VoodooShield/Cyberlock

BTW, I am sure everyone here would figure this out, but I just wanted to mention something. Upgrading from the public release of 2.22 will work, but if you are upgrading to 2.30 from a beta version, you might have to uninstall VS first. Sorry about that!

 

Hi Dan,

Version 2.30 has been working without any issues - stable, strong and ready to protect the user from threats - in a short conclusion - it's awesome! .

With the same superlatives I can also speak about the new website - a great, modern and pleasing to the eye design makes it very attractive! .

Dan, you deserve a great praise and full respect for all you're doing, and above all, how well you're doing it .


Many thanks!

Mike

 

Hi Dan,
VS 2.30 installed and running very smoothly, no issues so far.
The website looks great.
Thanks for YOUR hard work.

Gordon

 

2.30 ~ over install 2.23m beta with 2.30....
EDIT: just read 2.30 may need clean install.
I still feel a Blacklist has a place with VS
Allow has Whitelist so, Block imo needs a Blacklist

 

2.30 running great.

Needed a clean install on XP when upgrading from 2.22 - no problem with Windows7 64 bit.

Excellent.

 

Awesome Dano!

Daniel

 

Man, who are you Dan, Speedy Gonzales?

Oh, well...v2.23n last just a little while and now v2.30 is just about to be installed. Willadvise back tomorrow as to how basic testingnhas gone.

Regards, Baldrick

 

It looks good and you can see the Quarantine Tab in the release.

Daniel

 

Hey Dan, i'm having problems with VS blocking process explorer with build 2.23n. No matter how many times I allow procexp64.exe it does not get added to the whitelist. It has the same hash each time. It's being spawned in the appdata local temp folder. I have VS configured to prompt user for executable not on the whitelist. I do not have the parent child process feature enabled. I'm using Windows 7X64 Ultimate.

 

I just started using VS with the 2.23n with the Automatically allow all software from the Program Files Folders unticked. It seems to have added most of them so far. I have only tried using the application pinned to my toolbar so far though. I did just have an issue with an application that failed to launch on first try because VS blocked Java in the Program Files Folder. I guess the application uses Java. I need to upgrade now, but I want to do a little more testing with this build first. I saw all the applications you added to the web apps tab. That should be helpful for those that choose to use Smart Mode.

Edit: Also I should mention I have Process Explorer in the Program Files (x86) Folder, and a shortcut of it on my desktop. I'm going to retire for the night. I will check back tomorrow.

 

BUMP

 

I got up this morning to find that VS was prompting me for AppGuard's licqueryapp.exe in the Program Files (x86) Folder. The prompt was missing the sandbox option again. I chose allow, and VS gave me as second prompt for the same file with the Sandbox option. Why did VS fail to give me the Sandbox option the first time? The second prompt was for the same file, but not the same prompt. The first prompt said, "threat not detected in the following file". The second prompt said, "unknown file!". The middle option has been missing from the prompt almost all the time with build 2.23n. Does VS only give the Sandbox when the file is unknown? Regardless, as you can see below I received two different prompts for the same file so there must be a bug.

 

Command Line Strings are used by the OS, third party software, and also by malware. The developer tried to whitelist as many safe command line strings as possible; mostly those used by the OS. It's not possible to know what command line strings will need to be whitelisted for each user since everyone has different software installed on their computers. The command line tab allows the user to manage command line strings they have whitelisted themselves. Since there currently is a limit on the number of command line strings that can be whitelisted by the user the command line tab allows the user to remove older command line strings so new ones can be allowed. Also, maybe the user allowed a command line string they did not mean to allow, and need to remove it. I think this will continue to be a problem. I think the developer needs to remove any limitation on the number of command line strings that can be added by the user.

Edited: 2/26 @10:05

 

Thanks. That what I thought, however, I was surprised when the boxes filled up and I was unable to Block or Allow anything and the program would hang.

 

Silver, I made some edits to my post so you might want to take a look at it again. Sorry, it was hard for me to explain the command line tab for what ever reason. I think changes need to be made with it for one.

 

Dan, I think the Command Lines Tab should be made part of the Snapshot/Log tab. You could add a third button for command line strings at the top of the window between edit snapshot, and clear log. When you think about it the command line strings are part of the whitelist anyway. Also, I don't think there should be any limitation on the number of command line strings the user can whitelist.

 

I agree with Cutting_Edgetech on these points/suggestions. It also makes more sense and would tidy things up nicely.

 

Can VS protect against OEM malware https://www.us-cert.gov/ncas/alerts/TA15-051A

 

No it can't! Once it's removed it will. VS is to be installed on a Clean System.

TH

 

Well, as OEM malware is not known until someone blows the whistle. Install on clean system is wishful thinking. For that matter a clean system sans a checkup through bleeping is wishful thinking. Even bleeping is not an absolute.

 

VS is not an AV it's a Computer Lock so if you install VS on an infected system it can't remove them so...................!

 

any progress on the above

 

Computer Lock
so, you're advising me that OEM malware can bypass VS

 

No if you install VS prior to OEM.

 

At least someone gets it! LOL

TH