VoodooShield/Cyberlock

Gdata is a full-on AV including sigs + BB + rep whereas VS is more specialized. IMO, checks by VS take less time because they have less ground to cover. I suggest doing another trial by first adding the malware.exe to VS whitelist. Then execute malware.exe. I feel certain GData will pop an alert but I don't know whether or not VS will do so. Will it?

IMO, comparing any AV versus VS is comparing apples & oranges.

 

@bellgamin
Yes, but think about it like if VD is replaced by a malware. Malware can run, do some nasty things before an AV can react.

 

@moredhelfinland -- Good point. Okay, how about trying this: disable VS then run malware.exe. Did the malware get past GData?

 

@bellgamin
Yes, GData nailed it. For some reason, if i disable VD cloud lookup (whitelist cloud), the malware.exe is still scanned by the "whitelist cloud".

 

I am using the free version and have noticed that when I now turn on my PC, there is a VS pop up encouraging me to update to the latest version, which is of course the Pro free trial. Perfectly understandable behavior but I am quite happy with my 705 free version. I expect that my declining will only be tolerated for so long. Anyone have any inside knowledge on this matter?

 

Dan the Coder of VoodooShield deserves support. It's a one man project. A lot of major changes 705 vs the latest one is significant.
I'm running VD with smart+relaxed mode. And it works absolutely great. Great piece of Software, indeed.
Consider to buy it, i did.

 

It is a great piece of software, I've been using it for around 7 years now and was a beta tester in the early days. I'll almost certainly buy the Pro version when I have to, I was just wondering how long I can postpone it for.

 

Get over to the Voodooshield site now and take advantage of the offer:

"VOODOOSHIELD FREE HAS BEEN DISCONTINUED AS OF 5/5/2022!!! WE WILL BE OFFERING A 50% VOODOOSHIELD PRO DISCOUNT FOR A LIMITED TIME."

Good deal so now is the time to take the plunge.

 

AFAIK, whitelist cloud is primarily based on reputation. Rep checking is already included in top-tier AVs in addition to sig checking & behavior checking.

I had same experience as you -- I turned off whitelist cloud but it continued to pop-up alerts on files that had already been cleared by my AV as well as VirusTotal.

 

Does VooDooshield provide protection against threats like the one discussed here: https://twitter.com/wallet_guard/status/1531848479911432192

 

Ask Dan directly at support@voodooshield.com as he can't post here.

 

This is because Whitelist Cloud is still "part" of the VS engine. It checks both WC and VoodooAI. From the VS website:

When you disable WC it won't create any firewall rules and won't trigger a separate alert, but the WC lookup is still part of the "blocked file" analysis.

VS was re-worked in this way when Dan was no longer able to use VT as a lookup.

 

Mail from Dan:

 

Mail from Dan: VS 7.13:

 

Clean install of 7.13 and VS just shut itself down. I can't remember ever seeing VS do that before.

Logs sent to Dan.

 

That is strange, what other security are you using on this computer?

 

Reply from Dan:

"As far as VS crashing, it was an error in the Microsoft.AspNet.SignalR.Client dll. This is the dll that connects VS to the Web Management Console. It is the first time I have ever seen this bug, so it must have been a total fluke. But if it keeps happening please let me know."

May not be relevant but monitoring.

 

So a malware writer can code a VS bypass with this information?

 

If and, or when I hear back from Dan I'll let you know.

 

I'm using VS as a "relaxed mode" with G Data AV (only check on execution) and this combo is a light as feather.
So basically if VS let some malware thru, then there's G Data (on execution) and then in its "DeepRay" and "Beast" components to catch it.
There are some cons about G Data, but that's does not belong in this thread.

 

Reply from Dan:

"No, it’s not a concern at all. It is a Microsoft dll that crashed for some reason. We have been using it for many years and I have never seen it crash, so I am certain it was a fluke."

 

@Krusty
Thank for the info and thanks to Dan too of course

 

whoa, i see that @VoodooShield is back on the forum again. welcome back, dan.

 

Mail from @VoodooShield :

 

Impressive. Thanks @Gandalf_The_Grey - Looks like forethought many moons ago is proven a formidable proactive approach where it concerns Windows systems fun files collection