VoodooShield/Cyberlock

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    :thumb::)
     
  2. VecchioScarpone

    VecchioScarpone Registered Member

    Joined:
    Aug 29, 2015
    Posts:
    343
    Location:
    Down Under the Southern Cross
    On the subject brought up by @Gandalf.

    Often enough I get similar warning and I have no Idea what those process are. Error and trial as @SHvFI suggest, is my only option.
    Unfortunately if I block the process I got no idea what to do next if I need that process to run because it is legitimate.
    Consequently I take the risk and run it when it show up during normal operations, like opening trusted process/apps.

    I understand most here may wonder why I use a computer, I should let my son do things for me. Wish it was that simple...
     
  3. VecchioScarpone

    VecchioScarpone Registered Member

    Joined:
    Aug 29, 2015
    Posts:
    343
    Location:
    Down Under the Southern Cross
    @SHvFI
    That is a relief, thanks.
    Better to err on the side of caution certainly.
     
  4. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    Dan that was an awesome video!! First one where I saw the speaker drinking beer:D
     
  5. guest

    guest Guest

    Yes, it is responsible for the telemetry.
    I don't have this file, but if you look at the file-properties, you should see: "General Telemetry" in the file-description:
     
  6. _CyberGhosT_

    _CyberGhosT_ Registered Member

    Joined:
    Mar 2, 2015
    Posts:
    457
    Location:
    MalwareTips "Your Security Advisor"
    Thanks, Marked for checking out later ;)
     
  7. simmersK00L

    simmersK00L Registered Member

    Joined:
    Mar 20, 2013
    Posts:
    323
    Location:
    USA
    never gotta chance to run 3.55beta3, by the time I finished reading all the pages about self-protection, Dan had posted 3.56beta, now installed and after several reboots, all been smooth sailing on win7x64
    also listened to the youtube Dan posted. very_interesting...
     
  8. khanyash

    khanyash Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    2,428
    Hey Dan,

    Tried the latest Beta....
    VS - AutoPilot
    Blacklist Scan - Disabled
    Enabled to show Prompt
    Win 10 64 Pro

    1. Option "Allow Blacklist scan FPs & VAi verdict not Unsafe i.e Safe & Suspicious in all modes"
    I really think the option should be split......
    i.e......
    Allow Blacklist scan FPs
    Allow VAi verdict not Unsafe i.e Safe & Suspicious in all modes
    Coz.......
    The option doesn't works if Blacklist scan is disabled i.e Suspicious verdict alerts are there.

    2. Why sometimes stuffs get silently blocked?
    Try Revo Uninstaller & at the end of the install there will be an error.
    Select Install mode & try Revo Uninstaller & no error.

    3. Why sometimes alerts are "sample.exe was blocked" & after few secs alerts turn into Verdict alerts i.e Verdict appears on the alerts?
    Try Sticky Password..........
    i.e..........
    Sticky Password installed & Sticky Password extension installed in Chrome (in my case Portable Chrome & Sticky Password extension for Portable Chrome).
    You will find Browsers support/extension install in Sticky Password settings.
    When I run Chrome, I get an alert "sample.exe was blocked" & after few secs alert turns into Verdict alert i.e Verdict appears on alert.

    Thank You
     
  9. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    I have not seen that video for close to two years, but now that you mention him drinking the beer, that is probably why I remember it so well, and why I liked it so much. I will have to watch it again!
     
  10. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    BTW, whenever you guys refer to a specific software that does not work properly, can you please send me a link to the software, so we can make sure we are on the same page?

    The main problem is that the more settings you add, the more things can go wrong... and it is impossible to cover every single scenario and settings combination, which I talk about below for your second item. As far as that particular setting goes... no, I personally do not feel it would be safe to separate them... auto allowing anything with an AE is something that should be taken very seriously, and only done when ALL of the proper checks are performed... in this case, the blacklist, VoodooAi, not a child of a web app (hidden), etc. If you start removing the proper checks, as CS would say, the end user will end up in tears.

    I just tried installing REVO on a Windows 8.1 machine, with VS on AutoPilot, and all default settings. Everything worked great, and there were 2 command line blocks at the end of the install. I imagine that the other settings that you changed, somehow was a bad combination, and that there is a bug in there somewhere, with the particular combination of settings that you chose. It would be absolutely impossible for me to test every settings combination with every software installer, but if you can identify or narrow down what settings combination creates this bug, then I am certain it is an easy fix. It probably does not show the user prompts for the two command line blocks at the end because the blacklist is disabled, and some other feature, in combination with this, is hiding the user prompt for command line blocks... did you notice two command line blocks at the end?

    On somewhat of a side note... the main reason I added the option to disable the blacklist was to provide flexibility to malware testers and AV labs while performing tests, and so they can see how well VoodooAi does on its own, without the benefit of the blacklist scan. Unless you have a VERY good reason to disable the blacklist scan, it needs to be enabled. And actually, when you disable the blacklist scanner, if you change other options as well, things can go wrong, as in the case from above.

    Either way, thank you for telling me that you changed the options... a lot of times people will install VS, then lock it down air tight by changing every single option, then ask me why VS did not auto allow something ;).

    On the third question, can you please post some screen shots? I have no idea what you mean, thank you!
     
  11. _CyberGhosT_

    _CyberGhosT_ Registered Member

    Joined:
    Mar 2, 2015
    Posts:
    457
    Location:
    MalwareTips "Your Security Advisor"
    Same here, I am a long time lifetime key holder of Revo Uninstaller Pro, with VS it works flawlessly.
    Dan is right it may be with your settings brother. I have never had an issue. I can SS you my VS settings
    if you would like ?
     
  12. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    Dan,

    Were you planning on adding the early start feature to the release version? The reason I ask is because some of us security software enthusiasts have other programs that also want to start early, MB 3.0.6 comes to mind and seems to help with real-time protection modules not starting. If so, could we add an option to disable and / or delay that feature?

    Thanks,
    Dave
     
  13. Telos

    Telos Registered Member

    Joined:
    Jul 26, 2016
    Posts:
    171
    Location:
    Frezhnacz
    Dan... Can you help me understand this...

    upload_2017-3-25_22-59-45.png

    Surely I have not had 50 real threats. Maybe not 1. :cool:
     
  14. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,565
    Been running 3.55beta3 since it was released. No problems but only run on day to day basis. Will now install 3.56

    Dan - appreciate all the hard work you are doing and good to see you are not beaten down by all the critics, although in the end it can make you stronger in the way you wish to proceed.
     
  15. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    2,177
    Location:
    Canada
    Yesterday I made a clean install of the new 3.56 beta and so far I had no issues.
     
  16. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,936
    Location:
    UK
    3.56 working ok so far on Win 10.
     
  17. mesaboogieman

    mesaboogieman Registered Member

    Joined:
    Aug 2, 2004
    Posts:
    52
    Location:
    UK
    3.56 working great so far on Win 7 32bit alongside Comodo Firewall 10.

    Great work Dan.
     
  18. Gandalf_The_Grey

    Gandalf_The_Grey Registered Member

    Joined:
    Jan 31, 2012
    Posts:
    1,188
    Location:
    The Netherlands
    Good question :thumb: Dan, how is this calculated? On my fresh install of 3.56 I have 5, but why? I don't see it in the logs and quarantine is empty.
     
  19. andi_cro

    andi_cro Registered Member

    Joined:
    Dec 24, 2013
    Posts:
    49
    Location:
    Croatia
    v3.56 in Smart mode is allways ON ( blue )o_O

    From startup, open/close Chrome browser, no running web app...it is allways ON (blue shield)!

    Is this just with my rig or someone else have that situation to?
     
  20. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    With your browser shut down, look at the web apps section in Voodooshield . what ever is keeping the shield blue should be highlighted in yellow.
     
  21. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,936
    Location:
    UK
    On my machine VS shield at boot is blue for about 10 seconds and then changes to normal colour.
     
  22. andi_cro

    andi_cro Registered Member

    Joined:
    Dec 24, 2013
    Posts:
    49
    Location:
    Croatia
    Oh...I didn't see "foxitconnectedpdfservice", this is keeping VS in ON state!

    btw: Is there any good free B.B.app that I could add with Windows Defender and VS?

    EDIT: I chose CCAV instead of Win.Defender
     
    Last edited: Mar 26, 2017
  23. Gandalf_The_Grey

    Gandalf_The_Grey Registered Member

    Joined:
    Jan 31, 2012
    Posts:
    1,188
    Location:
    The Netherlands
    This is normal behavior for the latest versions. VoodooShield start is always on mode and then changes to the mode you normally use.

    https://www.wilderssecurity.com/threads/voodooshield.313706/page-592#post-2659320
     
  24. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    I am not sure what you mean... Since 3.54, VS should be starting very quickly on boot up. Do you mean that VS is blocking other programs from starting early, or do you mean that VS is not starting early enough? Please let me know, thank you!
     
  25. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, there should not be 50 Threats Blocked, unless you are doing a lot of malware testing ;). I just tested mine and it seems to be working great. There is a button in Settings / Utility "Clear Threats Blocked Count", where you can reset this to zero. Then over the next day or two, let me know if VS is adding to the count for normal blocks (for some odd reason). If so, there is probably a very simple explanation for this, and most likely an easy fix. I will keep an eye on it as well... we only want items that the blacklist or VoodooAi determine to be a threat to be added to the Threats Blocked count. Thank you!
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.