I talking of Upgrades, not Updates, also the consistency of problems it causes (with Kaspersky having the best track record this last 3 years on Windows 10).
VoodooShield Latest
- Thread starter vtqhtr413
- Start date
- Mar 29, 2018
- 7,711
Don't forget to let your buddies know if you see any practical difference. I'm not betting on it.
I'm not betting on it either but I'll let you guys know.
Never had an issue with Windows Upgrades because of VS. In fact I just upgraded this W7 machine to W10 ~ 3 months ago.
Yes I do it periodically, usually when it gets around 500 or so.
- Nov 15, 2017
- 1,083
- Mar 29, 2018
- 7,711
Another post from Dan:
"
Hey Guys... so I have been trying to decide on what new features to add to VS. We obviously do not want to add unnecessary features, but here are a couple that I think would be pretty cool, and I wanted to see what you guys thought.
1) Option "Automatically allow new items that pass Windows SmartScreen." From what I understand, there are pretty much no false negatives in SmartScreen since MS is rather conservative about what they allow with SS. Does anyone know more about the efficacy of SS? The reason I ask is because if this is true, we will probably want to have this feature enabled by default, because it would further reduce unnecessary user prompts. I know it sounds strange, but we actually want VS to have a few blocks every now and then. Mainly so the user will become accustomed to the prompts, and also so they know that VS is actually protecting them.
Anyway, if this all works out, we can integrate it into VoodooAi and it would be super cool. It is kind of hard to explain, but it would further reduce the VoodooAi false positives, while increasing its efficacy big time. Also, I think I found a way to make SS work with Windows 7 clients as well, so that would be cool too. If everything goes according to plan, we might even enable the real time scanning engine with this new integration. Although we want to avoid as much as possible competing with the traditional and next-gen products, so we might not ever enable the real time scanner. Our goal is to complement the traditional and next gen products, not to compete with them.
2) At some point we might consider adding some firewall or firewall control functionality to VS. I want to wrap up the SS feature first, but we can start thinking about this as well.
Also, if you guys have any ideas for other new features we should explore, please post on this thread!
Thank you guys!"
"
Hey Guys... so I have been trying to decide on what new features to add to VS. We obviously do not want to add unnecessary features, but here are a couple that I think would be pretty cool, and I wanted to see what you guys thought.
1) Option "Automatically allow new items that pass Windows SmartScreen." From what I understand, there are pretty much no false negatives in SmartScreen since MS is rather conservative about what they allow with SS. Does anyone know more about the efficacy of SS? The reason I ask is because if this is true, we will probably want to have this feature enabled by default, because it would further reduce unnecessary user prompts. I know it sounds strange, but we actually want VS to have a few blocks every now and then. Mainly so the user will become accustomed to the prompts, and also so they know that VS is actually protecting them.
Anyway, if this all works out, we can integrate it into VoodooAi and it would be super cool. It is kind of hard to explain, but it would further reduce the VoodooAi false positives, while increasing its efficacy big time. Also, I think I found a way to make SS work with Windows 7 clients as well, so that would be cool too. If everything goes according to plan, we might even enable the real time scanning engine with this new integration. Although we want to avoid as much as possible competing with the traditional and next-gen products, so we might not ever enable the real time scanner. Our goal is to complement the traditional and next gen products, not to compete with them.
2) At some point we might consider adding some firewall or firewall control functionality to VS. I want to wrap up the SS feature first, but we can start thinking about this as well.
Also, if you guys have any ideas for other new features we should explore, please post on this thread!
Thank you guys!"
- Mar 29, 2018
- 7,711
Here's my reply:
Smartscreen is indeed effective but not for all file types. It is weak against certain extensions. Also, SS functions differently in W8.1 than W10. @Andy Ful is a master of SS and most things Windows, and has created a stand-alone app called RunBySmartscreen which forces SS across Windows. You can read a bit about it here: AndyFul/Run-By-Smartscreen and I would consult with him as well.
Real-time scanning and a firewall? I'm for fine tuning VS
but not anything that would add bloat. But let's see what happens with your ideas as you continue your work. Thanks!
Smartscreen is indeed effective but not for all file types. It is weak against certain extensions. Also, SS functions differently in W8.1 than W10. @Andy Ful is a master of SS and most things Windows, and has created a stand-alone app called RunBySmartscreen which forces SS across Windows. You can read a bit about it here: AndyFul/Run-By-Smartscreen and I would consult with him as well.
Real-time scanning and a firewall? I'm for fine tuning VS
- Mar 29, 2018
- 7,711
Here's VoodooShield 5.01 and a bit more from Dan. There is also more discussion on COU about possibly incorporating Smartscreen, which I won't include here. Enjoy!
"Here is VS 5.01... there are just a couple changes. There was a bug in the script handling and our digital signature was renewed so I included that as well.
www.voodooshield.com/Download/InstallVoodooShield501.exe
SHA-256: 112052a684e151dbefaff2e2818734439430ef7f8ed39378699b34b7f1fca421
BTW, ironically, SS might block this file for the first 10-20 or so people
.
Thank you guys, have a great weekend!!!"
"Here is VS 5.01... there are just a couple changes. There was a bug in the script handling and our digital signature was renewed so I included that as well.
www.voodooshield.com/Download/InstallVoodooShield501.exe
SHA-256: 112052a684e151dbefaff2e2818734439430ef7f8ed39378699b34b7f1fca421
BTW, ironically, SS might block this file for the first 10-20 or so people
Thank you guys, have a great weekend!!!"
- Mar 29, 2018
- 7,711
@Andy Ful - FYI, here's a snippet from Dan re: incorporating Smartscreen into VS. I thought you might know the answer to his question.
"Anyway, if the efficacy is around 99% we would at least want to implement this feature into AutoPilot, and possibly have an option to automatically allow SS safe items for the other modes, especially if the efficacy is closer to 99.99999%. I just started thinking about this feature a week or so ago, so I am not sure exactly what the final implementation will look like... which is why I am asking for your guys thoughts and opinions.
If anyone knows if SS's efficacy is 99% or closer to 99.99999%, please let me know!"
"Anyway, if the efficacy is around 99% we would at least want to implement this feature into AutoPilot, and possibly have an option to automatically allow SS safe items for the other modes, especially if the efficacy is closer to 99.99999%. I just started thinking about this feature a week or so ago, so I am not sure exactly what the final implementation will look like... which is why I am asking for your guys thoughts and opinions.
If anyone knows if SS's efficacy is 99% or closer to 99.99999%, please let me know!"
- Dec 23, 2014
- 8,605
I do not know the test which properly measured the efficacy of SS.
SS supports only some file types: BAT, CMD, COM, CPL, DLL, EXE, JSE, MSI, OCX, PIF, SCR, and VBE. So, the efficacy can be measured only for these files.
Any good AV signatures + forced SS are better than the best AV.
Forced SS alone is better than the best AV for never-seen or 0-day malware, and probably better than average AV, for widespread and prevalent malware.
SS may allow some Adware or PUPs if they are legally bundled with the popular applications.
Windows native implementation of SS is not the forced SS, so its efficacy can depend on the way the file was downloaded to hard disk.
In my opinion, If VoodooShield works alongside the standard AV based on signatures, then forced SS is a very good idea.
Dan is wrong when thinking that Windows native SS could block the VoodooShield update. Any update made by VoodooShield does not attach MOTW. So, it will be ignored by SS. But, blocking updates is possible with forced SS.
Anyway, SS has acceptable amount of false positives only for application installers. The application executables (after installation) does not have MOTW attached and SS normally ignores them. With forced real-time SS they will be often just false positives. So, forced real-time SS should allow by default the files in Windows and Program Files folders (and maybe some others too).
Last edited:
- Jan 29, 2017
- 1,201
I may be out of context, but that is exactly what happened with the VS v5.01 update.
- Dec 23, 2014
- 8,605
It is not out of content if the update was made by VS and was blocked by SmartScreen.
Was this update made by downloading/executing by the user an updater or by VS itself?
Blocking the first is a common scenario if the updater does not have the EV certificate. Blocking the second should not happen.
- Mar 29, 2018
- 7,711
The block was for the downloaded & executed update and the certificate is very new, so even Dan warned the first number of installs would receive the SS block. I got it myself and felt this was exactly how Smartscreen should work.
This is what most Windows users, even some on this forum, do not understand.
Frankly, I'm not sold on the idea of incorporating SS into VS. I prefer to use the stand alone application. Dan has just recently started considering this idea and that's all that it is at the moment.
- Dec 23, 2014
- 8,605
Forced SS can be easily introduced to VS as on-demand feature for making installations (like in Hard_Configurator). I think that this would be a very good idea.
- Mar 29, 2018
- 7,711
Forced SS can be easily introduced to VS as on-demand feature for making installations (like in Hard_Configurator). I think that this would be a very good idea.
Yes, if he can introduce forced smartscreen as you have done then I am all for it.
- Jan 29, 2017
- 1,201
As @oldschool mentioned, I downloaded the update from the VS site. and then executed it. SmartScreen popped, and I chose to pass on the update. The last thing I need to do is to install compromised security software. Since insufficient into existed to determine an FP, I went the conservative route.
@Telos VS stable is still 5.00 ( where i got no Smart Screen warning). When you mean VS 5.01 that's a beta (that only a handfull of people are using) so Smart Screen warnings are expected (since it got only a few executions>>SS finds it suspious).
Last edited:
- Mar 29, 2018
- 7,711
No, my friend. 5.01 is stable as well. It has a renewed signature and a bug fix. Just make sure you exit out of 5.0 before you run 5.01.exe. That should avoid any error messages. If you get a SS warning it's because only a few have downloaded/installed the version with the new signature. It does not mean it is suspicious. Enjoy!
Edit: see post #306 above.
Beta doesn't mean it unstable (like the very stable sandboxie betas). What I meant is that it's not the version that you can download from the VS homepage when you just click "download" (https://voodooshield.com/Download/InstallVoodooShield.exe >>still 5.0.0 for me). So few downloads> SS warning. Not telling it's dangerous or not legit.
- Mar 29, 2018
- 7,711
I doubt if you can download from the site yet as there's usually a lag time. The version via Calendar of Updates that Dan posted is where I and others got it. It doesn't matter if you get the SS warning. Just click "More info" and then "Run anyway" if you get it. This has happened with some of @Andy Ful's new versions of his apps. Either get it there or wait for it at the website.
- Jan 29, 2017
- 1,201
Nope. Even stopped the VS service. Redownloaded 5.01 and no change. SmartScreen does not like 5.01.
- Mar 29, 2018
- 7,711
I had a couple of error messages but it installed anyway. I guess every pc is different. Who knows?
Similar threads
- Question
