VoodooShield ?

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    In theory, yes ;). I am actually not that familiar with the web activation code, but that is the way it is supposed to work. Thank you!
     
  2. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    BTW, last Friday I started to retrain the VoodooAi models to include driver files and the truly random samples from the last couple of months, then I kinda was side tracked on Saturday. Anyway, it actually worked out pretty well because I discovered that it is probably best to not include invalid executable files (files that simply will not actually execute for one reason or another) in the training data sets. The thing is, you never know what you are going to get with malware packs... some of the files are not even valid executables, and I am thinking that excluding these samples from the training data set will increase VoodooAi's accuracy even more. The reason I think this is the case is because once I excluded the roughly 20% invalid files from the 1000 malpack benchmark, VoodooAi performed even better. This is all a learning process for me, but I think we are getting there. Anyway, the new algorithms will be ready in a few days, along with (hopefully) the last couple of bug fixes for VS.
     
  3. Crystal_Lake_Camper

    Crystal_Lake_Camper Registered Member

    Joined:
    Mar 20, 2016
    Posts:
    98

    Nice to see / hear / read that you are so actively involved in optimizing / tweaking and improving VS. I am sure it will be a fantastic product in the near future! It's like a welcome change that a develloper actualy does listen to the bug reports ( implement ) changes where needed. when I still was an active Hall Of Famer member for AVG ( not my intention to hijack this thread ;) ) , they never ever listen to our suggestions , rerports or work we did for them :( thanks Dan for the License , succesfully applied! using the latest beta for almost a week , without any hickups ;)
     
  4. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,541
    Location:
    South Wales, UK
    Nice, Dan

    Looking forward to trying v3.19 as and when ready...:)

    Regards, Baldrick
     
  5. SSherjj

    SSherjj Registered Member

    Joined:
    Mar 4, 2014
    Posts:
    169
    Location:
    New York, USA
    Thanks Dan for including the drivers!;)
     
  6. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, hopefully soon VS will be a fantastic product ;). I am just playing with you!

    I certainly appreciate all of the help and advice from you guys, you have been a tremendous help the last few years! I guess you could say that making the PCMag top 10 list 2 years in a row is an indication that you guys have been giving me great advice that has made it what it is today... so for that, I want to thank you! The funny thing is... I am not sure if you guys remember how much VS has progressed since PCMag reviewed version 2.12... but it is a completely different animal now. Here are just a few of the changes since they last reviewed VS... mini-filter KMD, all new GUI, Cuckoo, VoodooAi, AutoPilot, much better handling of Web Apps, Quarantine (I do not believe that was in that version), Advanced Custom Folders, most of the UI Tweaks, and of course Vlad's killer coding skills. There were many, many other improvements, but those are just off the top of my head. So needless to say, I am super excited for them to review VS again... assuming they are willing to do so.

    Remember this old GUI? ;) http://www.pcmag.com/slideshow_viewer/0,3253,l=328713&a=328708&po=9,00.asp

    Sorry for my ramblings... I just wanted to explain why I appreciate your guys help so much, thanks again!
     
    Last edited: May 17, 2016
  7. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you Baldrick... after removing the invalid files we missed 3.

    SSherjj, I have good news and I have bad news ;). On Friday, the first thing I did was to download ATI and NVidia drivers... I just downloaded the latest since they are all going to be about the same in VoodooAi's eyes. I extracted the files and started testing the exe and dll files with VoodooAi. The bad news is that I could not find any that were much above 0.3333... from what I remember, they all hovered around 0.3333. So adding these to the training data set will help some, but it would be even more helpful if I could find some drivers that tested in the > 0.6666 range, that way the curve is corrected even more. But overall it is good news since most of them already tested clean. That is the thing with Ai... there are ALWAYS going to be some false negatives and false positives... mathematically there is simply no way around it. Sure, for example, you can add a false negative to a whitelist, but that is not pure Ai... that is whitelisting ;). And we could certainly do that, but I would rather the end user be aware that there is a heck of a chance that something is wrong with that file, just in case something was missed along the way.

    So to make a long story short, I am going to add drivers to the training data sets (I cannot believe that skipped my mind before), and it will definitely help some. And I will continue to look for drivers that test in the 0.6666+ range, because that will help even more. If someone has the chance to download some drivers and can find some that test high, please let me know, it will help tremendously! Thank you!
     
  8. Crystal_Lake_Camper

    Crystal_Lake_Camper Registered Member

    Joined:
    Mar 20, 2016
    Posts:
    98
    @VoodooShield : maybe a small recommendation ; it's quite difficult to check your subscription status , it's now still listed in the register module. would it be easier if it is filed under the ABOUT tab? and in bigger writting. the way it is now , it looks a bit cluttered imho. thanks.
     
  9. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hmmm, I am not sure... I think traditionally the About tab is essentially "About VoodooShield", meaning information about the software, not necessarily the license info. So I was thinking that it might be best to keep it where it is, but we can go either way on this. I see what you mean, it would be helpful to make it look no so cluttered on the Register Tab, and I can do that pretty quickly. Does that sound about right to you? Thank you!
     
  10. Crystal_Lake_Camper

    Crystal_Lake_Camper Registered Member

    Joined:
    Mar 20, 2016
    Posts:
    98
    sure! I am glad that you are comming up with an alternative :)
     
  11. SSherjj

    SSherjj Registered Member

    Joined:
    Mar 4, 2014
    Posts:
    169
    Location:
    New York, USA
    Again greatly appreciate this information you have provided for us. I haven't had any popups yet from VoodooAi' lately. I have updated NVidia driver today without any issues/popups. Running in Smart mode (Default}. Not sure if I understand what you mean about 0.3333 drivers as I only see the released driver version is 365.19. Sorry for my naive -ness? But just the same Thank you:rolleyes:!
     
  12. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,823
    @VoodooShield:

    I would have to agree with this.

    I always thought the registration should be asked in the installer, for example (options something like "Use free version" or "Sign in to register").

    Once the user picks an option for free license or to sign in to register, the license details should stick thereafter, without the need of a "Register" tab ever being an option in the GUI.

    Once registered, I think registration details should be included in the "About" tab, as suggested by @Crystal_Lake_Camper.

    I don't know, it just seems more clean that way.
     
  13. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you! Sorry, I meant drivers that tested clean with VoodooAi. I went back and tested some more again, and this time almost all of them were super clean. It's cool, we will find some good samples ;).
     
  14. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, we could change the installer to do this... that would be pretty cool. I am not sure what all is involved, but when I have time I will check it out. It should not be that difficult.

    As far as including the license info on the About page as well, we can definitely do that, it would take like 5 minutes. If some more people have some opinions on this, please let us know, thank you!
     
  15. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,562
    Well - not helping you much here Dan.

    I don't know when it is triggered. I keep VS in the sys tray and task bar hidden, so it is just when I need the T/B to pop up that I notice that is has turned red and right clicking on it shows to be crashed
     
  16. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,562
    Hi Dan

    Here is a miscreant for you in Nvidia
     

    Attached Files:

  17. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    Speedfan got blocked.
     

    Attached Files:

  18. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Thank you David... yeah, that sounds like the freezing issue. I am really hoping that it is fixed in 3.19... I will release that version sometime today or tomorrow, so we will see!
     
  19. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you djg05 and Djigi!
     
  20. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,803
    Location:
    Ontario, Canada
    Dan wouldn't this be because it's executing from the Desktop?

    Thanks,

    Daniel
     
  21. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, but I think what he is saying is that the VoodooAi is higher than it should be for that file, so it is a false positive. I checked it, and yeah, it is definitely a false positive. There will always be false positives and negatives with VoodooAi... so far the machine learning models are pretty darn accurate, considering VoodooAi is so new, and it will only get better as we go. Thank you TH!
     
  22. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Here is VS 3.19... I really hope the last few issues have been fixed, but if not, please let me know!

    There is no need to delete the .dat files anymore... VS will automatically create new .dat files (in the C:\ProgramData\VoodooShield folder), and now each of them end with a "3". If you have not had any issues and want to restore your old .dat files, so that the whitelist and settings transfer over, it is easy to do, and you will only need to do this once.

    1. Install VS 3.19 and allow it to run one time, then right click on the desktop shield icon and exit out of VS.
    2. Then go into the C:\ProgramData\VoodooShield folder and delete all of the new .dat files that end with a "3".
    3. Then rename the .dat files that do not end with a "3" so that they do end with a "3"

    So basically when you are finished, all 6 .dat files will end with a "3".

    But if you do not mind starting with a new whitelist, command lines and settings, etc, then you do not need to perform the steps above... just install VS and you are good to go!

    I apologize that we had to do it this way, but like I was saying, we will only have to do this once. If you have any problems, please let me know, thank you!

    http://www.voodooshield.com/artwork/InstallVoodooShield319.exe
     
  23. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    what's new?
     
  24. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Mainly bug fixes (hopefully the last ones) and a couple of slight gui changes.

    BTW, I am starting to think that Norton and VS do not play well together. Does anyone run Norton and VS together with success?
     
  25. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,132
    It cannot be done in a simple & easy way?

    Like the installer gives the options "Install" & "Upgrade". Install will fresh install & Upgrade will keep settings, whitelists, etc...
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.