VoodooShield ?

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    3,283
  2. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,484
    I tried to open Indexing Options (windows 10) and VS flashed and blocked it. But I could not find the block in logs. The only way I could solve the problem was by putting VS in training mode.

    And that is still the only way I can get VS to stop blocking command lines from my HP inkjet printer.
     
  3. Alexhousek

    Alexhousek Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    634
    Location:
    USA--Colorado
    I thought I saw this posted a while ago, but I can't find it. Is the license that Dan provides to Wilder's members allow you to install VS on only one machine?
     
  4. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,268
    Location:
    Among the gum trees
    Nope. I think it is up to 10.
     
  5. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    41,682
    It can be installed on 10 devices :)
     
  6. Alexhousek

    Alexhousek Registered Member

    Joined:
    Jul 25, 2009
    Posts:
    634
    Location:
    USA--Colorado
    Thank you both.
     
  7. Azuredevil

    Azuredevil Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    5
    Location:
    Beaumont, CA
    I just ran into this today as well
     
  8. imuade

    imuade Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    751
    Location:
    Italy
    Yesterday I was working on my home PC and at 00.00 I got the "Friday nag screen" from VS.
    That's not a problem if it helps to keep VS free, but I was a bit disappointed to discover that the nag screen doesn't come up only once every Friday, but it keeps coming up at every reboot o_O
     
  9. Izettso

    Izettso Registered Member

    Joined:
    Oct 1, 2007
    Posts:
    55
    My computer name on the VS Register window is out of date. I changed it in Windows a few weeks ago, but VS shows the previous computer name. I hope that this does not cause any problems with future subscriptions to VS. Currently I use a license given to me by Dan and it's with that one that I have registered VS.
     
  10. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hey guys, I am truly sorry I have been away so long… Alex and I are getting very, very close.

    I was not going to initially include the new rules / policy wizard right away, but there have been a few last minute things with the web management console that I had to wait on.

    So anyway, here is a quick demo of the new rules wizard / builder. It is deceptively simple… but you can build extremely complex rules with it. I am really excited to see what rules you guys create… and in a month or so, we will probably add 5-10 hard coded rules to VS, depending on how everything goes and what everyone comes up with.

    The reason I am posting this now is because I would like for you guys to take a look at it and let me know what changes you think I should make.

    This is a very rough demo, but this code will actually end up merging with VS, so if you see any bugs, please let me know . If there are any bugs, they will be simple things like spelling or whatever… this is just a very benign demo.

    BTW… besides being an anti-executable, like AV software, VS also already has a lot of rules built in that I have written over the years, but this will make everything SOOO much easier. It will be really cool… everyone can pretty much design their own AV .

    www.voodooshield.com/artwork/RulesWizardDemo.exe

    Anyway, I am in a huge rush, but we really are getting close… I am shooting for next weekend to release VS 3.60... although, that might be a little optimistic . But once VS 3.60 is finished, things will go back to normal... I will actually be looking for things to do ;).

    Have a great weekend, thank you guys!
     
  11. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Ooops, I forgot to mention... you have to run the RulesWizardDemo at 100% screen resolution scale... not 125 or 150. I will fix this later, sorry about that ;).

    And also... I did not build out the Script option too much. We need to figure out if we should even include scripts in this or not... I am pretty sure we need to. But I just did not want to add all of the script types if we were not going to include them later.
     
  12. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,976
    Just tried to run the RulesWizardDemo.exe, and got this:

    I didn't think I needed this, since VS itself runs OK... I am using a Surface Book running Windows 10 Pro, which I would have expected to be up to date, anyhow.


    VS_RulesWizardDemo_needs Net Framework_01JPG.JPG
     
  13. VecchioScarpone

    VecchioScarpone Registered Member

    Joined:
    Aug 29, 2015
    Posts:
    341
    Location:
    Down Under the Southern Cross
    +1
    Skipped the installation for now.
     
  14. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Sorry about that... there are now 2 versions, one .net 3.5 and one .net 4.5. If one does not work, the other certainly will ;).

    www.voodooshield.com/artwork/RulesWizard35.exe
    www.voodooshield.com/artwork/RulesWizard45.exe

    Please keep in mind... this is just a demo of the new rules wizard. It is not an installer, it is a portable file.

    The only reason I am posting this now is to get your feedback on what I should add or change.

    As I was saying... it is deceptively simple, but you can create seriously complex rules, very easily. It took a long time to make it appear that simple, and actually, I think we can make it even better.

    Anyway, please try it when you get a chance and let me know what things we should change or add. Thank you!
     
  15. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
  16. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    I forgot to mention... the scaling problem is fix too, so everyone can try it ;).
     
  17. VecchioScarpone

    VecchioScarpone Registered Member

    Joined:
    Aug 29, 2015
    Posts:
    341
    Location:
    Down Under the Southern Cross
    Unable to complete the process with 45.exe.
    When I click Save nothing happen.
     
  18. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hmmm, very odd, it is working on several computers for me.
     
  19. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Wait for it ;).
     
  20. VecchioScarpone

    VecchioScarpone Registered Member

    Joined:
    Aug 29, 2015
    Posts:
    341
    Location:
    Down Under the Southern Cross
    Stuck here for the past 10 minutes.

    Capture.PNG

    No worries Dan. Not quite sure I fully understand the rules, how changing this or that may be better for me anyway.

    Cheers:)
     
  21. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hehehe, its working correctly ;). This is just a demo ;).

    A lot of people on security forums like to make their own custom rule sets, and a lot of times they come up with some really cool stuff. I always found it amusing that people would post text versions of their rules, but did not realize that VS had a gui version of that with our Custom Folders feature ;).

    But this it a totally different story. We can easily (and very quickly) create extremely complex rules / policies that will not only still block all of the bad stuff... it will auto allow the good stuff.

    So then the people who are into creating custom policies and rule sets... we can set that as an option in VS. Like "Use CET's settings"... hehehe, since he LOVES this kind of stuff.

    This new feature is basically like "Super AutoPilot for VS". I mean, I created basic rules for AutoPilot in VS, and I am certainly to careful when it comes to the hardwired rules... but I do that on purpose. I mean, most security software would not dare have a false positive, even if it means that there is a chance for a bypass.

    My point is... you set someone like CET or WBD on this... and they will create rules that will end malware ;).
     
    Last edited: Jul 29, 2017
  22. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    btw, I thought of a new one to add: command line of parent process

    we do not want to add to much and make it complex, but we do want to cover everything.
     
  23. gorblimey

    gorblimey Registered Member

    Joined:
    Jan 19, 2017
    Posts:
    157
    Location:
    West Oz
    Dan, how are we travelling on per-user settings for v360? I'd love to leave VS on AutoPilot for the other family members and Always On for Admin, but I need to see what's happening (Smart Mode or Training) on my screen. As things are now, I have to use AutoPilot all the time in case I forget to switch it over for other users. So I have no real idea of what's happening that I should know about.
     
  24. _CyberGhosT_

    _CyberGhosT_ Registered Member

    Joined:
    Mar 2, 2015
    Posts:
    457
    Location:
    MalwareTips "Your Security Advisor"
    Nice and clean looking UI , very impressive Dan.
     
  25. guest

    guest Guest

    Thanks Dan, I can't wait for the new version.
    My feedback after reviewing the demo is that in the blacklist section I should be able to choose what (VT) engines I want to take into account for the calculations, this would be perfect to remove from the equation unreliable, high FP's engines and products with the same engine (e.g. BD based products) in order to minimize the uncertainty of the detections. Do you agree? This is a request that I have been doing for months or years :(
    In addition maybe it would be more visual that the slider would indicate the % of AV's as well in addition of the nº of AV's.
    Also the ability to see without going to the browser which products gave a positive detection, like a summary in a different popup or on mouse over but still in VS interface.
    In the whitelist I would like to have 2 additional columns one to show the result of the blacklist scan and another for the date of that blacklist scan in VT

    On the other hand other tools in an additional step (optional one) could be included in the equation, I'm talking about tools like:
    https://www.raymond.cc/blog/analyze-suspicious-exe-files-with-comodo-instant-malware-analysis/
     
    Last edited by a moderator: Jul 30, 2017
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.