Let the Guide be of some worth -Could you please compare the Smart Mode with Always ON Mode ?
What's the main differences ?
Understand from the extract above - how and when it updates its whitelist and acts. ON/OFF has much to do with building & using the whitelist of files encountered.Smart / Default (VoodooShield will toggle between ON and OFF): Smart mode will toggle VoodooShield between ON and OFF, depending on if the computer is at risk of infection or not, which is mainly determined by whether a web app is running or not. Web apps such as Internet Explorer, Outlook and Firefox all expose the computer to significant risk while they are running, so when a web app is launched, VoodooShield automatically toggles to ON to lock the computer, and anything that was previously whitelisted is allowed, but all new non-whitelisted executable code is blocked. Likewise, if no web apps are running, there is no reason to lock the computer, so VoodooShield automatically toggles to OFF so that it can automatically and safely build the whitelist while the computer is not at risk. VoodooShield’s proprietary toggling severely limits the quantity of dangerous affirmative user prompts that the user is required to respond to.
Always ON (VoodooShield will remain ON): Always ON mode is typically used after a few days or weeks, once the whitelist is sufficiently built so that VoodooShield knows what to block and what to allow. Although a lot of users prefer to run VoodooShield in AutoPilot or Smart mode full time.
That's why I used the word "new"
Will it show that whether it is a Virus or not?
Basically, default denying of executed files is ON for both network conditions, further dependent on your mode: Autopilot, Always ON, Smart Mode.
- Default blocking of all files/command lines including exploit attempts (lockdown based on settings): online + offline
- VoodooAI threat score: online only
- Blacklist scan (multi-engine): online only
- Sandbox (local): online + offline
- Sandbox (Cuckoo): online only
Depends on the threat score and multi-engine scan, though it does not mention a file as "virus" specifically (and that is logical for the purpose of the program).Will it show that whether it is a Virus or not?
Offline?Depends on the threat score and multi-engine scan, though it does not mention a file as "virus" specifically (and that is logical for the purpose of the program).
VDS is not built specifically to detect only viruses. It is an anti-exe solution that also provides threat score (VoodooAI) for a file + multi-engine malware scan.
If a virus is encountered (and the malware launch location/attack vector is covered as per the settings), it will be blocked like any other file, the multi AV-engines are very likely to detect it as virus & the VoodooAI should also display a high threat score.
In regular cases, most important sources of virus(what you call them) are covered and an intuitive alert should follow like:
View attachment 155538
Basically, it will block virus just like any other file and show threat score, multi-engine detections that will help you to know that the file is malicious (eg. a virus).
As I mentioned in post #2, VoodooAI and Multi-engine scan (Virustotal) both need an internet connection. However, default blocking of files occurs irrespective of the network status.Offline?
Thanks!As I mentioned in post #2, VoodooAI and Multi-engine scan (Virustotal) both need an internet connection. However, default blocking of files occurs irrespective of the network status.
VDS is not an AV, neither it has any malware definitions. The concept is entirely different. It's for the users who want to block any files from running, by default, and also have a whitelist that gets updated as needed.
For convenience and for getting an insight on the file's nature, VoodooAI + Multiengine results + sandbox are provided so that you can be sure whether to allow or block the file(s) or commandlines that VDS encounters on your system.