • Administrator
  • Jr. Member
  • *****
  • Posts: 69
    • View Profile
Re: VoodooShield Beta Thread
« Reply #5 on: September 16, 2015, 09:02:51 pm »

Offline Triple Helix

  • Administrator
  • Full Member
  • *****
  • Posts: 188
  • Troll Hunter
    • View Profile
    • Webroot Community
Re: VoodooShield Beta Thread
« Reply #6 on: October 02, 2015, 08:49:13 pm »
VoodooShield 3.00 Beta Release

Hello, I'm glad to announce that the first 3.00 Beta version of VoodooShield is ready and available for downloading and trying.
You can download it from https://voodooshield.com/Download/beta3/InstallVoodooShield.exe
It's recommended to turn off or uninstall any old versions of VoodooShield prior to installing the new version.

System requirements:

    Windows Vista sp1 and above (XP wasn't tested!)
    .NET 2.0/3.5 and above

What's new in VoodooShield 3.00 Beta:

    AppCertDlls mechanism was replaced by Kernel mini-filter driver + service
    Improved logic of the new process handling. Fixed many bugs there, especially in handling command lines and approving by parent process
    Version update flow was changed
    Installer improvement - no more internet connection is needed for downloading VC++ runtime and .NET.
    No any additional .NET installation is required
    Bugs were fixed

There are still some features missing in the first beta, but they will be implemented in future versions.
I will be available for the next 3-4 days for your questions or comments regarding 3.00 Beta functionality/issues/bugs and will be happy to get some feedback.

Have a good day,
Vladimir
Triple Helix

Microsoft® Windows Insider MVP -Windows Security
Webroot SecureAnywhere Expert Product Advisor & Gold VIP

Offline hayc59

  • Esquire
  • Administrator
  • Sr. Member
  • *****
  • Posts: 394
  • Your A Daisy
    • View Profile
Re: VoodooShield Beta Thread
« Reply #7 on: October 02, 2015, 10:21:03 pm »
Trip are you running this latest test version? If so going good?
thanks


9.11.01

Microsoft® Windows Insider MVP
Freedom's Just Another Word for Nothing Left to Lose..


Offline ProTruckDriver

  • Most Valuable Member
  • Youngling
  • *
  • Posts: 9
    • View Profile
    • Webroot Forum
Re: VoodooShield Beta Thread
« Reply #8 on: October 03, 2015, 12:49:06 am »
Running excellent on Win 7 x64.  :)

Offline Triple Helix

  • Administrator
  • Full Member
  • *****
  • Posts: 188
  • Troll Hunter
    • View Profile
    • Webroot Community
Re: VoodooShield Beta Thread
« Reply #9 on: October 04, 2015, 02:19:30 am »
VoodooShield 3.01 Beta Release
Accidentally the 3.00 version didn't contain some last minute fixes. They were added to this one. As well some of the bugs that were reported also fixed in this version
You can download it from https://voodooshield.com/Download/beta3/InstallVoodooShield.exe
It's recommended to turn off or uninstall any old versions of VoodooShield prior to installing the new version.
Due to auto-update bug, version 3.00 could not be autoupdated to higher version! So it is recommended to update manually to version 3.01. The next releases will be updated automatically

System requirements:

    Windows Vista sp1 and above (XP wasn't tested!)
    .NET 2.0/3.5 and above

What's new in VoodooShield 3.01 Beta:

    Fixes that were missed in 3.00 - Sandboxie fix, disable Custom Folders
    nircmd.exe fix
    chrome update bug fix
    probably registration fields fix (I'm not sure, because never was able to reproduce it)
    Autoupdate version fix

There are still some features missing in the first beta, but they will be implemented in future versions.
I will be available for the next 2-3 days for your questions or comments regarding 3.01 Beta functionality/issues/bugs and will be happy to get some feedback.

Have a good day,
Vladimir
Triple Helix

Microsoft® Windows Insider MVP -Windows Security
Webroot SecureAnywhere Expert Product Advisor & Gold VIP

Offline Triple Helix

  • Administrator
  • Full Member
  • *****
  • Posts: 188
  • Troll Hunter
    • View Profile
    • Webroot Community
Re: VoodooShield Beta Thread
« Reply #10 on: October 06, 2015, 02:25:19 pm »
Release notes for Beta v3.0.2:

- Updated link

- Fixed reported bypasses ;)

- Fixed auto-quarantine issue

- Fixed sending script/registry/command line files to blacklist scan (wrong hash was sent before)

- Added wildcard ability to command line (* - any chars, ? – any single char). User is responsible to edit wildcard manually. There are still some questions on wildcard feature (i.e. the order of wildcard checks and so on), so need to get a feedback from the users.

- Rewritten command line handler, behavior now:

o If command is like cmd.exe /c script.bat , then it handled as process script.bat

o If command is like cmd.exe /c ping … (any cmd), then it handled as command line.

o Only command line part is added to command line list (without cmd.exe or something like that)

- Improtant! Due to command line fixes it is recommended to delete all previous command lines from the Command Line tab!

http://www.voodooshield.com/download/beta3/InstallVoodooShield.exe
Triple Helix

Microsoft® Windows Insider MVP -Windows Security
Webroot SecureAnywhere Expert Product Advisor & Gold VIP

Offline Triple Helix

  • Administrator
  • Full Member
  • *****
  • Posts: 188
  • Troll Hunter
    • View Profile
    • Webroot Community
Re: VoodooShield Beta Thread
« Reply #11 on: October 22, 2015, 08:04:19 pm »
VoodooShield 3.03 Beta Release
You can download it from https://voodooshield.com/Download/beta3/InstallVoodooShield.exe
It's recommended to turn off or uninstall any old versions of VoodooShield prior to installing the new version or update by using the old version.

System requirements:

    Windows Vista sp1 and above (XP is not supported!)
    .NET 2.0/3.5 and above

What's new in VoodooShield 3.03 Beta:

    Fix Norton Toolbar issue
    Fix Syncproc (WSA) issue
    Fix duplicated whitelist entries
    Fix empty SHA in whitelist
    Fix not sending network files to VirusTotal
    Some performance improvements
    Little code fixes



Have a good day,
Vladimir
Triple Helix

Microsoft® Windows Insider MVP -Windows Security
Webroot SecureAnywhere Expert Product Advisor & Gold VIP

Offline Triple Helix

  • Administrator
  • Full Member
  • *****
  • Posts: 188
  • Troll Hunter
    • View Profile
    • Webroot Community
Re: VoodooShield Beta Thread
« Reply #12 on: November 01, 2015, 10:17:59 pm »
VoodooShield 3.04 Beta Release

You can download it from  arrow  https://voodooshield.com/Download/beta3/InstallVoodooShield.exe

It's recommended to turn off or uninstall any old versions of VoodooShield prior to installing the new version or update by using the old version.

System requirements:

    Windows Vista sp1 and above (XP is not supported!)
    .NET 2.0/3.5 and above

What's new in VoodooShield 3.03 Beta:

    Fix closing notification without prompt
    Fix synproc issue
    Fix exception on exit
    Cleanups improvement on application exit



Have a good day,
Vladimir
Triple Helix

Microsoft® Windows Insider MVP -Windows Security
Webroot SecureAnywhere Expert Product Advisor & Gold VIP

Offline Triple Helix

  • Administrator
  • Full Member
  • *****
  • Posts: 188
  • Troll Hunter
    • View Profile
    • Webroot Community
Re: VoodooShield Beta Thread
« Reply #13 on: February 01, 2016, 02:17:29 pm »
VoodooShield 3.08 Beta Release

You can download it from https://voodooshield.com/Download/beta3/InstallVoodooShield.exe

System requirements:

    Windows Vista sp1 and above (XP is not supported!)
    .NET 2.0/3.5 and above

What's new in VoodooShield 3.08 Beta:

This release contains the fixes for the following bugs

    BSOD caused by VS driver under some circumstances.
    dismhost.exe bug fix
    Fix non-opening chrome (frequent bug)
    Better exception handling (to make VS less crashing)
    Fix installer to not install on XP


Known issues

    Sometimes gray user prompt is shown - unable to reproduce, so still trying to find what could be a problem

Have a good day,
Vladimir
Triple Helix

Microsoft® Windows Insider MVP -Windows Security
Webroot SecureAnywhere Expert Product Advisor & Gold VIP

Offline Triple Helix

  • Administrator
  • Full Member
  • *****
  • Posts: 188
  • Troll Hunter
    • View Profile
    • Webroot Community
Re: VoodooShield Beta Thread
« Reply #14 on: February 28, 2016, 07:37:19 pm »
VoodooShield 3.09 Beta Release
You can download it from https://voodooshield.com/Download/beta3/InstallVoodooShield.exe

System requirements:

    Windows Vista sp1 and above (XP is not supported!)
    .NET 2.0/3.5 and above

What's new in VoodooShield 3.09 Beta:

This release contains:

    Added the new Edit form for editing Command Lines with wildcard support (currently only * and ? are supported for wildcards)
    Added search box to Whitelist, Command lines and Quarantine lists
    Improved performance of User Log, Whitelist, Quarantine and Command Line lists
    Some small bugs fixes


Known issues

    Sometimes gray user prompt is shown - have direction of an investigation

Have a good day,
Vladimir
Triple Helix

Microsoft® Windows Insider MVP -Windows Security
Webroot SecureAnywhere Expert Product Advisor & Gold VIP