- May 31, 2017
- 1,695
Thank you for the suggestion... we probably will in the near future.
VoodooShield CyberLock 7.0
- Thread starter danb
- Start date
cartaphilus
Level 5
- Mar 17, 2023
- 202
How do I add rules to the command lines tab? I don't see an option to add (see picture)
I also created rules to whitelist the folder but it's not working.
Attachments
- May 31, 2017
- 1,695
If you right click on the Command Line tab grid, there will be a menu with an option to Add a command line. I just test this feature and it does not seem to be working... I think we added the feature then never finished the code behind it, simply because almost no one would ever use this feature. The other right click options should be working though.
The Rules feature is not able to add or edit command lines because this is all performed on the Command Lines tab. Thank you!
@danb I can't remember I ever had a prompt (with block/allow) for ejecting a bitlocker protected usbdrive.
I clicked "block" and report false positive for giggles but wanted to let you know.
I clicked "block" and report false positive for giggles but wanted to let you know.
- May 31, 2017
- 1,695
Interesting, thank you for letting me know! It must be different from the standard one. If you get a chance, can you please send me the entry in the DeveloperLog.log for this block? Especially the command line? Or just send me your DeveloperLog.log? Thank you!
Does Turning OFF these settings provide stronger security?
- Mar 29, 2018
- 7,142
Yes, but it'll be very annoying.
[Feature Request] Add an option to remove missing or deleted fiiles from the Whitelist Snapshot.
cartaphilus
Level 5
- Mar 17, 2023
- 202
@danb I added the rules to cmd tab for Harmony AV but it's not showing up in the list of rules. When I attempt to add again it states that the rule exists. However the cmd line alert still pops up each time Harmony phones home so the rules don't work.
- May 31, 2017
- 1,695
@oldschool is correct, it would be annoying. And it really is not going to make the system much more secure at all, simply because of the way the anti-exploit, vulnerable process and anti-malware contextual engine features work. You can disable the auto deactivation if you want, especially after VS has been running on the system for a week or so, this might make the system slightly more secure. Thank you!
- May 31, 2017
- 1,695
This is already part of the snapshot scan
. The first thing the snapshot scan does is cleanup the whitelist, which includes removing any entry where the file no longer exists. But great suggestion though, thank you!
- May 31, 2017
- 1,695
Yeah, I was having the same issue when trying to add a command line from scratch. I will take a look at this the next day or so and hopefully have a fix soon, thank you!
- May 31, 2017
- 1,695
Here is an example. Say you have two different softwares from the same vendor, both signed with the same signature. One software you had installed a week earlier, and now you want to install a different software from that vendor as well, because you like their software. Well, VS will auto allow the file because there already exists an item in the whitelist that matches that vendor. There are other checks in place, and it is a little more complicated than that, but that is the general idea.
AutoPilot kinda does some similar stuff as well, obviously with checks in place. Thank you!
- May 31, 2017
- 1,695
I isolated the issue and it was an easy fix. Hopefully we are both on the same page and talking about the Command Lines tab in VoodooShield / CyberLock Settings... if not please let me know.
Either way, the Right Click - Add Command Line feature should now be working, please let me know if there are any other issues you encounter.
CyberLock 7.45
SHA-256: 8b782f63d5a74a7c6dced9884e0a8681c1cff3c55f77815141c1d44d22e6d78d
There were only a couple of other slight changes, so most users do not need to upgrade to 7.45 yet, but when you do, you can just install over the top. Thank you!
- Apr 16, 2017
- 2,073
...& if the issue is some interaction with enterprise Harmony endpoint, to the extent that DeepInstinct works like Harmony (endpoint to cloud management), the suspicion was VS was blocking communication between Di endpoint and cloud but we could not find it in either app logs, and both had mutual exclusions for each other. I ended up disabling VS on win10 with Di.
- May 31, 2017
- 1,695
Maybe you could run VS in Training mode for a little while... it will whitelist anything that would normally be blocked.
cartaphilus
Level 5
- Mar 17, 2023
- 202
We are. Ok I will test it out once I knock my toddler out... Errr I mean put him to bed.
cartaphilus
Level 5
- Mar 17, 2023
- 202
I also have deep instinct but the PC I have it on doesn't have VS since I don't have a 4th lic.
- Apr 16, 2017
- 2,073
ok will do (I may have done that but will try again with 7.45)...
Similar threads
