CryptoPrevent is no longer based solely on Windows software restriction policies

Discussion in 'other anti-malware software' started by Dragon1952, Jun 17, 2014.

  1. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    I decided to uninstall v8 and wait for a ".1" update; hopefully that will come soon to address the issues we're seeing.
     
  2. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,910
    Location:
    North of the 38th parallel.
    Hello guest:
    After installing CryptoPrevent v8, under the auspices of Revo Uninstaller Pro v3.1.7 in a W10Prox64 14393.351 system, ~17K was the approximate number of Windows registry changes attributed to this install. YMMV

    FWIW
     
  3. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    2,469
    Location:
    Hollow Earth - Telos
    Soon after i started this thread i stopped using CP and started using HMPA with Crypto.
     
  4. JohnBurns

    JohnBurns Registered Member

    Joined:
    Jul 4, 2004
    Posts:
    778
    Location:
    Oklahoma City
    I am totally confused by this thread. I have CryptoPrevent Premium installed on 2 desktops, have upgraded from 7 to 8 and experienced no problems that I am aware of. Am I really missing something?
     
  5. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    Looking through the policies, they're almost entirely "general hardening", while there are a handful that appear to be highly specific to particular malware. Majority are either blocking particular file extensions running from particular locations, or policies to prevent double extensions from executing.
     
  6. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    I had no issues either.

    I uninstalled the 7.8 beta, and installed the new v.8.0.0.0.0 without a problem. Very quick, tests fine, and the program loads quickly for me.
     
  7. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    Try and see this from everyone else's perspective. It's quite frustrating for someone to jump into a thread only to give a cryptic and ultimately unhelpful warning like this. You've given us no actionable steps to take.

    Careful how? Of what?

    Have some respect for people in the thread by saying something like, "I have a suspicion that users are at additional risk of ______". You don't have to be definitely correct if you label what you are saying with the appropriate level of doubt. Only then perhaps can we verify or reject what you are saying, or indeed take ANY steps to be safe from whatever risk you believe we are facing.
     
  8. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    It's just an example of software working well on some, but not all systems; it's not so unusual. Hopefully the developers will refine v8 so it performs more consistently.
     
  9. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    536
    Location:
    Philippines
    I think CS means the blocking of files on certain folders, just like what Bitdefender Anti-Ransomware does. If my memory is right, CS said that this kind of protection is ineffective against ransomware/malware that does not rely on attacking/launching through those folders.
     
  10. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    Sure but we already know that, it's a limitation of the approach.
     
  11. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    982
    Location:
    UK
    CP is just a layer of security and not a fix all solution, obviously people remain careful when using it, I do feel her post was way too vague.

    It does not need to be effective against 100% of malware, if it helps say even against 1% then it is useful.

    My criteria for rating layers of protection tends to get measured against these metrics.

    1 - cost of deployment (I am not a limitless ATM machine)
    2 - understanding of how the protection works
    3 - whether the protection breaks anything I use
    4 - resource usage and this includes affect on performance
    5 - affect on system stability
    6 - ability to configure to suit my needs
    7 - whether it requires constant tinkering or works well as a set and forget.

    On all these metrics the free version of CP rates fairly well so I still use it.

    On the other hand the antiransomware that CS promotes I found to cause me problems when I tested and as such it scores lower on these metrics and low enough that I dont use it on any production devices even tho it may potentially mitigate more ransomware (on its own).

    So many commercial software's are buggy, so I tend to find the one's that utilise existing windows features (such as SRP) a more solid solution, as one's that engineer their own code are often problematic.
     
  12. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,649
    Location:
    Paris
    Yeah, I agree that I was way, way too vague, but that was on purpose. I've brought my concerns to their attention and we'll see what happens.

    And Chcol- it's way more than 1%, but less than my standards demand.
     
  13. VecchioScarpone

    VecchioScarpone Registered Member

    Joined:
    Aug 29, 2015
    Posts:
    343
    Location:
    Down Under the Southern Cross
    For the record:
    I disabled the Bitdefender Internet Security 2016 Ransomware Protection. CryptoPrevent is now loading normally. Ref.: issue described in my post #171.
     
  14. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    I removed CP 7 Premium to avoid the automatic update for now.
    Please do keep us posted.
     
  15. guest

    guest Guest

    So what is the problem exactly with CP v8?
    Are we more vulnerable by using it? Why?
     
  16. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    536
    Location:
    Philippines
    A note for using both CryptoPrevent and Process Lasso: https://bitsum.com/product-update/advisory-cryptoprevent-may-interfere-with-updates/

    For the record, I was the one who reported CP and PL issue to the PL dev a couple of years ago. I reported it, so that's why there would be a message regarding possible causes (CryptoPrevent and similar software) and a workaround if Process Lasso fails to update. :D
     
  17. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    @XhenEd

    I mentioned about it in the VoodooShield thread, too, earlier today. :thumb:
     
  18. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    536
    Location:
    Philippines
    Yeah, I saw it. But then, it's kinda off-topic there. So, I mentioned the article here. :)
     
  19. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    FYI CryptoPrevent is currently at version 8.0.4. The new v8 seems quite stable now and offers a new tabbed UI :thumb:
     
  20. FootFall

    FootFall Registered Member

    Joined:
    Feb 19, 2017
    Posts:
    2
    Location:
    France
    I've got the latest version of CryptoPrevent 8 Premium running alongside Avast Free and the latest version of Malwarebytes Premium 3.1.2 on Windows 7 Home Premium SP1 x64 and the whole system seems to run pretty sweetly.
     
  21. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    Yes, CryptoPrevent set at default protection level doesn't cause any issues AFAICT, and the new version 8 has a much improved UI :thumb:
     
  22. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,874
    CP is basically an SRP software. Can be run alongside an anti-executable like NVT ERP to enhance the protection.

    Different ways of securing Windows from malware.
     
  23. Tomin2009

    Tomin2009 Registered Member

    Joined:
    Sep 13, 2012
    Posts:
    94
    I installed in my Win10 X64 1703 OS, but I couldn't run it.
     
  24. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,120
    Location:
    South Texas, USA
    Any of you have CryptoPrevent v8 running on Fall Creative Update v1709? I wonder if the new security features are not an overlap, that is if you are running Windows Defender with all options enabled.
     
  25. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,103
    Location:
    Lunar module
    With the option enabled Custom FolderWatch Folders, the monitor successfully responds, but RansomCrysis even manages to encrypt all documents even in protected folders.
    Against others Ransomware it protects well.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.