VoodooShield ?

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    888
    Location:
    Land o fruits and nuts, and more crime.
    For some reason I trust you (VS).
    Thanks.
     
  2. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    492
    Location:
    UK
    I just tried adding eM Client to the web apps after seeing your reply and it seems to have stopped all the command lines being generated. I deleted all the command lines to test it, then opened the client, then opened a few emails, and didn't get a single entry.

    Thank you for that as it seems to have fixed the issue. I did an auto detect of running web apps which I never really knew about before and this also found skype which also has stopped the command lines for that app too. I think this indicates to me I'm still learning how amazing VS really is and what it is capable of doing.
     
  3. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you for posting that! I have actually never had to use the wildcard feature (that was one thing that Vlad did completely on his own, and I have not had the need to use it). I think you can replace the numbers with either a "*" or a "?", and that should work.

    Just looking at these command lines... I am surprised that you are having any trouble with them at all... we have a special algorithm that compares the whitelisted command lines with the currently blocked one, and if it is a close enough match, it will auto allow it. This would EASILY be a close enough match, so I am not sure why it is being blocked.

    Do you have a link to the email client and I will install it and see what is going on? Thank you!
     
  4. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you Callender!!!
     
  5. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,764
    Location:
    Ontario, Canada
    The Cloud is here to stay, I'm with you Dan and keep up the great work!

    Daniel ;)
     
  6. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    888
    Location:
    Land o fruits and nuts, and more crime.
    Easy to make a statement, but can you give an answer?

    How can a "cloud" be secure, what protection (security) does it have?
    If banks and gov can't protect, what can make me believe in "cloud"?
     
  7. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,764
    Location:
    Ontario, Canada
    All I can say with WSA all info is encrypted from your devices to the cloud and back and with any communications!

    And for VS it sounds the same!

    Daniel ;)
     
  8. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    888
    Location:
    Land o fruits and nuts, and more crime.
    Sounds nice, just concerned whats/who is on the end that can obtain this information, surely someone can obtain/hack.
    It seems like taking risk to solve a risk.
    Thanks
     
  9. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,764
    Location:
    Ontario, Canada
    In all the years of Prevx and now WSA it's never been hacked and if it's encrypted what good would the info be to them? Now let's not get off topic in the VS thread as Dan would be the best one to answer for VS.

    2015-06-04_14-36-28.png wsi-cloud.png
     
  10. EvjlsRain

    EvjlsRain Registered Member

    Joined:
    Apr 26, 2016
    Posts:
    31
    Hi Dan,
    can I have a small feature request?
    Could you please add a text next "threat not detected" it would be better :D
    It's not a big deal but I think it's better for novice users and make everything much more clear
    http://i.imgur.com/rhWXlPG.png
     
  11. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,040
  12. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    22,596
    Another user had a similar problem a while ago. In Install Mode it couldn't be installed, only after exiting VS.
    But we don't know what kind of error-message the user at Malwaretips is seeing: "I wanted to install an update for NVIDIA Gforce Experience as a set VS in Disable/Install Mode but an error occurred when installing"
     
  13. oZone

    oZone Registered Member

    Joined:
    Jan 18, 2017
    Posts:
    33
    Location:
    Earth
    I had similar problem VS 2 with realtek drivers, but that was 1-2 years ago,

    also could someone answer me or point me where can I find answers

     
  14. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,398
    I have seen this cool feature in action, and indeed, similar command lines are auto allowed. But for some reason, it makes a new entry every time in the list of whitelisted command lines. The list gets pretty long, pretty fast, if you are doing something like batch-converting a slew of audio files from one format to another.
     
  15. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,291
    Location:
    The Netherlands
    The thing is, I always thought AI was supposed to work without the need for the cloud or signatures. I believe that is how Cylance works, and that's why I'm so interested in it. But to each its own, like I said I'm not into all this cloud stuff.
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,291
    Location:
    The Netherlands
    No, this is normal, same goes for upgrading software or downloading definitions. But other than this, I don't like to see my security tools connecting out. Of course, in general you have already chosen to trust the security tools that you're using, but I still don't like it. BTW, is there a reason why you don't use the quote function? It's a bit annoying.
     
  17. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    Rasheed I must not have that function enabled because I d o not se that option. that is why I use quotation marks. I do respect your posts, so don't get me wrong. you can ask clone ranger who I am. I agree that security software should not collect our personal info and if they do it should be encrypted.
     
  18. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Very cool, thank you for the suggestion! I added that this morning so it will be included in the next release.
     
  19. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
  20. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you... I noticed that too. I tried to fix this issue this morning, and I think it is fixed, and will be included in the next release. I am closely monitoring my command lines to make sure everything is just right... so far, so good.
     
  21. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, I know exactly what you mean, and Cylance insists that everyone tests their software using the local models, which is why I always test Cylance using the local models.

    I could try to do this as well, but it would be extremely difficult or impossible to replicate the accuracy, power and flexibility of the cloud models... not to mention, using the cloud means that it is constantly updated and there is not a need for the desktop software to be updated.

    Besides, could you imagine having 3 Ai models and 57 blacklist databases on your local drive? That would probably be about a terabyte of data, and it might slow your hard drive to a crawl. I mean, why put that burden on your computer?

    To me, the cloud is the obvious choice, especially since the internet is where malware comes from (yeah, I know, USB devices as well).

    What is the disadvantage to using the cloud in your opinion?
     
  22. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,651
    Location:
    Mexico
    A few hours ago NVT ERP blocked the following process:
    What does that mean?
     
  23. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hmmm, I am not sure... dw20.exe is a windows error reporting tool, but I am not sure why VS would be calling that. Can you please send me your DeveloperLog.log from the C:\ProgramData\VoodooShield folder so I can take a look? I am sure it is fine, but we better take a quick look just in case. Thank you!
     
  24. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,651
    Location:
    Mexico
    Thank you. Check your pm inbox.
     
  25. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you... yeah, everything looks great, there is no issue with the block you were asking about.

    I did notice one small bug that does not affect anything and it is unrelated to the block you were asking about... it is an easy fix.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.