VoodooShield/Cyberlock

+ 3

 

Reminder: VS thread

 

I have been testing the recent Process Lasso version 9.0 betas, on my Surface Book [No longer for XP]. They have been coming through thick and fast.

However, VS popped an alert, which I wanted to allow, but I wasn't fast enough in allowing. So, Process Lasso shutdown. I restarted the application, and second time around, it was updated. So, all was good in the end.

Spoiler: screenshots

 

Same here, had the "could be related to Cryptoguard" warning, set your message timeout higher.
I set mine for 99sec, I figure after that long if I cant get there I deserve to go digging

 

Hi CyberGhost,

I am not sure what you mean with the warning, "could be related to Cryptoguard", together with Process Lasso. I think I have my set for 20sec which is long enough.

 

I've disabled the 20 second countdown timer so I can see if something is blocked while I'm away from my machine.

 

I had to start Lasso 9.177.A manually after the update, VS blocked it, and it appears HMP.A did too.
This being a VS thread I stuck to the VS related issue though.
@Krusty
Yeah I should do the same

 

Ok...I haven't tried HMP.A on the Surface Book. I think it would be overreach, considering the security I already have running on it.

 

HMP.A is a great piece of software too, if I recall right they can detect hooks used by formgabbers implemented by malware such as Zeus to compromise the browser.

I don't know of any AV which does this in real-time, Avast have GMER which they bought but it isn't real-time scanning for hooks in their products.

 

HMP.A is great software, and I still have it running on my desktop XP system, in one of my snapshots. But, it hasn't updated for awhile, at least on my system.

 

I know why VS popped an alert. See - Advisory: CryptoPrevent may interfere with updates - https://bitsum.com/product-update/advisory-cryptoprevent-may-interfere-with-updates/ At least, I think that is the reason.

 

+1

I used to run CP, but with VS it isn't necessary, it's redundant. At least the earlier versions used "simple" permissions tech to lock up %appdata% locations, so any app at all that wanted to use those was disallowed. And it's surprising how many legit apps want to use local\temp for instals/updates, eg: EditPad, an otherwise excellent text editor. I wasn't prepared to make dozens of exceptions to the rule, so EditPad had to go And now CP is gone too.

CP technology did work well, but Very Simply, VS is a better solution than CP.

 

I believe it was a component of Kaspersky Internet Security that was causing the issue. It's an extension that was added during installation of Kaspersky, but I cannot actually disable it. Every time I disable it it turns itself on after the next Firefox restart.

It's probably academic now, as I have decided to start using Opera as my main browser. At the same time, I decided to replace Kaspersky with Bitdefender, because Kasperky does not support Opera in the same way as it does for Firefox and Chrome.

 

Hi Tarnak

Hope that you are well? I have also come across the CryptoPrevent may interfere with updates...happened once but since then no further issues. Strange thing is that I only installed CP as a trial for a couple of hours & then rolled back to a pre-install image...so not sure as to why CP shut be in the frame...unless itis because I still have the installer sat on disk somewhere.

Anyway...as I said...happened once...got over it and it has not happened again.

Regards, Baldrick

 

Dan,

If I am correct, VAi Standalone version is going to be there...

You know I like VAi & would love to use VAiS...

Any ETA...?

Thank You
Regards

 

Nope, tried putting VS in training mode and exploit warning still appears when printing from within 'Firefox' in Smart and Autopilot mode. The Epson file is reported by VS Ai as digitally valid but not verified by Epson.

Anyone else had this issue?

 

I don't know why I got that VS alert when I tried updating Process Lasso in post #14583 - https://www.wilderssecurity.com/threads/voodooshield.313706/page-584#post-2655554 , because I don't run CryptoPrevent. Never have! I was only referencing a topic I found on the Bitsum website, in relation to PL updates possibly failing to install.

 

I had a similar issue which persists even after a clean install of VS. The solution might be to use the "Custom Folders" option

https://www.wilderssecurity.com/threads/voodooshield.313706/page-556#post-2645065

Unfortunately it's a question of whitelisting the entire folder rather than a particular file.

I eventually decided not to whitelist the folder and instead add the file to the whitelist using whitlist editor.

However those whitelist settings only work temporarily. If browser is closed and relaunched the whitelist setting is not obeyed.





I get the same result with Traing Mode or AutoPilot Mode. It makes no difference. The whitelist is only obeyed until the next browsing session.

 

Hi Baldrick,

I am well, and hope you are as well.

However, you have misunderstood the reference to CryptoPrevent. I have never run CP on either my XP desktop, or Surface Book.

I was pointing out in post #14583 - https://www.wilderssecurity.com/threads/voodooshield.313706/page-584#post-2655554 ,
that a component of the Process Lasso installer had been blocked by VS I am getting beta updates frequently, for Process Lasso, and it was the first time I had gotten that alert from VS.

 

Yes, I know

I installed VS and it is now back.

 

Is the fact that VS does not remember these 'Allow' actions between browser sessions a bug in VS then? Can Dan please advise if this is the case and if so can it be fixed.

 

No, it's no bug, at least for Tarnak and myself, these are Alpha versions of v9 so
this is going to happen, if you weren't referring to Tarnak then please disregard

 

I agree this is not a Whitelisted path: c:\portable apps or c:\users unless you allow under Custom Folders.

 

I don't think we are talking about the same issue. My problem is VS is not remembering my 'Allow' selection to a possible exploit warning when going into my Epson printer settings during different Firefox browser sessions.