VoodooShield/Cyberlock

I'm having an issue updating VS from 2.74 beta to 2.75. "Voodooshield could not download the update. Please try again later" Then the VS icon disappears in the tray after 30 seconds. The Voodooshield process is still running though. Anyone else having any issues?

 

VS 2.75 is running great for me as well!

 

How many PC's can I use the license for that Dan gave wilders members?

 

2.75 working like a boss

 

i just had the same issue. so i did a manual download - still no go - update stalls after shutting down VS. so i rebooted - shut down VS manually & disabled Avast and then it went fine...

also FYI Dan - had a pop-up 'been using VS for 3 weeks... disable "automatically allow...Program Files"' to which i clicked yes, but i noticed this option is still 'selected' - i haven't registered this install so it can not be manually set

otherwise everything looks good

 

question about the Command Line Whitelist - had my first command line block a few days ago, but i had just had a few executables blocked so i clicked on the prompt as i was reading it so i did not see the whole message & command line seemed to be allowed just from clicking on the prompt.

Is this the case - command line blocks are allowed just with a click on the prompt? if that's the case i guess i'll have to read them more carefully!

 

Feature Request:

Need a way to white-list specific command lines.

For example, automatic backup software that uses cmd.exe, regsvr32.exe, etc cannot function with VS - unless disable the interpreter black-list.

This is just one example to the benefit of being able to white-list specific command lines.

Best Regards,

HJLBX

 

If VS prompted the user for the command Lines of vulnerable processes so they could be added to the whitelist instead of blocking them then that would fix that issue.

 

I agree... just like NVT ERP.

Best Regards,

HJLBX

 

Sorry, I made a small edit to my post. You replied really quick. I didn't think anyone would have a chance to even read my post yet lol I only added so they could be added to the whitelist so it was a small edit with the same meaning. Yes, that's how ERP does it, and I thought that was how VS was going to do it.

 

I consistently use apps that call cmd.exe (PeaZip, AOMEI Backupper, etc) ... so I am growing weary of always having to turn VS off in order to use them.

Plus, scheduled backups will not work... so I'm finding I have to make a hard choice between disabling VS for long periods or not backing up files for long periods.

Either way that's bad idea...

Best Regards Cutting_Edgetech

HJLBX

 

Yeah, I would say Dan may be considering changing this limitation. I don't think this would ever work out in a corporate environment.

 

@Cutting_Edgetech

"it" = VS as it currently exists ??

Corporate environment - no way - not with all the different integrated hardware (printers, copiers, scanners, telecommunications, software updates, etc, etc, etc). All those sorts of basic, day-to-day things use cmd.exe to function. VS would break virtually everything... unless Admin white-lists (enables) all the vulnerable processes - which defeats the rationale for having VS in the first place.

Best Regards,

HJLBX

 

I'm not positive what you are asking. I think VS must give the option to whitelist the command line of vulnerable processes in order to fit the needs of all users, especially in a business setting.

 

I just thought of something. I wonder if the user unticks the option to black list the vulnerable process if VS will give the command Line for it then. Has anyone tried this?

 

I meant current version of VS would only work in corporate environment if Admin white-listed some vulnerable processes.

There has to be option for users to selectively white-list commandlines, but keep all vulnerable processes black-listed...

Sorry, not exactly clear in my previous post.

Best Regards,

HJLBX

 

It just enables the process - no commandline prompts...

 

Oh, that will not work out from a security stand point of view. That's not good at all. I hope Dan will change this behavior when he adopts a kernel mode driver.

 

@VoodooShield

I think VS' PeaZip cmd.exe block notification is possibly related to this command line:

cmd.exe /c rmdir "C:\Users\HJLBX\AppData\Local\Temp\peazip-tmp\" /s /q

Best Regards,

HJLBX

 

+1

 

Hi Dan

Hope that you are keeping well?

Not sure if I am missing something here but I generally keep VS set to 'Scan & Allow' yet at some points I switch to 'Disable / Install Mode' and am then prompted after some 10 minutes with whether I want to relock my computer/reenable VS. Now, if I say OK what I find is that VS is re-enabled but in Smart Mode (the default) rather than in the mode that I was in when I switched to 'Disable / Install Mode'.

Should VS not be re-enabled into the mode it was in when VS was temporarily disabled? Or perhaps one could add a selection in the re-enable pop up offerring to re-enable to either Smart Mode, On Mode or Scan & Allow Mode?

It is not a major issue but it is just that in some cases I forget that it does this and therefore forget to switch it back into 'Scan & Allow'.

Just a thought...

Regards, Baldrick

 

thought i'd give 'scan and allow' a try - has been working great - most executables are known so just the odd prompt for the unknown ones

interesting result with updating Chrome - setup.exe is allowed in one location and then blocked in the following location

Blocked - setup.exe - c:\windows\temp\cr_31760.tmp\setup.exe

but it is not automatically 'allowed' and there is no prompt to 'allow' - the update just fails. it's a temp folder so i'd assume whitelisting won't help - it seems Chrome update will just continue to fail with 'scan and allow'?

anyone else see this?

 

This option isn't working, I have it unticked and it's still on top of ALL windows

 

Do any of you have issues with system responsiveness when VS is installed?

 

not that i've noticed - have VS installed on 2 PCs Win7 and Win8.1