@danb, It would be great to have a countdown timer option for WLC alerts, like VS.
VoodooShield CyberLock 7.0
- Thread starter danb
- Start date
- Jun 4, 2016
- 136
I joined you today by buying a subscription.I know about the application but I think I am very weak in using it.I don't know what I changed in the application but at the first startup the mouse and keyboard never started.the power comes on and then turns off.I somehow saved the system with a restore.I don't know what is the reason for this mouse and keyboard failure.what do you think I should turn off.
when i plug it into different usb ports the result is the same.power comes on and starts and then the power is cut off from the usb.
when i plug it into different usb ports the result is the same.power comes on and starts and then the power is cut off from the usb.
It would help to know your system and other security products and settings to determine. I would start by making a post in the thread below.
PC Setup Configuration Help & Showcase
Share your PC security set-up with the community.
malwaretips.com
- Jun 4, 2016
- 136
my bad.i got this error after i installed cyberlock.i installed a few more apps.when i rebooted the mouse and keyboard were not working.i question what to do about it
Posting your configuration as I mentioned would help, either way the developer will need more information to help.
-what all apps did you download during that time before reboot.
-what version of OS are you on.
-what changes did you make in the app?
- May 31, 2017
- 1,719
Thank you, I added this in 7.61!
- May 31, 2017
- 1,719
Hmmm, something seems odd. Can you please send me your C:\ProgramData\CyberLock\DeveloperLog.log to support at cyberlock.global? Thank you!
- May 31, 2017
- 1,719
Hey Guys,
Here is the latest 7.61. I added the countdown timer for mini prompts like rhythm suggested, (thank you rhythm!). There were several prompts where it did not make sense to include the countdown timer, but I included it wherever it made sense, I think you guys will understand what I mean once you see.
There were several other small changes and tweaks, so if you find anything that does not seem quite right, please let me know.
We still have not released 7.60 to the public, but assuming everything goes well with this version, we will be releasing it soon.
CyberLock 7.61
SHA-256: ac8f7acf1246a350b3dd5f3ccbe95f411b308a06ce7a886b0d01e5923f0aa234
Have a great weekend!
Thank you guys!
Here is the latest 7.61. I added the countdown timer for mini prompts like rhythm suggested, (thank you rhythm!). There were several prompts where it did not make sense to include the countdown timer, but I included it wherever it made sense, I think you guys will understand what I mean once you see.
There were several other small changes and tweaks, so if you find anything that does not seem quite right, please let me know.
We still have not released 7.60 to the public, but assuming everything goes well with this version, we will be releasing it soon.
CyberLock 7.61
SHA-256: ac8f7acf1246a350b3dd5f3ccbe95f411b308a06ce7a886b0d01e5923f0aa234
Have a great weekend!
Thank you guys!
- Jun 4, 2016
- 136
ok ok problem solved. this is about the Dsx steam app I just tried.it has nothing to do with the app, it's an error with the drivers installed for the app.sorry about that.
- Apr 16, 2017
- 2,604
now installed 7.61 thanks.
@danb I had an odd block yesterday with 7.60
IIRC I opened Edge (win10_vm) and I got a CL block popup that it blocked "something" I was trying to run, block or allow... (paraphrase) I tracked it down to
mpcmdrun.exe and it looked like parent was svchost, and looks like this exe is part of windows defender, although AV on this VM is Norton, but know Defender does some things in background.
It might be helpful if these block popups listed the app or exe that it was blocking, because eg at the time, I was not aware that I was running anything other than edge. Sure, I dug into CL and found it, but only by looking for something that was blocked, rather than the specific exe. (just feature thinking out loud
). I don't get many blocks that's why I never considered this before.
@danb I had an odd block yesterday with 7.60
IIRC I opened Edge (win10_vm) and I got a CL block popup that it blocked "something" I was trying to run, block or allow... (paraphrase) I tracked it down to
mpcmdrun.exe and it looked like parent was svchost, and looks like this exe is part of windows defender, although AV on this VM is Norton, but know Defender does some things in background.
It might be helpful if these block popups listed the app or exe that it was blocking, because eg at the time, I was not aware that I was running anything other than edge. Sure, I dug into CL and found it, but only by looking for something that was blocked, rather than the specific exe. (just feature thinking out loud
). I don't get many blocks that's why I never considered this before.
- May 31, 2017
- 1,719
Sure, can you please provide the details of the block? Was it a standard block or a command line block? You probably do not want to spend too much time on it though because this is something that is going to be covered in the next phase of the attack chains feature, which we are starting on soon.now installed 7.61 thanks.
@danb I had an odd block yesterday with 7.60
IIRC I opened Edge (win10_vm) and I got a CL block popup that it blocked "something" I was trying to run, block or allow... (paraphrase) I tracked it down to
mpcmdrun.exe and it looked like parent was svchost, and looks like this exe is part of windows defender, although AV on this VM is Norton, but know Defender does some things in background.
It might be helpful if these block popups listed the app or exe that it was blocking, because eg at the time, I was not aware that I was running anything other than edge. Sure, I dug into CL and found it, but only by looking for something that was blocked, rather than the specific exe. (just feature thinking out loud
Essentially, every attack chain will be assigned a primary parent, and whenever a child of the primary parent is blocked, it will be part of the user prompt as well. Ultimately, we are moving away from a decouple whitelist of various items, to an app based product. If things go right, we will not even have a whitelist tab anymore, it will just be called Apps (or something). it will be similar to the way the current Advanced and Web Apps tab list apps. So any app listed under this new tab will auto allow any child item or command line. So we will basically have Whitelist Apps, Web Apps, Vulnerable Apps, and possibly System Apps. And for example, Web or Vulnerable Apps will not be able to auto allow child items. I am not sure if these will be 3-4 different tabs, or if we will have one tab where you can filter them by type. So this is what I mean by CyberLock is soon going to be app based, It is difficult to explain, but I think it is going to be pretty cool.
- Apr 16, 2017
- 2,604
@danb I think it was standard...
I found it yesterday & today in settings | user log | (copy / paste follows)2023-11-16 15:36 Auto Blocked mpcmdrun.exe c:\programdata\microsoft\windows defender\platform\4.18.2303.8-0\mpcmdrun.exe 226FACBDC52C7A6F7E4E140CBA0E2EF4AC5E60DC d710e889bee3b1ddae3c7cb15effa2964a5821c19a437e99553749d3740840eb "c:\programdata\microsoft\windows defender\platform\4.18.2303.8-0\mpcmdrun.exe" -wdenable 1645864 svchost.exe (user name changed *** to protect the innocent)
perhaps MORE interesting under Whitelist, mpcmdrun.exe is auto allowed and is listed 3 times: 2 have same hash, 1 has different hash, and none of those 3 match the blocked hash above, although VT says the above blocked hash is safe MS file,
Original Name MpCmdRun.exe
File Version 4.18.2303.8 (WinBuild.160101.0800)
perhaps different sha256 is windows update to this exe (I assume)
This CL auto block was caused by "the chain"...
EDIT by the chain, I mean mpcmdrun.exe was triggered not in the usual manner?
On this VM, CL 7.60 was installed over 7.44 (now 7.61 over 7.60)
Last edited:
I also meant to provide an "option" similar to CL, a countdown timer option for WC prompts to display them for a certain number of seconds. Is it workable? Consider adding a "Seconds" drop-down to WC's "Show alerts..." option.
Last edited by a moderator:
- May 31, 2017
- 1,719
Yeah, for now it is using the same value as the user prompt countdown timer. I was going to add a special one just for these prompts, but we are trying to remove unnecessary features as much as possible
.
- May 31, 2017
- 1,719
Yeah, there are going to be some blocks during installs and uninstalls. The best thing to do is to put CyberLock into Training mode when you are installing or uninstalling an app.
- May 31, 2017
- 1,719
Hey Guys!
Happy Thanksgiving! We have released 7.62 to the public and will enable the auto update soon. There were only slight optimizations in this version. Also, you will now see an * for each attack chain that tab in settings. This is the primary parent application, which is the main parent application that CyberLock will use for this feature. For example, C:\Windows\explorer.exe and C:\Windows\System32\svchost.exe should not be considered the primary parent application. I hope this makes sense, if not, please let me know. Anyway, if you find an * that you believe is not assigned correctly, please let me know. BTW, I tried different text colors and styles for the primary parent application, but they all looked really bad, so we are using an * for now. If anyone has any idea what else we could use to indicate the primary parent application in the Attack Chains tab, please let me know.
CyberLock 7.62
SHA-256: 89e6080f38767621b95cb9eb0e3e79390599b7d064b9034e985939f7d1e68364
Thank you guys!
Happy Thanksgiving! We have released 7.62 to the public and will enable the auto update soon. There were only slight optimizations in this version. Also, you will now see an * for each attack chain that tab in settings. This is the primary parent application, which is the main parent application that CyberLock will use for this feature. For example, C:\Windows\explorer.exe and C:\Windows\System32\svchost.exe should not be considered the primary parent application. I hope this makes sense, if not, please let me know. Anyway, if you find an * that you believe is not assigned correctly, please let me know. BTW, I tried different text colors and styles for the primary parent application, but they all looked really bad, so we are using an * for now. If anyone has any idea what else we could use to indicate the primary parent application in the Attack Chains tab, please let me know.
CyberLock 7.62
SHA-256: 89e6080f38767621b95cb9eb0e3e79390599b7d064b9034e985939f7d1e68364
Thank you guys!
@danb
Hi Dan, thanks for the new version it is so far running good.
After looking through the settings I found some things I like to mention:
Could you please add an explanation which color means exactly what in the "attack chain" menu. Maybe like an info button "Meaning of colors here"? I know it is written somewhere in this thread but since your manual is still on 7.50 it would be nice to get the info with just one click on the "info button".
For my eysight the colors for the text (in general) all seem washed out (not dark enough e.g. for black).
When I look at the "Whitelist" the color used for the whole VoodooAi and the Whitelistcloud column are quite bright which makes it hard to read.
For the black part of the rest of the text there just look at the screenshot with the default win 11 notepad black letters and the CL black. For me CL looks washed out and are way worse to read. I hope you understand what I mean my English skills to explain it are a bit limited
For me the whole "black" letter colors of CL are not as good to read as even the default win 11 notepad letters.
Win 11pro 22H2, Screen resolution 1920*1080 with 125% scaling.
Hi Dan, thanks for the new version it is so far running good.
After looking through the settings I found some things I like to mention:
Could you please add an explanation which color means exactly what in the "attack chain" menu. Maybe like an info button "Meaning of colors here"? I know it is written somewhere in this thread but since your manual is still on 7.50 it would be nice to get the info with just one click on the "info button".
For my eysight the colors for the text (in general) all seem washed out (not dark enough e.g. for black).
When I look at the "Whitelist" the color used for the whole VoodooAi and the Whitelistcloud column are quite bright which makes it hard to read.
For the black part of the rest of the text there just look at the screenshot with the default win 11 notepad black letters and the CL black. For me CL looks washed out and are way worse to read. I hope you understand what I mean my English skills to explain it are a bit limited
For me the whole "black" letter colors of CL are not as good to read as even the default win 11 notepad letters.
Win 11pro 22H2, Screen resolution 1920*1080 with 125% scaling.
Is Voodooshield(CL) at this point compatible with Eset nod32 since eset has HIPS and BB?
- Apr 16, 2017
- 2,604
I understand the answer to be YES!, IIRC @Shadowra posted this is one of the "strongest" combos. I've been using this combo in VM for about 2 weeks no issues, and had used it in recent past for a number of years. My VM NOD32 is basically at default settings so default is not necessarily optimal, but might be fine running with VS/CL.
Similar threads
