I can confirm expanded user log,clear user log and try to 'X' out and can't.Have to use same method to kill VS and restart.
Last edited:
VoodooShield discussion
- Thread starter Evjl's Rain
- Start date
- Status
- Apr 16, 2017
- 2,617
I'm having repeated registrations whenever I reboot or even logout as user and login again with v4.09beta. Did not see this with earlier betas. How'd you fix it? Or is there a new version I missed? Thanks!
- May 31, 2017
- 1,720
Cool, thank you guys for posting these bugs... it looks like I have my work cut out for me over the next couple of days. I was hoping to be able to release 4.10 by tomorrow... but now it is not looking like it might be a couple of days from now.
I am actually done with the "banter"... I am not a fan of conflict. But at the same time, it is not cool when people knowingly post info that is simply not true. Like when someone says something like "Artificial Intelligence does not yet exist". This is simply not true... ask any data scientist that is going to work to tomorrow to work on their Ai project, they will tell you. Now, if someone says "Artificial General Intelligence does not yet exist", then I would agree 100% with that statement, and know that they researched the topic enough to make a valid point. We are all here to learn, and no one has all the answers, but I believe it is important for people to research the topic, perform the tests, stick to the main point of the discussion, and do their best to discover and convey the truth.
- May 31, 2017
- 1,720
I am going to go through all of the posts again and see if I can figure out what is causing this. If you guys have an idea, please let me know! I use the exact same software and registration method you guys use on all of my computers, and I have not had this issue once since the beta test started. But once we figure out what is causing this issue, it should be a very easy fix... sorry it is taking so long to narrow it down. Thank you!
- Apr 16, 2017
- 2,617
+1
& with cf@cruelsister I'm very rarely seeing a prompt. Someone unknown just emailed me a suspect file. it scanned clean at VT, but I was still suspicious, so I tried a VS scan to run it in cuckoo, and gee VS crashed on this file! BUT ran the same file aok in cf container to see what it was, and then I wiped it. I did what I know is "bad behaviour" (download and open a suspect email attachment) but sometimes I want to "play"
- Apr 16, 2017
- 2,617
- Jul 1, 2017
- 1,396
I see the prompt to choose what mode Voodoshield is supposed to run every time I log in with 4.09b. That being said I rarely log in. I put my computer to sleep. But it does get a lil inconvenient when you are switching users. Why not remember my last setting?
- Apr 16, 2017
- 2,617
I dumped ccleaner but running Privacy Eraser Pro (suggested by _cyberGhost_ ) You think perhaps it's erasing the vs registration?
- Apr 16, 2017
- 2,617
- Jul 3, 2015
- 8,153
+1
Also, it did not actually show full screen, it was still minimized.
- Aug 30, 2017
- 101
Come to think of it... I clean installed 4.09, but didn't realise there was stuff in AppData that should have been cleaned out from 3.59, and set 4.09 to All Users. Then I found apps slow to start, and small hangs on shut down, hunting for clues on this I found ZAM and M B A M services running when both had been set to Free (on demand). Uninstall 4.09, disable auto-start for the malware services and ZAM.exe, then clean out Program Data and reinstall 4.09. And change it to All Users. Also I never checked through the Registry
So it it is entirely possible that VS could have found a threat count from somewhere.
And I now know that neither ZAM nor M B A M were interfering with app start times. It was indeed a long shot, but OTOH...
- May 31, 2017
- 1,720
I wanted to mention (from wilders)… if someone is reinstalling Windows, it is always a good idea to install all of your drivers and programs first, then install VS. This is true with all deny-by-default products.
Basically, when you are moving into a new house, you do not unlock the door, bring the couch in, lock the door, put the couch where it goes, then unlock the door and then lock the door, then go to the truck to get the beer fridge, then unlock the door, then lock the door, then bring in the beer fridge, then lock the door, then put the beer fridges where it goes.
The best thing to do is to keep the door unlocked, bring in the couch and the beer fridge, then lock the door and grab a cold one. And also, you do not need to lock the door all of the time… just lock it when it is necessary. Otherwise, it can be a real PITA.
This will also reduce the number of VoodooAi FP’s significantly. See, a lot of executables will spawn another executable from appdata. The problem is that none of these spawned executables have been added to our training data sets. And keep in mind, a lot of these executables, for example, are not signed and have other features that are not consistent with everyday executables… the kind that are included in our training data sets.
Our models and VoodooAi code (all 3000 lines of it) are in top notch shape… and we are only using around 100,000 - 150,000 samples in our training data sets. Hopefully soon I will be able to add a lot more safe and unsafe samples to our training data sets, and the results will be even better than they are now.
See, I actually wrote an app that displays the latest VoodooAi analysis in real time, so I know how well it is doing for the 99% of all common, everyday samples. It is doing remarkable, and it is only going to improve as we go. Keep in mind, we will ALWAYS want our models to be on the aggressive side. Simply because VS is a deny-by-default app, and if the computer is locked, the file is going to be blocked anyway. Providing file insight is key, even if it is slightly aggressive... it is much better than blocking a file and telling the user they are on their own to figure out if they should allow the file or not.
VoodooAi, and Ai in general, will never be perfect. But then again, do humans make the correct decision 95-99% of the time? (95-99% is the typical Ai efficacy) Not even close… I know I do not. It would actually be quite easy to make a compelling argument that when it comes to decision making, Ai already has the clear advantage over human decision making.
Basically, when you are moving into a new house, you do not unlock the door, bring the couch in, lock the door, put the couch where it goes, then unlock the door and then lock the door, then go to the truck to get the beer fridge, then unlock the door, then lock the door, then bring in the beer fridge, then lock the door, then put the beer fridges where it goes.
The best thing to do is to keep the door unlocked, bring in the couch and the beer fridge, then lock the door and grab a cold one. And also, you do not need to lock the door all of the time… just lock it when it is necessary. Otherwise, it can be a real PITA.
This will also reduce the number of VoodooAi FP’s significantly. See, a lot of executables will spawn another executable from appdata. The problem is that none of these spawned executables have been added to our training data sets. And keep in mind, a lot of these executables, for example, are not signed and have other features that are not consistent with everyday executables… the kind that are included in our training data sets.
Our models and VoodooAi code (all 3000 lines of it) are in top notch shape… and we are only using around 100,000 - 150,000 samples in our training data sets. Hopefully soon I will be able to add a lot more safe and unsafe samples to our training data sets, and the results will be even better than they are now.
See, I actually wrote an app that displays the latest VoodooAi analysis in real time, so I know how well it is doing for the 99% of all common, everyday samples. It is doing remarkable, and it is only going to improve as we go. Keep in mind, we will ALWAYS want our models to be on the aggressive side. Simply because VS is a deny-by-default app, and if the computer is locked, the file is going to be blocked anyway. Providing file insight is key, even if it is slightly aggressive... it is much better than blocking a file and telling the user they are on their own to figure out if they should allow the file or not.
VoodooAi, and Ai in general, will never be perfect. But then again, do humans make the correct decision 95-99% of the time? (95-99% is the typical Ai efficacy) Not even close… I know I do not. It would actually be quite easy to make a compelling argument that when it comes to decision making, Ai already has the clear advantage over human decision making.
- May 31, 2017
- 1,720
FYI, the other reason you might be seeing a few more VoodooAi FP's is because a while back, a few people were asking if VoodooAi scanned all child processes of whitelisted items... because they were (rightfully) concerned about packed installers, etc. So I made some changes in VS 4.0 and tightened the scanning. The end result is that there are more FP's. Another side effect is that if someone disables "Automatically allow Program Files", these files will be scanned as well. All of this can be easily changed, and the key is to find the correct balance between security and usability. With VS, we essentially use a "lock-down" approach... basically start by locking the computer down, then slowly refine the logic until it is secure and usable.
I promise, there is a reason for everything. It would just take me way too long to explain each reason.
I promise, there is a reason for everything
. It would just take me way too long to explain each reason.It would be nice if the new version got some "clean up white-list-rules button" that deletes rules for programs that are no longer on the pc (like Spyshelter). I like the idea that i don't have to look which of the five browser whitelisted exes is the one that's still existent and the old entry's doesn't fill the white list useless.
Got no time for betatesting so if the version got that feature don't hate me
Got no time for betatesting so if the version got that feature don't hate me
- May 31, 2017
- 1,720
Hehehe, I completely understand if people do not want to run the betaIt would be nice if the new version got some "clean up white-list-rules button" that deletes rules for programs that are no longer on the pc (like Spyshelter). I like the idea that i don't have to look which of the five browser whitelisted exes is the one that's still existent and the old entry's doesn't fill the white list useless.
Got no time for betatesting so if the version got that feature don't hate me
. I only ask if they do want to be part of the beta test, to fully understand that it is a beta, and there are going to be bugs... especially considering the massive changes in VS 4.0, and to take this into consideration when posting about the VoodooShield. Your comments are going to be around for a very long time.
With that out of the way... yeah, I included this feature in the initial release of VS 4.0, and it has been silently doing its thing. Basically, after VS loads, it automatically scans the items on the whitelist to see if they exist or not, and if they do not, it removes them from the whitelist.
Thank you... if you think of any other cool features we should add, please post them!
So happy to hear that. Can't wait to see the final version of VS. Thanks for your kind answer
- Jan 29, 2017
- 1,201
That's your call. Yes, there are bugs, but they aren't the kind that would cripple your machine and require an OS reinstall. FWIW, I run v4 on a production machine... not something I would so with many security-related betas.
- Jul 5, 2016
- 416
For the having to reregister, I think others are using some program other then CCleaner. Also it appears some of the posts pertain to people that have set passwords. Neither of which I have done. I would sugest these users reset their install to default to see if anything changes. Then go back to undefault settings and notice anything out of the ordinary. Then post whatever changes they made from default.
- Jul 3, 2015
- 8,153
About automatically deleting non-existent items: The majority of the time, it is a great idea. But if you are like me, then you have some software that spawns a couple processes in a temp folder in appdata, while it is doing its job, and then it deletes them immediately afterwards. So VS alerts me about it next time, even though I already whitelisted it.Hehehe, I completely understand if people do not want to run the beta
I only ask if they do want to be part of the beta test, to fully understand that it is a beta, and there are going to be bugs... especially considering the massive changes in VS 4.0, and to take this into consideration when posting about the VoodooShield. Your comments are going to be around for a very long time.
With that out of the way... yeah, I included this feature in the initial release of VS 4.0, and it has been silently doing its thing. Basically, after VS loads, it automatically scans the items on the whitelist to see if they exist or not, and if they do not, it removes them from the whitelist.
Thank you... if you think of any other cool features we should add, please post them!
What can we do about this?
- May 31, 2017
- 1,720
Thank you boredog... I am hoping this will help get to the bottom of this issue.
- Status
Similar threads
