VoodooShield/Cyberlock

I checked the log, which goes back to March, 2015...and nothing else shows up where this happens.

 

Cool, does VS keep blocking it?

 

For the record, someone just bypassed VoodooAi . imprimir_fatura_0004022016.exe and underscore2.exe both were detected as Safe, when they should have been detected as Unsafe. But whoever analyzed these files... it did pretty well considering that it detected all of the other ones in that batch, huh? If I am unable to track down these samples, can you send them to me sometime so I can add them to the training data?

Time for a break, thanks for all of your guys help, talk to you soon!

 

Whoever just uploaded the following samples, please contact me!!! Something went wrong, the probabilities were extremely high numbers that were out of range… Like this: 975874304771423, when they should be between 0 and 1.

Are you running a Non-English version of Windows, or do you have some kind of firewall running? Thank you!

25.exe

8834F4FD855BC261DCEB17C9548E6523.exe

mal1.exe

run.exe

us.exe

ZAM.Portable.exe

procexp.exe

geek.exe

iexplore.exe

 

The above error is from AV Gurus from MT... I am not a member of that site, so can someone please have AV Gurus post on this thread if they are a member. If not, just have them contact me please.

I am curious if they are running an English version of Windows or not, or if there is a firewall or something else that might be causing the issue!!!

https://malwaretips.com/threads/voodooshield-ai-artificial-intelligence.56588/

Sorry for so many posts . And you guys thought I disappeared .

 

Is VS's 'Cloud' safe, Dan?

 

I'm that member.
OS: Win 10_x64 English with Croatian Keyboard
Win firewall & EMET
If you want I could test again.

Maybe it's something with Virtual Machine because I was testing something beafore.

BTW: when click on file got error
http://s11.postimg.org/vsh5zeihf/Clipboard03.png

 

Hi Dan/Vlad,
I recently reset the whitelist and noticed that VS 3.08 beta is blocking some installed apps from the Program files folder, even though I have 'Automatically allow all software from the program files folders' ticked. One of them is Wordpad !
They all seem to be from the x86 folder.
VS blocked the following .........
program files(x86)windowsnt\accessories\wordpad.exe
program files(x86)\stdu viewer\stduviewerapp.exe (my installed .pdf reader)



Cheers
Gordon

 

Dan, is this wrong decision or wrong graphics?
It happens for every clean file Ai analyzes...bar shows "Safe" but the final verdict is "Unsafe". (?!?)

 

I can confirm Djigi's post...GUI crashes every time I click on a file name for details (multiple selection).
Plus there are two GUI glitches, at least on FullHD resolution.

 

It crashed for me also a couple months ago, and I discovered I did not have Microsoft Framework 4.5 installed.

 

I have just re-checked and Microsoft .NET Framework 4.5.2 is installed on my PC.

 

Ok, thanks for confirming.

 

NP...let's wait for Dan's/Vlad's reply.

P.S. Another type of crash after browsing for a single file.

 

I am not sure what you mean by cloud safe. Like when I think of cloud safe, I think of like Mozy or Carbonite, and your files being safe in the cloud... is that what you mean?

Here is how VoodooAi works in a nutshell. Watson is used to help build the models and determine which features we should in the "fingerprint", so it does not interact with VoodooAi / the cloud at all. I only use it on my own to help me build the models and determine which features are good indicators / predictors of

Azure on the other hand is different... it does interact directly with VoodooAi, and VoodooAi uploads metadata directly to the Machine Learning component of Azure, and to a SQL Azure database. But, the data is just an array of strings, integers and binary variables, like this 1400, 3, True, -1, False (but there are about 25 or so variables).

Either way, I am certain that Azure and Watson are both pretty secure. But anyway, is this what you mean?

 

Hi, yeah, VS should block the "installer", a command line and the portable app once. After that, it should work fine, but if not, please let me know, thank you!

 

Hi, thank you for your reply. I think I know what the problem is... let me make a few changes and we can try it again, thank you!

 

Hey Gordon, thank you... Vlad will be able to answer this a lot better than I can.

 

Hey siketa, I think I know what the problem is... let me make a few changes and we can try it again, thank you!

 

Cool, thank you! The new version should automatically choose the correct compiled version of VoodooAi and copy it to the desktop, so unless you are running XP or Vista, .net is not required because it will just use the native version of .net for each OS.

 

Ok, thank you for the update!

 

Dan, does VS make re-analysis of already submitted sample(s) or it just shows the original verdict?
Should I upload clean samples that received "Unsafe" verdict again?

 

Here is the hopefully fixed version Djigi and siketa, please try it and let me know if it works, thank you!

www.voodooshield.com/artwork/InstallVoodooAiPortable.exe

 

Yeah, once a user submits a sample, it is automatically added to the database so that it does not have to be reanalyzed by Azure... and that way it is quicker.

I will remove all of the samples where there was an error from the database right now so it does not mess anything up, thank you!