VoodooShield/Cyberlock

Thank you Kees, I appreciate that! Yeah, those were some pretty bad zero days that CS used in her video, it was a really cool test .

 

Why so much connections?

 

yes..in default mode

 

Thanks Kees - that was very helpful.

 

Dan, I certainly would not mind purchasing a further 3 year license for you to add 100 year to my subscription!!!

Could you possibly allow me this offer?

 

Yeah, that is odd, I will have to look into this. There was probably an exception getting the hash (protected folder / privilege issue), and this is why VS thought it was unknown. What I am going to do is to make a list of these last 3-4 bugs, and see if Vlad can fix all of them. He really does not have a lot of time to spend on VS, but hopefully these bugs will not take him long. Thank you!

 

Off the top of my head... VS has to check for an update, check the VoodooAi cloud database, upload the metadata to VoodooAi so it can be calculated (if the file is not in the VoodooAi cloud database), upload the hash to the blacklist, sync the snapshot with the main database (btw, we are going to merge this database with the VoodooAi database soon), and there are several other connections VS has to make, but I just cannot think of all of them right now. Thank you!

 

Cool, thank you. See, we used to recommend that people disable UAC, for several reasons, but mainly because VS worked better when it was off, and especially at the time, UAC seemed to not do any good, because a lot of people were getting infected. But keep in mind, UAC has come a long way in 5 years as well, and now there are a lot less dangerous affirmative user prompts.

To me, I still believe that UAC would benefit from the following:

1. Utilize a deny by default method, instead of dimming the screen and forcing the user to make a decision on the spot... mainly because most novices will answer with the affirmative and choose Allow.

2. Privilege escalation is an old UNIX technology that should be replaced with a more modern technology like application whitelisting.

3. The user should be provided more information on the potential maliciousness of the blocked item, so they can make an informed decision on whether to allow or block the item.

4. It would be really helpful to implement some kind of pre-execution machine learning / Ai technology so that squeaky clean files would be auto allowed (although this should be optional) and super bad files would be blocked (and the user would be notified that a threat was blocked). All of this would obviously use a deny by default method.

5. There should be 2 levels of protection, depending on if a web app was running or not, and also depending on what type of item is blocked.

This is just a partial list... I could go on and on, but there are the main bullet points.

Much in the same way VS has progressed in the last 5 years, UAC has as well. And believe it or not, I kind of like UAC now, I just wish it was enhanced a little.

 

Sure, if anyone purchases a 3 year license, just email me to let me know and I will add 100 years. This is effectively a lifetime license... it is just easier to add 100 years since our database does not technically handle an infinite number of years. Thank you!

 

Let's start a to do list for Vlad... If I missed anything, please add it to this list and copy / paste the entire list.

1. Freeze issue (most likely a privilege / permissions issue)
2. guest's custom folder GUI bugs
3. Chrome update issue / Blacklist showing unknown file
4. Dismhost bug
5. The suspended process from CS's video
6. Review all of the changes we have made in the last 3 months, especially the new shield flashing so that VS does not turn white

If there are some little tweaks that I can easily handle, we can start a to do list for me, since Vlad is so busy these days.

Thank you!

 

@VoodooShield do we need to be in Admin account to upload whitelist on the cloud?

i ask because my main machine (used 99% on SUA) doesn't have its whitelist uploaded while my second machine (with only an admin account) , has its whitelist uploaded.

or maybe only the advanced snapshot is uploaded?

 

Yeah, exactly, either the driver or service should be able to grab the hash... and this might be what is causing the freeze issue. Either way, Vlad will have it fixed very quickly. Thank you!

 

Hmmm, I am not sure either way, but I will check it out. Thank you!

 

I'd love to take you up on this offer Dan! I've just purchased a 3-year license, and I'll email to ask you if you'd kindly add those 100 years. Really appreciate it!

 

Very cool, thank you, I appreciate that!

Please email me (support at voodooshield.com) from the email address you used for your account and I will add 100 years.

I have some onsite work to do, so if I do not see the email before I leave, I will adjust your account when I return a little later.

BTW, you might have to go into Settings / Register and click the Confirm Registration button once I make the changes to your account. Thank you!

 

to be more precise, there my procedures:

on main machine (Whitelist not uploaded)

- installed VS & registered it
- put Always On
- denied Advanced Snapshot
- imported whitelist and settings via Utility

on second machine (Whitelist Uploaded)

- installed VS & registered it
- put Always On
- allowed Advanced Snapshot
- manually applied my settings preferences

Time to sleep , goodnight

 

If one uses a program like TweakUAC as mentioned by @Windows_Security or are competent enough to edit the registry, you can make it so the prompts are silent while still maintaining UAC's security. I'm sure UAC and VS work well together using that mode of protection.

 

Yep that was me! Thanks for the quick fix!

 

just wondering but is it a good ides to add our other security software to the web protection list?

auto detect additional running web apps?

 

Do you guys change some settings in VS or leave it as it is?
Can some of you post some pictures with settings, please...
My are for now at default:

 

Thanks for your reply and such a great offer Dan, I purchased an additional 3 year license and emailed you regarding the 100 year subscription. I will be very old indeed

Edit : Once again Thank you Dan, I have my additional 100 years added to my license!!!

 

Like this:

 

@Djigi ...
In Basic Settings:- I have VoodooAi Sensitivity set at 120%
In Advanced Settings:- I have unticked the "Automatically deactivate after ?? minutes system idle" box....
............. like @SHvFl, I have also unticked the "Automatically allow by parent process" box.
................................I have "Automatically quarantine files with "3" or more positive detections."

 

Super, tnx

 

You are welcome
I agree with @SHvFl though...the other settings are just personal preference.