Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.
thanks for the info.
I tried to open Indexing Options (windows 10) and VS flashed and blocked it. But I could not find the block in logs. The only way I could solve the problem was by putting VS in training mode.
And that is still the only way I can get VS to stop blocking command lines from my HP inkjet printer.
I thought I saw this posted a while ago, but I can't find it. Is the license that Dan provides to Wilder's members allow you to install VS on only one machine?
Nope. I think it is up to 10.
It can be installed on 10 devices
Thank you both.
I just ran into this today as well
Yesterday I was working on my home PC and at 00.00 I got the "Friday nag screen" from VS.
That's not a problem if it helps to keep VS free, but I was a bit disappointed to discover that the nag screen doesn't come up only once every Friday, but it keeps coming up at every reboot
My computer name on the VS Register window is out of date. I changed it in Windows a few weeks ago, but VS shows the previous computer name. I hope that this does not cause any problems with future subscriptions to VS. Currently I use a license given to me by Dan and it's with that one that I have registered VS.
Hey guys, I am truly sorry I have been away so long… Alex and I are getting very, very close.
I was not going to initially include the new rules / policy wizard right away, but there have been a few last minute things with the web management console that I had to wait on.
So anyway, here is a quick demo of the new rules wizard / builder. It is deceptively simple… but you can build extremely complex rules with it. I am really excited to see what rules you guys create… and in a month or so, we will probably add 5-10 hard coded rules to VS, depending on how everything goes and what everyone comes up with.
The reason I am posting this now is because I would like for you guys to take a look at it and let me know what changes you think I should make.
This is a very rough demo, but this code will actually end up merging with VS, so if you see any bugs, please let me know . If there are any bugs, they will be simple things like spelling or whatever… this is just a very benign demo.
BTW… besides being an anti-executable, like AV software, VS also already has a lot of rules built in that I have written over the years, but this will make everything SOOO much easier. It will be really cool… everyone can pretty much design their own AV .
Anyway, I am in a huge rush, but we really are getting close… I am shooting for next weekend to release VS 3.60... although, that might be a little optimistic . But once VS 3.60 is finished, things will go back to normal... I will actually be looking for things to do .
Have a great weekend, thank you guys!
Ooops, I forgot to mention... you have to run the RulesWizardDemo at 100% screen resolution scale... not 125 or 150. I will fix this later, sorry about that .
And also... I did not build out the Script option too much. We need to figure out if we should even include scripts in this or not... I am pretty sure we need to. But I just did not want to add all of the script types if we were not going to include them later.
Just tried to run the RulesWizardDemo.exe, and got this:
I didn't think I needed this, since VS itself runs OK... I am using a Surface Book running Windows 10 Pro, which I would have expected to be up to date, anyhow.
Skipped the installation for now.
Sorry about that... there are now 2 versions, one .net 3.5 and one .net 4.5. If one does not work, the other certainly will .
Please keep in mind... this is just a demo of the new rules wizard. It is not an installer, it is a portable file.
The only reason I am posting this now is to get your feedback on what I should add or change.
As I was saying... it is deceptively simple, but you can create seriously complex rules, very easily. It took a long time to make it appear that simple, and actually, I think we can make it even better.
Anyway, please try it when you get a chance and let me know what things we should change or add. Thank you!
Here is a little irony to make your weekend a little better... I know it will mine .
I scanned the Rules Wizard demo (simply because I scan everything)... and the results were optimal. For us that is .
I forgot to mention... the scaling problem is fix too, so everyone can try it .
Unable to complete the process with 45.exe.
When I click Save nothing happen.
Hmmm, very odd, it is working on several computers for me.
Wait for it .
Stuck here for the past 10 minutes.
No worries Dan. Not quite sure I fully understand the rules, how changing this or that may be better for me anyway.
Hehehe, its working correctly . This is just a demo .
A lot of people on security forums like to make their own custom rule sets, and a lot of times they come up with some really cool stuff. I always found it amusing that people would post text versions of their rules, but did not realize that VS had a gui version of that with our Custom Folders feature .
But this it a totally different story. We can easily (and very quickly) create extremely complex rules / policies that will not only still block all of the bad stuff... it will auto allow the good stuff.
So then the people who are into creating custom policies and rule sets... we can set that as an option in VS. Like "Use CET's settings"... hehehe, since he LOVES this kind of stuff.
This new feature is basically like "Super AutoPilot for VS". I mean, I created basic rules for AutoPilot in VS, and I am certainly to careful when it comes to the hardwired rules... but I do that on purpose. I mean, most security software would not dare have a false positive, even if it means that there is a chance for a bypass.
My point is... you set someone like CET or WBD on this... and they will create rules that will end malware .
btw, I thought of a new one to add: command line of parent process
we do not want to add to much and make it complex, but we do want to cover everything.
Dan, how are we travelling on per-user settings for v360? I'd love to leave VS on AutoPilot for the other family members and Always On for Admin, but I need to see what's happening (Smart Mode or Training) on my screen. As things are now, I have to use AutoPilot all the time in case I forget to switch it over for other users. So I have no real idea of what's happening that I should know about.
Nice and clean looking UI , very impressive Dan.
Thanks Dan, I can't wait for the new version.
My feedback after reviewing the demo is that in the blacklist section I should be able to choose what (VT) engines I want to take into account for the calculations, this would be perfect to remove from the equation unreliable, high FP's engines and products with the same engine (e.g. BD based products) in order to minimize the uncertainty of the detections. Do you agree? This is a request that I have been doing for months or years
In addition maybe it would be more visual that the slider would indicate the % of AV's as well in addition of the nº of AV's.
Also the ability to see without going to the browser which products gave a positive detection, like a summary in a different popup or on mouse over but still in VS interface.
In the whitelist I would like to have 2 additional columns one to show the result of the blacklist scan and another for the date of that blacklist scan in VT
On the other hand other tools in an additional step (optional one) could be included in the equation, I'm talking about tools like:
Separate names with a comma.