Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

CryptoPrevent, dMaintenance and related matters


  • Please log in to reply
9 replies to this topic

#1 saluqi

saluqi

  • Members
  • 499 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:11:15 AM

Posted 22 November 2014 - 11:32 PM

Having observed the onward march of encrypting malware, and read the article on dealing with CoinVault, I went to the posted link for CryptoPrevent.  Being both lazy and chronically short of time, i found the idea of "one stop" setting of group policies very attractive :)
 
They are offering CryptoPrevent Premium and dMaintenance as a package for $25.  Is that a good idea?  I have done my stint in computer support but that was very long ago and mostly limited to clients who had purchased computers, network systems and/or custom software from our company.  Mainly I supported Novell networks (anybody remember those?) and custom database systems (well, I wrote most of those myself, so like it or not I was the guy to call at 1 a.m. if there was a problem - actually, very rarely <G>). Some of the stuff I wrote was still running without problems 10 years later, which I suppose says something.  I mean, that was in the age of what I called "pseudo-GUI" user interfaces!  VGA, anyone?  All modular, all function calls, so you only have to fix the functions as the environment changes . . .
 
I like the idea of CryptoPrevent Premium (if I have understood it correctly) but wonder what I would do with dMaintenance.  At present I am in charge of my own computers (2 at the moment, one more in the offing) and those in our office (a small public water agency).  I get asked for computer support on a rather frequent basis but most of it is idiot stuff I can solve over the phone.  There are certain disadvantages to having a wide circle of international friends (in several languages, yet) and having acquired a mostly undeserved reputation as "Mr. Fixit" for all sorts of things in which I do not, in fact, have professional expertise 
 
Anyway, is this a good idea, and will CryptoPrevent Premium provide adequate protection, or will I have after all to immerse myself in the gory details of group policies?  I know, what must be must be, but as a water district manager I am in the middle of problems of the California drought (actually, 60+ years of abuse of the groundwater resource) and fast becoming a "political figure" in that area (see last month's "Mother Jones").  At this fraught moment, anything that saves time and effort is welcome.
 
We are not exactly in the habit of clicking on random links, or on those posted by people we don't know . . .
 
Thanks for enlightenment!

Edited by Queen-Evie, 23 November 2014 - 12:01 AM.
Moved from Am I Infected since this is not request for help with malware removal


BC AdBot (Login to Remove)

 


m

#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:15 AM

Posted 23 November 2014 - 12:04 AM

A part of the full topic from quietman7 if this is the program you mean.

CryptoPrevent can be used to lock down any Windows OS to prevent infection by the Cryptolocker ransomware which encrypts personal files and then offers decryption for a paid ransom. CryptoPrevent artificially implants hundreds of group policy object rules into the registry in order to block executables (*.exe, *.com *.scr and *.pif) and fake file extension executables in certain locations (i.e. %AppData%, %LocalAppData%, Recycle Bin) from running. This allows it to stop other malicious files in addition to Crypotolocker.

QUOTE in their page details ->> Price: $9.99  Price: $19.95 (Turkey Special) Or price reduction for U.S. Thanksgiving - So it looks good

CryptoPrevent Premium and dMaintenance as a package for $25.  Is that a good idea?

So you seem to be correct with specials being offered this week (end)



#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 49,920 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:15 PM

Posted 23 November 2014 - 08:29 AM

CryptoPrevent Premium offers automatic updates to the program and definitions, email alerts, and custom policy rules.

The portable version does NOT include the new Filter Module in v6...you must get the installer version to use the Filter Module. I use CryptoPrevent free on all my computers...due to the way it works, the program protects against a wide variety of malware and ransomware, not just Cryptolocker.
* CryptoPrevent FAQs

Other Ransomware Prevention Tools:
.
.
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Microsoft MVP Reconnect 2016
Windows Insider MVP 2017
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 saluqi

saluqi
  • Topic Starter

  • Members
  • 499 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:11:15 AM

Posted 23 November 2014 - 10:22 PM

Are there any incompatibilities among the tools listed above, or with installed antivirus/antimalware programs?  I have Avast! Internet Security installed, and MBAM Premium.  Also SpywareBlaster, the MVPS hosts file and WinPatrol.



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:15 AM

Posted 24 November 2014 - 12:54 AM

Please fully read their CryptoPrevent FAQs for details like these below -

The definitions for the Program Filtering component are updated not on a set schedule but as they become available, and they are provided by SaneSecurity.com — currently there are over 7000 unique detections in the definitions, and that number is growing. But it isn’t all-encompassing, because unlike the Software Restriction Policies protection, this won’t get “zero-day” malware that hasn’t previously been detected and added to the definitions, so they can still slip past it I’m afraid.

 

Personally only, I read this as needing MBAM (or similar) and an Antivirus program to stop other “zero-day” malware.

 

quietman7 stated "I use CryptoPrevent free on all my computers...due to the way it works, the program protects against a wide variety of malware and ransomware, not just Cryptolocker." and from what I knew he also ran Antivirus and Antimalware in a sensible way. So advice would always be available, but CryptoPrevent provide much more on their pages.

 

Is this guaranteed protection?
NO!  While the methods utilized by this program do protect and prevent infection of current strains of Cryptolocker (and a lot of other malware for that matter,) I cannot guarantee what the future will bring.

Again from their FAQ area. Please fully read it ...........



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 49,920 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:15 PM

Posted 24 November 2014 - 05:38 AM

Are there any incompatibilities among the tools listed above, or with installed antivirus/antimalware programs?  I have Avast! Internet Security installed, and MBAM Premium.  Also SpywareBlaster, the MVPS hosts file and WinPatrol.

Note: Hitmanpro.Alert is known to have compatibility issues with MBAE as well as a few other security programs...this included avast! under XP, BitDefender under Win7 x64 with "Active Shield" enabled, Online Armor 6 under Windows XP, and Sandboxie. However, they are supposedly solved in the experimental version of MBAE 1.05. See...Malwarebytes Anti-Exploit Known Issues & Conflicts

I have not heard of any issues with the other programs you mentioned.
.
.
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Microsoft MVP Reconnect 2016
Windows Insider MVP 2017
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 saluqi

saluqi
  • Topic Starter

  • Members
  • 499 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:11:15 AM

Posted 25 November 2014 - 08:33 PM

The link above said that MBAE was incompatible with Hitmanpro.Alert.  Did I understand that correctly to mean that problem had been fixed in the experimental 1.05 version?  The Avast! incompatibility is said to affect only Firefox, which I don't currently use.  When I tried to follow the link to MBAE Experimental 1.05 it said I did not have permission to go there.  WTF?  I have been a MBAM subscriber for years and currently have the Premium version installed.



#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 49,920 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:15 PM

Posted 25 November 2014 - 09:00 PM

The link above said that MBAE was incompatible with Hitmanpro.Alert. Did I understand that correctly to mean that problem had been fixed in the experimental 1.05 version?

That is how I read it.

When I tried to follow the link to MBAE Experimental 1.05 it said I did not have permission to go there. WTF? I have been a MBAM subscriber for years and currently have the Premium version installed.

I get the same message. There may be a problem with the link...you can report it.

Experimental MBAE Builds README FIRST

The objective of this sub-forum is to beta test new exploit mitigation techniques that will be incorporated in the future into the mainstream builds of Malwarebytes Anti-Exploit.

Report issues with the Experimental builds only in this sub-forum.


.
.
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Microsoft MVP Reconnect 2016
Windows Insider MVP 2017
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 saluqi

saluqi
  • Topic Starter

  • Members
  • 499 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:11:15 AM

Posted 25 November 2014 - 10:02 PM

Aha, thanks for clarification!



#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 49,920 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:15 PM

Posted 26 November 2014 - 05:27 AM

You're welcome.
.
.
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Microsoft MVP Reconnect 2016
Windows Insider MVP 2017
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users