VoodooShield 5.70

Forums VoodooShield Support Forum VoodooShield Releases VoodooShield 5.70

  • Post
    Dan
    Keymaster
    US
    Hey Guys, VoodooForums is not working well at all.  It is built on wordpress / bbpress and I have read that these types of issues are typical with bbpress.

    So I updated the entire site and started this new topic to see if it is working better.  If not, we will either have to chose another platform, or maybe since most of the development and debugging for VS is finished, we figure out another way to communicate.

    BTW, I just checked my PM’s and it seems as though I missed a lot of PM’s the last 5 months, sorry about that.  I always forget to check my PM’s anyway, so it is best to email me at support at voodooshield.com.

    Anyway, let’s try this thread and see how it does now that everything is updated.

    Thank you guys!

    2
    0
Viewing 15 replies - 151 through 165 (of 171 total)
  • Replies
    VecchioScarpone
    Participant
    AU
    Thanks Dan. 5.98e beta over the top running without any issue.

    "Today is yesterday's future - Carpe diem"

    0
    0
    bellgamin
    Participant
    US
    5.98e is running just fine for me.
    0
    0
    boredog
    Participant
    none
    Hey Dan I contacted you via email but never heard back. The latest version keeps blocking a powershell command line on my insider build.
    0
    0
    Dan
    Keymaster
    US

    boredog: Hey Dan I contacted you via email but never heard back. The latest version keeps blocking a powershell command line on my insider build.

    Sorry about that, the email must have been sent to spam or something.  The newest versions of VS will show the process path and the parent process path of the command line blocks… can you please scroll over to the right and let me know what they are?  Thank you!

    0
    0
    Geri123
    Participant
    none
    Just testing the latest beta. Trying to understand when WLC labels files as “suspious”

    File rorlauncher got a valid signature and 10/67 on VT > File labeled safe

    File par2j got no signature and 0/66 VT and wasn’t modified since month (old file) > suspious

    Any whats the way to whitelist a file in WLC while still having in and outbound traffic blocked? Some files I consider clean which never would need internet in any way.

    And what’s up with the old wordpress stuff? Isn’t WP something thats needed constant bugfixes to get installed?

    Can’t put the picture in the rightplaces in this forum no clue why…

     

     

    1
    0
    Dan
    Keymaster
    US
    Hey guys, here is the latest, I will be releasing 6.0 to the public this week, thank you!

    VS 5.99 beta
    https://voodooshield.com/Download/InstallVoodooShield599beta.exe
    SHA-256: e2ca8a9a14ae88c225fb2f26c2ae68344de8b6fb8f6752d2123289b802f0f3ff

    4
    0
    Dan
    Keymaster
    US
    RoRLauncher.exe- The 11 detections on VT are false positives, most of them are ML/Ai false positives due to the file probably being obfuscated into oblivion.

    par2j64.exe- When a binary is not signed, it runs the risk of being classified as either suspicious or unsafe, unless its file reputation is high enough that it can overcome the lack of a digital signature.  Also, MultiPar is a PUP.

    Both of these cherry picked samples could easily go either way.  If you want to test WLC’s efficacy, download the top 100,000 most common clean files, and collect 100,000 malicious files, then test with WLC.  It will be difficult to find an instance where WLC returns an incorrect verdict.

    The last time I updated WP, it broke a lot of stuff.  But what the heck, it can’t get any worse than it is, so I will update it.

    You can allow a file with WLC, then check the Inbound and Outbound FW Rule checkboxes.

    Attachments:
    1
    0
    Geri123
    Participant
    none
    Thanks for the answer explaining the results.

    From the few programms I often use (rather static system) I got 2 results where I expect that they were the other way around.
    I expected rorlauncher to be “suspious” and par2j.exe which is part of Sabnzb standalone to be labeled as safe.

    Afaik the Sabnzb standalone got no mulitpar.exe include only the par2j64.exe and par2j.exe (so no PUP?).

    Anyways I’m curious so I had to ask to understand it better.

    Thanks for the tip with the checkboxes, I totaly forgot about them.

     

    0
    0
    Geri123
    Participant
    none
    Can’t edit the other post sorry

    Sometimes my VS “AutoPilot” switches to “Smart Mode” still found no clue how exactly to reproduce it :/
    E.g 5 mins ago:

    I just ended an onlinegame and was not sure if I had VS on Autopilot. I looked and it was “smart mode”, I changed it to autopilot, got a coffe and ended the sandboxed webrowser> VS turned from autopilot to “smart mode”.
    Since it not always happens and not always while doing the same things I can only offer this as beta feedback sadly.

     

     

     

    0
    0
    Krusty
    Participant
    AU
    Yeah, can’t quote anymore.

    Over installed and everything is looking great here so far, Danno.  🙂

    • This reply was modified 2 days ago by Krusty.
    • This reply was modified 2 days ago by Krusty.
    _______________________________________________________
    • Windows 10 x64 2004  |  Solus Plasma 4.1
    • Windows 10 x64 2004  |  Kubuntu 20.04
    • Mint Cinnamon 20
    0
    0
    Triple Helix
    Participant
    CA
    @Dan

    Danno this doesn’t work! If so shouldn’t you remove it or should it be working?

    Microsoft® Windows Insider MVP - Windows Security - VoodooShield Pro - Webroot SecureAnywhere Complete - Glasswire Elite
    1
    0
    Krusty
    Participant
    AU
    Hi @Triple Helix,

    I thought the plan was for that link to open the default browser to VirusTotal.  Yes, I know VT has been removed from VS.

    Cheers.

    _______________________________________________________
    • Windows 10 x64 2004  |  Solus Plasma 4.1
    • Windows 10 x64 2004  |  Kubuntu 20.04
    • Mint Cinnamon 20
    0
    0
    Triple Helix
    Participant
    CA
    Microsoft® Windows Insider MVP - Windows Security - VoodooShield Pro - Webroot SecureAnywhere Complete - Glasswire Elite
    1
    0
    Dan
    Keymaster
    US

    Triple Helix: @Krusty it does work: https://www.wilderssecurity.com/threads/secureaplus-vs-voodoo-shield.376396/page-3#post-2950184

    Interesting thread ;).  Once upon a time when signatures were relevant, VirusTotal worked pretty well with VS and VoodooAi, but this is simply no longer the case.  Signatures are becoming less and less relevant by the day, which is why AV’s are starting to rely more on ML/Ai, behavior blocking and heuristics.

    I distinctly remember when I came up with the idea for WLC over a year ago.  I was thinking… why is VS even concerned with detecting malicious files anyway?  The old adage “you can’t prove a negative” demonstrates why it makes a lot more sense for VS to be looking for safe files as opposed to looking for malicious files.  I always figured the WLC / VoodooAi / VS integration would work really well, and I have to say, it far exceeded my expectations.


    @bellgamin
    … combining whatever you believe to be the most capable deny-by-default product with whatever you believe to be the most capable AV product is probably a great way to go.

    VS will let the capable AV’s do what they do best, while VS focuses on what it does best.

    3
    0
    smf61
    Participant
    Just to confirm the right click crash I reported is fixed in 5.99.  Thanks, all looks good.
    0
    0
Viewing 15 replies - 151 through 165 (of 171 total)
  • You must be logged in to reply to this topic.