VoodooShield/Cyberlock

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, we would like to be able to list the scan engines with the scan results at the bottom of the prompt, it would be quite easy to implement. The last I knew, they did not want us to list the specific scan engines, but I can check again to see if we can do that now.
     
  2. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, exactly... that is what we are trying to figure out. It will be something very similar to what you are suggesting.
     
  3. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Oops, sorry about that, thank you for pointing that out! I am sure this is an easy fix.
     
  4. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    Is there any difference in security or behavior of VS in free vs pro or the difference is only custom settings?
     
  5. VladimirM

    VladimirM Developer

    Joined:
    Sep 16, 2015
    Posts:
    153
    Location:
    Jerusalem, Israel
    fixed
     
  6. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    Ok, tnx :thumb:
     
  7. andi_cro

    andi_cro Registered Member

    Joined:
    Dec 24, 2013
    Posts:
    49
    Location:
    Croatia
    Do you recommend any modification from default settings in pro version or not?
    There is a lot of check-boxes and it is easy to mistake something!
     
  8. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    Any comments on the following: Locky,MAKTUB, Rokku, TeslaCrypt 4.0 New, Crysis and PadCrypt Ransomware!WARNING/DANGER!!! With VS?

    Would VoodooShield stop the above nasty malware?

    Appreciate you taking the time to make this video/review/test. Wilders Security Forum: All credit given to this post below: https://www.wilderssecurity.com/thre...trojans-like-locky.383994/page-2#post-2567996 Post # 50.

    It occurs to me that our new AJC File Server will help you create backups that are safe from a ransomware virus on Windows. http://www.ajcsoft.com/file-server.htm Think of AJC File Server as an equivalent something like and FTP server except that it is more reliable, date stamps correctly and you can do block level sync to only send the changes to big files. It also has an archiving system to get back old versions of files (and only stores the changes each time). You need AJC Sync v4 on the client to backup to it. http://www.ajcsoft.com/file-sync.htm

    You thoughts? Thinking about AJC File Server with VS?
     
  9. andi_cro

    andi_cro Registered Member

    Joined:
    Dec 24, 2013
    Posts:
    49
    Location:
    Croatia
    I just witnessed interesting thing...
    First I downloaded Speccy from Piriform and Voodoo pops up (Thread detected only 1/57)
    Voodoo says "suspicious" although file is widely known and it has only one scann engine detection!
    I choose "Sandbox" and some "Cuckoo" comes out...I was curious and select it.
    Then my browser open a new tab and Remote Desktop Connection was establish to I do not know who and I witnessed installation of Speccy, when it was installed Connection was disconnected!


    What was that? What happen and why? What is the reason of that cuckoo and remote connection?

    THNX...
     

    Attached Files:

  10. andi_cro

    andi_cro Registered Member

    Joined:
    Dec 24, 2013
    Posts:
    49
    Location:
    Croatia
    From someone Remote desktop I don't know what else was going on under hub...
    It would be nice to see what's going on on PC with System Explorer or KillSwitch opened to decide install or not install some suspicious app!
     
  11. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    In the last few days, a number of installers I have launched has receive a single detection of Win32.Virus.Lamer.g. This is false positive, and needs to be fixed, as I'm getting a few prompts from it.
     
  12. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Most people will want to use VS in its default settings, but it is ok to change whatever you need to change. I cannot think of any setting that a user can change that would result in a mistake, but I am sure there probably is a way to mess things up if someone really tried.
     
  13. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, VS should block all of these perfectly... and VoodooAi should detect most or all of these as unsafe.

    AJC looks really cool... and you can never be too safe!
     
  14. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, some files will be detected by VoodooAi as suspicious... it just means be careful and rely on the blacklist scan results.

    The Cuckoo Sandbox / remote sandboxing allows you to execute the file safely in a remote sandbox so you can see what happens when you execute the file, without executing the file on your system.
     
  15. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, that would be cool... maybe we can do that at some point ;).
     
  16. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hopefully this will be fixed once the user prompts have VoodooAi fully integrated. I think we need to keep the false positive, especially since a lot of the new zero days are only getting 1-2 hits on the blacklist scan. But once we combine the blacklist with VoodooAi, it should work really well. For example, if VS's false positive detection feature is only detecting false positives, but VoodooAi returns a safe result, then we can safely ignore the false positives.
     
  17. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Vlad is going to spend more time with his family, so at least for the time being, he will not be coding for VS. He did a phenomenal job, and we were lucky to have him for as long as we did! Originally he was only going to keep coding until his new child was born, but he stayed on a couple of more months to finish some things... so I appreciate that very much!

    Thank you Vlad for all of your hard work!

    Most of the bugs are worked out, and I have a list of 15-20 new features and bug fixes that I am going to integrate into VS, and hopefully in the next few weeks we will have a final version of VS 3.0.

    One of the new features I am most excited about is a real time VoodooAi scanner to scan the running processes. The majority of running processes on any given system are default windows processes, and these are already in the VoodooAi cloud as default allowed processes. The other 10 or so processes on any given system will be scanned and uploaded to the VoodooAi database. It is hard to explain, but it is going to be pretty cool.
     
  18. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,839
    Yes, thank you Vlad for all the hard work.

    Dan, I must say, you're doing an amazing job with VoodooShield.

    The continued development for an already amazing product is what keeps me around.

    I appreciate all that you do, keep up the great work! :thumb:
     
  19. sun88

    sun88 Registered Member

    Joined:
    Aug 27, 2009
    Posts:
    69
    VS is still kind of dumb. It asked me if it was OK to run a process signed by Microsoft which was not found to be malware. Likewise it asked me about a signed nVidia process and it also asked me about a signed process from my anti-virus company. I'm not always at my desk, and these processes will be denied if I don't respond in a timely manner. This is a problem. I don't want VS to interfere with the smooth functioning of my system when I am not monitoring it's activity. VS needs to be smarter.
     
  20. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Thank you, I appreciate that!
     
  21. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Sure, the first couple of hours of using VS might be a little bit of a pain... you might have to click "Allow" a few times. But VS trains very, very quickly, and after it is trained, it is worth it.

    Right click on the VoodooShield desktop gadget and choose Scan & Allow, and run in this mode for a week or two, then lock it down with Smart or Always ON mode.

    I have seen tons of signed malware, so VS will never allow by digital signature alone... it is dangerous in my opinion.

    VS auto deactivates after 10 minutes of inactivity to allow the background processes, so that is not an issue.

    And yes, VS will soon be even smarter with the VoodooAi cloud database. Thank you!
     
  22. hjlbx

    hjlbx Guest

    :thumb::thumb::thumb::thumb::thumb::thumb::thumb::thumb::thumb::thumb::thumb::thumb::thumb::thumb::thumb::thumb::thumb::thumb:
     
  23. sun88

    sun88 Registered Member

    Joined:
    Aug 27, 2009
    Posts:
    69
    Emsisoft Internet Security threw a message that it was unable to continue and forced me to reboot, so yes, VS blocking of background processes is "an issue".

    You say VS won't automatically approve signed processes and then you force me to make the call based on the exact same information VS has at it's disposal - what? am I supposed to be a systems software expert and somehow know if every process is legitimate or not? Sorry but I'm not interested in baby-sitting or training your software. It should at least know better than to block native Windows processes just because a web browser happens to be open.
     
  24. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    Salutations/Greetings!

    @VoodooShield
    Developer


    Feedback: appreciate the answer to my post on 9235.:)
    And everyone else who answer my questions at different
    times? It a BIG Help!!!

    Windows 10 Pro: Within the last couple week's on two of my PC's.
    I have, had a problem with updates and syncing my Microsoft Account
    Sign In?

    > Under Windows setting?
    > Update and Security? ( Some of the updates will not download?)
    > Accounts? (Signing In does not work?)
    > Anybody else?
    > Feedback?

    Thanks!
     
    Last edited: Apr 6, 2016
  25. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    fixed
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.