VoodooShield/Cyberlock

Hi, at some point we will add a new batch of Web Apps, but it will be a while. I will post on wilders to see what suggestions everyone has when the time comes. Thank you!

 

Yeah, basically reset the idle timer to 0 and restart it. Thank you!

 

Hmmm, very odd, thank you for letting us know... we will check it out!

 

Krusty13, djg05, yesnoo,

Yeah, there seems to be a small bug somewhere that is causing VS to become unresponsive at times. Hopefully we can figure it out soon. Thank you!

 

Thank you for letting us know... this will be good for us to test!

 

I received your logs, but they are similar to mine in that they do not show what the problem is. But hopefully we can figure it out soon, thank you!

 

Hmmm... what other security software is running? Thank you!

 

I'm running spyshelter firewall and HMPA. I tried disabling them but it still hung on install. I had uninstalled and reinstall still no luck, to uninstall I had to kill VS in task the task manager so I know it's running
maybe after a few reboots it will show up?

 

Hmmm, have you tried to delete the C:\ProgramData\VoodooShield folder, then reinstall VS?

 

Yes, I try again later tonight and let you know

 

Apparently a malware researcher recently created an exploit that will drop and successfully execute a payload, resulting in a bypass of VS.

Just kidding, happy April Fools day everyone!!! .

 

I tried Petya Ransomware. And got VS alert & blocked. But after app 5 mins got blue screen & dos window & red skull & system boot blocked.

Should I send the sample?

 

Send sample to @VoodooShield via PM with download link to sample @yesnoo. Best to keep it off the open forum until confirmed - best to let the developer confirm it otherwise it just gets too out-of-hand on the forum. Saying this or that just causes too much mayhem over mere speculation on this forum. Plus, PETYA is causing all manner of paranoia on the forums right now. One thing about Dan, if he has a sample, then he can work with it. Without a sample, well, it's guess work.

@VoodooShield and I were just discussing a similar situation via PM.

 

Sure, please do! Please send it to support@voodooshield.com

 

Well, my frds hjlbx & Voodoo Shield,

Below is the sample -

happyaprilfoolsday.exe

Ha Ha, Gotcha

Happy April Fools Day Guys

 

Hehehe, how funny .

 

Hah - hah @yesnoo. Yoo funny !

 

Created a thread in MalwareTips...Dont mention it on MT.

 

I saw it. ROFLAO...

 

Dan, don't do that to me, I almost uninstalled VoodooShield.

April Fools day to you as well!!!

 

VS still doing really well in my testing but some real nasties with low VT defections reported as probably FPs still worries me. I know it's a conundrum with so many engines FP prone but if you're security software tells you its likely safe and its not, well...........

2 samples I had this week had 1 detection on day 1 triggering the probably FP prompt. Next day they were both above 30 detections including all the big names suggesting they are quite prevelent quite quickly.

Also latest Shadow Defender installer drops setup_x64 in temp folder. AI gave it a very high score.

Thanks

 

Hehehe, I had to see the thread on MT, so I found it... very funny!

While searching for that thread, I stumbled upon this thread.

https://malwaretips.com/threads/ransomware-threat-hits-critical-mass.57834/

@cruelsister

I agree completely with your post #2 (and I happen to be one of your youtube subscribers)! Computer users, especially novices, will never change.

What if traditional methods of security added additional protection that locked the computer while is at risk because a web app was running? Do you think that would work?

 

Hehehe, sorry about that! I just wanted to have a little fun with the people trying to bypass VS, who cannot seem to get the payload to execute .

 

Yeah, I agree... And have posted a few of these on this thread myself (the blacklist scan initially detecting 0-3 hits, then the next couple of days 30 or so hits).

Did VoodooAi return a high result? (it should have).

We still have to refine the prompts, so that if VoodooAi is high, then that overrides the blacklist scan, along with any false positives. I tried to warn everyone a while back in all caps that the prompts were not refined yet... hopefully they will be soon.

Either way, it is never going to be perfect. If we could somehow make it perfect, then there would not be a need for VS, and we would have the holy grail of computer security. But having said that, once we combine the blacklist scan results with the VoodooAi results, it should be pretty darn good .

 

I installed TunnelBear VPN and every time i started VS give me non-stop pop-up of CMD.
I have to click allow 20 times.

http://s22.postimg.org/qm1z4nznl/Clipboard01.png
http://s18.postimg.org/5tf0b5n61/Clipboard02.png