New Update VoodooShield CyberLock 7.0

Berny

Level 5
Verified
Well-known
Oct 14, 2016
202
@danb Thank you !

cyberlock_743.jpg
 

amirr

Level 27
Verified
Top Poster
Well-known
Jan 26, 2020
1,628
Installed over v7.42 without issue. Pro licence automatically carried across.
What is the main advantage of having voodooshield running beside for e.g. Eset Smart Security Premium? Isnt that too much? I don't know much on this but thought to ask. Thankkyou.
 
  • Like
Reactions: danb and oldschool

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,714
What is the main advantage of having voodooshield running beside for e.g. Eset Smart Security Premium? Isnt that too much? I don't know much on this but thought to ask. Thankkyou.
Might depend on what settings you are using on ESET.

If you enabled interactive HIPS or make some changes that increases the number of alerts ESET gives you, then on those scenarios having VoodooShield could be consider “too much”
 

amirr

Level 27
Verified
Top Poster
Well-known
Jan 26, 2020
1,628
interactive HIPS
No, I never mess with default settings in the ESET in regard to HIPS. The same about increases the number of alerts ESET gives me. I think you mean the Advanced Settings>Detection engine section where you can set ESET to alerts?
1681605430927.png

The section above you mean ? Also, HIPS setting is set to Automatic mode. Which mode, do you personally recommend? Thank you.
1681605660497.png
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,698
Which mode, do you personally recommend?
Automatic.
HIPS settings
Filtering Mode – There are five filtering modes you can select to change how HIPS filters system activity. The modes are:

Automatic mode: This is the default setting. In this mode, operations are enabled except for those that are blocked by pre-defined rules that protect your system.
Smart mode: You will only receive notifications about suspicious system events.
Interactive mode: Only recommended for advanced users. You will receive notifications that prompt you to Allow or Deny each operation detected. Select the Create rule check box to save your response as the rule for a given operation. Selecting the check box next to Temporarily remember this action for this process will cause the action (Allow/Deny) to be remembered until HIPS rules are changed, the HIPS filtering mode is changed, the HIPS module is updated or your computer is restarted.
Policy-based mode: Operations not defined by a rule are blocked. See HIPS – Advanced setup for more details.
Learning mode: In Learning mode, operations are enabled and a rule is created after each operation. Rules created in this mode can be viewed in the Rule editor, but their priority is lower than the priority of rules created manually or rules used in Automatic mode.
Selecting Learning mode enables the Learning mode will end at option. When the specific time period passes, the Learning mode is disabled. The maximum time period is 14 days. After this time period has passed, you will be prompted to edit the rules and select a different filtering mode.
[KB3755] Host-based Intrusion Prevention System (HIPS) – Advanced setup (15.x–16.x)
 
Last edited:

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,714
No, I never mess with default settings in the ESET in regard to HIPS. The same about increases the number of alerts ESET gives me. I think you mean the Advanced Settings>Detection engine section where you can set ESET to alerts?
View attachment 274573

The section above you mean ? Also, HIPS setting is set to Automatic mode. Which mode, do you personally recommend? Thank you.
View attachment 274574
Automatic or Smart.

If you don’t mind having lots of alerts, then you can try interactive. However it might be for the best to leave it on learning mode for a couple of hours before using interactive mode.
 
  • Like
Reactions: simmerskool

amirr

Level 27
Verified
Top Poster
Well-known
Jan 26, 2020
1,628
ok, I will set it to interactive, then so its also ok now to install voodooshield, right?
 

n8chavez

Level 20
Well-known
Feb 26, 2021
972
@danb, I did notice a couple more things:

1. If I already have an allow firewall rule and that app gets updated Cyberlock will create a new block rule (because the update is initially seen as unsafe because the hashes are too new), that Cyberlock created block rule will take priority over any allow rule. Since Windows Firewall doesn't use hashes there's no way of distinguishing between the rules. That's not good. I recently began having rclone issues and I could see why, and my configurartion remained the same. Cyberlock created a block rule for it. Would it be possible to not create a block rule if there is already a rule created for that .exe?

2. I assume with this re-branding you want everything to say Cyberlock now and not VoodooShield. However, the application icons (tray, desktop shield, etc.) still say "VS."

3. When I try and do a manual update check within Cyberlock, I get the below message saying I have no internet connection, although I clearly do. I also have no firewall rule blocking cyberlock.

2023-04-16_08h49_25.png
 
  • Like
Reactions: danb

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top