VoodooShield/Cyberlock

Sure, thank you Moose!

 

Did they mean they don't want the engines displayed in the GUI directly?, or did they mean, don't hyperlink to where it opens their results via browser?

From what it sounds like, they don't want you doing the first thing I listed "They don't want the engines displayed in the GUI directly", rather than the latter.

 

I think it used to be they did not want us to do either of these... but there is a chance that their policy has changed, and I will check at some point. If so, it is a super easy fix to do both!

 

I'm sure Vlad will be sorely missed. His work has been a great asset to Dan, VS and us users. All the best to him and his young family.

Dan, thanks for the great work you do with VS also.

 

I hope their policy has changed, because this would be an excellent feature.

Thank you, Dan, I appreciate it.

Have a good day!

 

Are there any tests we can watch of this happening? Ta.

 

Thank you, and I am sure Vlad thanks you as well! Who knows what it going to happen... if things go right, I might even see if he wants to come to the US to work with me full time .

 

I agree, and we will implement it if possible! I should talk to them soon... I recently offered the "blacklist service" the VoodooAi API completely for free, so they could share it with the entire security community, and I have not heard back from them on that. I do not think they have even tried VoodooAi yet though, so we will see.

I think if they tried VoodooAi and noticed how it is amazing at detecting zero days and unknowns (when it can take a few days for the blacklist scans to start catching these emerging threats), I think they would be all over it. It would be pretty cool... especially for files that are say less than a week or so old, they could list the VoodooAi results along with the other results, and if the VoodooAi results were high, they could kind put that file "on probation" if you know what I mean . Then if the VoodooAi results were low, and there were no blacklist hits, you could safely assume that the file is probably ok to run. Hopefully we will hear from them soon . Thank you!

 

Not that I know of... not with VoodooAi. I can tell you, I have tested thousands of files and it does quite well . I think once everything is finalized in the next week or so, we can probably get some of the security youtubers to test VS / VoodooAi and see what they think.

 

Still running v2.86 on XP... New WSA beta from a few hours ago, which I allowed....VS doing it's job.

 

Salutations/Greetings!

VS Smart (Default) is not on when, I open the Slimjet Browser. Or turn on!
That is when, I open Slimjet Browser with Sandboxie? Could you tell the steps
correct and/or fix?

Kind regards,

 

This has just happened again.

I had put VS into Disable / Install Mode to manually update Chrome. After restarting Chrome I put VS back in Smart Mode, closed Chrome and walked away from my machine. I came back a few minutes later to find VS showing as ON, the gadget unresponsive etc. I killed VS in Task Manager, double clicked the Desktop shortcut and VS in back working again.

Thanks.

 

Does VS monitor Windows temp Folder? Are there any other Windows folders VS monitors? I don't have VS installed right now to check. Vlad is suppose to be working on some bugs that is keeping me from using it right now.

 

https://www.wilderssecurity.com/threads/voodooshield.313706/page-370#post-2578489

 

Thanks for letting me know. I wasn't aware he was taking a break.

 

Try to install Cyberghost VPN.
VoodooShield pop-up, threat not detected, AI said is Safe, file is digitaly signed, everything is clean - so way pop-up

 

@Mister X @VoodooShield

Thought I respond here. VS has made great improvements and the Ai really is a USP. Reading the posts I am still uncertain whether VS has an auto allow based on trusted program signatures (Microsoft and all hardware vendors like Intel, Realtek for starters and security vendors, etc).

Regards Kees

 

I don't think that VS auto-allows digital signed files.
Regarding digital signatures there's only this option: "Temporarily allow by publisher / digital signature until reactivation"

 

Maybe if you want to run that app in Sandbox, then you have option to do it or simply VD is notify you that some .exe file is trying to install!
We concluded earlier that you can't really 100% trust app certificate soo this is one more precautionary measure.

 

If AI say is Safe, 56 engine say is safe why not just let it run?

And is written:
"If you try to install new software choose Install"

I started that .exe no one else.

 

Sorry guys... I am going to disappear for 3 or so days and then I will respond to the posts I will have missed.

I am going to work on VS all weekend and hope to have some really cool stuff for you guys very, very soon... hopefully by Sunday night (as long as I quit adding new stuff )

One thing I am working on now is basically for VS to block any and all child processes of web apps in the Windows directory. Before, VS blocked the payload of these child processes, which works great, but this is going to be even more secure (and the Chinese hackers will not be able to run their calculator by exploiting a web app, along with all of the other windows processes ). It is funny because Kees had the fore site to mention that we need to allow splwow64, and so far that is the only process I have had to hardwire in... it will just be funny if that is the only one . I also added OpenOffice and LibreOffice btw.

BTW, CET, I know this feature does not sound possible, but it really does work, at least for the Windows directory... but I am sure we will have to hardwire in a few other processes. Now, if I could just get it to work with the Program Files directory . I am sure there is a way, but I will have to be careful about items like flash and java... no biggie though, because those are already protected anyway. Thank you!

 

Very cool, thank you for letting me know!

 

Hi Moose... sure, just add slimjet as a web app in Settings / Advanced. If you have any problems, please post again and we will help figure it out. Thank you!

 

Thank you for letting me know... I just added that to my to do list, and hopefully I will have a fix soon. I know VS sometimes does something similar to me, but I am tracking it down.

 

Yeah, VS monitors the windows temp folder... you cannot run a non whitelisted file from this folder. Please email me the list of issues and I will add them to my list. Thank you!