Hey guys, here is 4.03… if you are running 3.59 or 4.02, you should be able to install over the top. If you are running 4.00 or 4.01, you really need to uninstall VS, click “yes” when it asks you if you want to delete the settings and log files, then reboot the computer, then install 4.03.
I temporarily slowed down the VS startup slightly… I am not sure if you guys will notice it or not, but once this final startup bug is resolved, I will be sure to change it back. I added logging to the startup code to see why VS is not starting for some users.
There is a small chance that the startup issue is fixed, but if not, the extra logging should guide us in the right direction.
Also, after Sunshine-boy mentioned the blacklist scan not being available everywhere, I started to look into this a little more. I noticed that there were quite a few small bugs when the blacklist scan was disabled, so I believe those are all now fixed, but if you guys see anything, please let me know. But really, if the blacklist scan is not available, there is not much I can do on my end… but really, if you simply disable the blacklist scan and rely on VoodooAi, you should be in great shape. I probably would not keep VS on AutoPilot if you disable the blacklist scanner, unless you are running a great AV along with VS. Actually, AutoPilot is not really designed to be used on a daily basis, even with the blacklist and VoodooAi enabled… if you ask me, the computer needs to be locked when it is at risk .
But if you were really wanting to run on AutoPilot, a rule or a few rules might be very, very handy in this situation… maybe something like (I am sure we can come up with something better than this):
Block All files on My Computer when VoodooShield is AUTOPILOT
If VoodooAi is greater than or equal to 33.
I am not sure if you guys have noticed, but VoodooAi has become amazingly accurate the last 6-9 months, and it is only going to get better as it goes. Usually when I am analyzing and testing malware or potential false positives, I take 3 factors into consideration. 1. The overall blacklist scan results, 2. VoodooAi, 3. Cuckoo Sandbox. A lot of times they all 3 agree, so the sample is either obviously benign or obviously malware. But when one of these 3 analysis do not agree with the other 2, from my experience, VoodooAi typically does not let me down… although it can be wrong from time to time.
Then again, if VoodooAi (or any other malware engine) were perfect, there would not be a need for VS .
And the false positives are now at an all-time minimum… just go to any download type site and try it for yourself. But the reason I bring this up is that new technologies need a little time to improve and mature. So for example, I am really excited to see what happens with the new rules feature a year from now.
There were a lot of other bug fixes and changes in this version… I think we are getting close.
http://www.voodooshield.com/Download/beta4/InstallVoodooShield403beta.exe
Thank you guys for letting me know about the BD FP… I submitted a FP with them. In all fairness, there is live malware on our Cuckoo Sandbox site… I am surprised it took 3 or so years for anyone to notice .
BTW, thank you guys for all of your input, and responses… If I had time to respond to each one, I would, but as you know, things are kind of crazy right now . After we track down these last couple of bugs, we will be in great shape though. I do read everything though, and I really appreciate your help!