Winpooch

Discussion in 'other anti-malware software' started by bryanjoe, May 26, 2007.

Thread Status:
Not open for further replies.
  1. bryanjoe

    bryanjoe Registered Member

    Joined:
    Feb 23, 2006
    Posts:
    380
    my firewall prompt this

    is-PDN1.tmp might be using Winpooch.exe to connect to internet?

    Any problem?
     
  2. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    There are VERY few Winpooch users here at Wilders, and I am not one of them. Hopefully someone will come around to help your problem.

    In the meantime, maybe you can state your problem again in different words...

    >Has Winpooch been running okay on your computer? If so, how long have you been using it? Also, are you using the Clam-AV add-on to Winpooch?

    >Which firewall are you using?

    >Did you recently install a new program or open an email attachment?

    >Is your computer running okay right now?

    I hope someone comes by to help. Best of luck to you.
     
  3. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
  4. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Bryanjoe,

    I have enclosed a WinPooch filter set. It protects windows vulnarable directories and modification of executables. Also the Registry startup keys are protected (thanks to Toni Klein).

    I have set the netconnect trigger also, so you can build up your own set of outbound rules (by allowing and setting up a new filter for that program).

    Download the text file, open with XP notepad and save as ansi file with .WPF file, next import these rules in WinPooch. When you have any questions just PM me. Bellgamin told me a could never go on holiday to Hawai when I should not help you. ;)

    Regards K
     

    Attached Files:

  5. bryanjoe

    bryanjoe Registered Member

    Joined:
    Feb 23, 2006
    Posts:
    380
    kees1958, thanks alot....
     
  6. EASTER.2010

    EASTER.2010 Guest

    If not for SSM/EQSecure and a few others i would likely have Winpooch running full-time. I found it really good at intercepting a lot of potential interprocess signals and identifies files/path really nice, but.....................
     
  7. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Easter

    When driving the freeware lane:

    SSM-Free and WinPooch (Reg + File + Outbound), together provide the "easiest" and broadest classical Anti-Executable protection.

    Samoerai (driver loading warning), CyberHawk (version 1.2.0.39 slim & restructured source code version covering mainly process modificaton) and WinPooch (Reg + File + Outbound) are in my opinion the easiest to use Behavior Blocking freeware set.

    Reg K
     
  8. korb

    korb Registered Member

    Joined:
    Mar 13, 2006
    Posts:
    150
    Location:
    singapore-thailand
    abit off track,how gd is winpooch outbound protection.i used it before but it never promt me on any outbound connection.now i just need an outbound to fix the hole for my setup.
     
  9. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Korb,

    The default filter set contains "netconnect" action. Otherwise clear the rule set and add for all programs (the *) a new filter for for reason id Net::Connect, Param1 = Address (Any Value, *), Param2 = Port (Any Value, *), Param3 = Protocol (Any Value, *).

    Set Reaction to ASK and REJECT, Verbosility to LOG (choose for new made rules after a prompt Reaction = Accept, Verbosility = Silent)

    Reg K
     
    Last edited: Jun 7, 2007
  10. EASTER.2010

    EASTER.2010 Guest

    I agree completely. Winpooch "IS" that efficient from my experience with it. The thought didn't really occurred to me with that particular combo though, something worth teaming up, thats for certain.
     
Thread Status:
Not open for further replies.