Trust and Networking
In addition to standard tools like antivirus, here are four additional heuristics you can use to determine if LogViewPlus can be trusted.
1. We are accountable. Clearcove Limited is registered in England and has been doing business online since 2006. Our company number is 6030104 which you can verify with the UK government. Clearcove is governed by English and European law - including GDPR.
LogViewPlus also uses code licensed from professional third party companies including Microsoft, DevExpress, RedGate and Rebex.
Accountability is a very important security guarantee that is not generally provided by open source software. LogViewPlus does not use open source software with the exception of the tar libraries from SharpZipLib and portions of Json.NET. Both of these code bases were manually reviewed before a one-time import.
2. All of our code is signed. You can verify this by opening the file properties on any of our executables. The file properties will include a Digital Signatures tab. All of our executables, including our installer, are signed with the name Clearcove Limited.
Code signed assemblies have automatic hash code verification built-in which Windows will check before every execution. This means our code cannot be executed without passing the embedded integrity checks. Code signing is a cryptographically secure way of guaranteeing the executable was produced by Clearcove Limited.
LogViewPlus should only be downloaded from LogViewPlus.com. If you do not see the "Clearcove Limited" signature on your executable, please let us know and DO NOT execute the software. Cracked software will be missing this signature.
3. LogViewPlus does not require admin privileges. This is the default installation type. Installing software without admin privileges limits the behaviour of the application and helps ensure a smooth uninstall if required.
4. LogViewPlus runs offline. LogViewPlus is a tool used by security professionals and is designed to run without a network connection. You can verify LogViewPlus is running offline by checking the ports with a command such as netstat. This is done by executing two commands:
tasklist | findstr LogViewPlus.exe - This command finds the process ID (PID) for the application. This command is case sensitive.
netstat -aon | findstr [PID] - This command finds all ports currently used by the application.
Executing these two commands from the command line will show that LogViewPlus has only one port open by default:
The port is listening on the loopback address which can only be accessed by processes running on the same machine. The port number is random and will likely change with each application restart.
This loopback port is used to run LogViewPlus in single instance mode. You can disable this listening port by allowing multiple application instances. This is done by deselecting the "Run only one application instance" checkbox in Application Settings:
After making this change, you can save your settings and restart LogViewPlus. There will now be no ports in use:
The only other time that you will see ports listed for LogViewPlus is if you have taken a user action which is obviously network related. For example, monitoring a remote data source, registering, or checking for application updates. In these scenarios the address, ports, and data transferred should be easy to verify if required.
LogViewPlus currently has no outstanding issues with any antivirus provider. However, LogViewPlus is frequently updated. New updates may lead to suspicion from your antivirus software until the update is fully trusted and the trust has been propagated. In some cases, propagation may take several days and during this time your antivirus may take longer to analyze LogViewPlus. This is expected behaviour as the antivirus has no prior knowledge of the executable. False positives may occur during this time, but in our experience these are rare.
Finally, when evaluating antivirus false positives as reported by VirusTotal it is worth noting that some antivirus vendors are more reliable than others. LogViewPlus false positives reported by major antivirus vendors such as Norton, Microsoft, Google, Avast, MalwareBytes, BitDefender, Kaspersky, Sophos or Acronis are exceedingly rare.
If you notice an antivirus provider flagging LogViewPlus as potentially malicious, please let us know and we will investigate.