Author Topic: CryptoPrevent discussion  (Read 9116 times)

0 Members and 1 Guest are viewing this topic.

Offline darksurfer

  • Full Member
  • ***
  • Posts: 67
  • We are all One under the Internet Sun
    • View Profile
CryptoPrevent discussion
« on: March 30, 2015, 01:41:44 PM »
Cryptoprevent seems to work well for me. :lol:

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19472
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: CryptoPrevent discussion
« Reply #1 on: March 30, 2015, 04:09:53 PM »
After the initial release and rash of updates, the addition of definitions for .exe file types certainly slowed things down.  It appears from the wording that the $15 fee for the "premium" version is a one-time fee, "Current protection automatically, for the lifetime of the product!" and not limited to one computer.  Has anyone opted to go that route?


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline MikeW

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 554
    • View Profile
Re: CryptoPrevent discussion
« Reply #2 on: March 30, 2015, 07:56:22 PM »
I gave up using it after a couple of months. Mbam seems to give more than adequate cover for me
Win 7 Home Premium  IE11 MSE  Mbam Pro

Offline ky331

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 615
    • View Profile
Re: CryptoPrevent discussion
« Reply #3 on: April 19, 2015, 10:14:20 AM »
From the author (18 April 2015):

◾The Program Filtering (BETA) option, which provides definition based protection against newer variants, will soon be replaced by a new method of applying the same core technology to protecting against current and future threats.  Since the method will change a bit, in order to avoid some software incompatibilities when this option is enabled, it will probably have a new name and description within the program configuration/interface.  While the protection will of course be provided to the free editions as well, I didn’t want those who purchase CryptoPrevent Premium edition with automatic updating to be surprised or confused when the update occurs automatically and the existing BETA option changes name or disappears.

◾Those who purchase CryptoPrevent Premium will also receive an automatic update for an optional new “system tray” app (placing an icon by the clock in your lower right corner of the screen) for quick enable/disable of the various protections and some other exciting new features as well!  This functionality will require CryptoPrevent Premium edition.

Offline darksurfer

  • Full Member
  • ***
  • Posts: 67
  • We are all One under the Internet Sun
    • View Profile
Re: CryptoPrevent discussion
« Reply #4 on: April 21, 2016, 02:51:57 PM »
I've gone back and forth with Cryptoprevent but I am staying with the free current version of this program. I used Hitmanpro Alert2.5.77 version but the fly outs stopped working on all the previous browsers--Firefox and Pa e Moon, for reasons I still don't understand.

Has anyone else noticed this with Hitmanpro. I also use Spyshelter which is an excellent software. Gotta keep those ransom ware bay as much as possible.

Offline ky331

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 615
    • View Profile
Re: CryptoPrevent discussion
« Reply #5 on: May 15, 2017, 01:46:54 PM »
CryptoPrevent v8.0.3.5 (May 15th, 2017)

◦Performance increase for HoneyPot Detection and alert notification from QuickAccess Tray icon
◦Added command line option to add unique identifier for individual client
         ◾/clientemailid=[UniqueClientID]
         ◾Run this CLI option to create a unique identifier for that specific client’s email subject line
◦Additional debug information when running /debug
◦Added additional Honey Pot detection for more ransomware detection
◦Added ability for HoneyPot definitions to be updated during definition updates
         ◾HoneyPot definitions will update during manual or auto-update processes
         ◾If HoneyPot definition file is not available on the system, hard-coded definitions of the current CryptoPrevent version will be used


===================================================


https://www.foolishit.com/cryptoprevent-malware-prevention/



Remark:   As best as I can tell, the "honeypot" feature, which it cites as being effective against "WannaCrypt" ransomware, is a PAID feature only :-(

Reminder:   CryptoPrevent v8.x adds a "3-in1" SERVICE:   Monitor Service, Folder Watch Service, e-Mail Service


Offline JDBush61

  • Hero Member
  • *****
  • Posts: 4654
    • View Profile
Re: CryptoPrevent discussion
« Reply #6 on: May 15, 2017, 09:33:49 PM »
Here's the author's latest comparison of the FREE vs. PREMIUM versions:

Free Edition features include: 

    New Folder Watch Protection
    Submit Malicious Files
    Improved Program Filtering Protection
    Improved Malware SRP Protection
    Expanded Malware Definitions (Optional)
    Free Updates (Manual)

Premium Edition includes all Free Edition features, plus:

    New HoneyPot Ransomware Protection
    New KillEmAll v5 Integrations
    New Tray Icon Features and Notifications
    Customize Folder Watch Protections
    Customize Prevention Rules
    Email Notification Features
    Automatic & Regular Updates

I've been using the free edition of CryptoPrevent for a couple years. I have no idea what "honeypot ransomware protection" is. Oh well. I'll just keep trudging along with the free version.
"In an age when mass society has rendered obsolete the qualities of individual courage and independent thought, the oceans of the world still remain, vast and uncluttered, beautiful but unforgiving, awaiting those who will not submit. Their voyages are not an escape, but a fulfillment."

~ THE SLOCUM SOCIETY ~

Offline ky331

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 615
    • View Profile
Re: CryptoPrevent discussion
« Reply #7 on: May 16, 2017, 10:37:48 AM »
CryptoPrevent v8.0.3.6 (May 15th, 2017)
         ◦Fixed Links not working in Get Premium Tab of the Free Edition
         ◦Updated HoneyPot Detection protections to correct for possible false positive
                     ◾Updated list was pushed out using the previous version’s definition update feature
                     ◾Published new version along with the correction because there was another reason to publish the updated version

------------------------------

CryptoPrevent v8.0.3.7 (May 15th, 2017)
          ◦Rolled back HoneyPot Definition update feature
                      ◾received a number of strange false positives
                      ◾Will refine more and bring back at a later date


Offline ky331

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 615
    • View Profile
Re: CryptoPrevent discussion
« Reply #8 on: May 20, 2017, 03:03:27 PM »
Two more versions were released:

CryptoPrevent v8.0.3.8 (May 19th, 2017)
     ◦Added an alert for Windows XP-7 to inform of high DPI setting and recommend lowering it while applying protections
              ◾   Windows 8 & 10 do not get the alert but the interface is usable with only slight visual issues on increased scaling settings
              ◾Youtube video going over how to change DPI settings can be found here: https://youtu.be/biuNjFnoqPI

     ◦Removed a couple rules for HoneyPot Detection that could cause false positives with some file types

--------------------

CryptoPrevent v8.0.3.9 (May 19th, 2017)
     ◦Major performance increase when apply protections
          ◾from the command line and from the GUI

     ◦Corrected issues with Windows 8-10 Scaling
          ◾DPI changes could still cause problems if defined manually and not with the scaling in Windows
          ◾Windows XP-7 will still get warning

     ◦Corrected minor interface issue
          ◾Issue resulted in some changes in 8.0.3.8
                  ◾Unable to read tabs, but still clickable
                  ◾GUI subtabs looked step sided/pushed to the right some
          ◾Applied to the Protection Settings sub tabs
          ◾Applied to the Policy Editor sub tabs


Offline plodr

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1098
    • View Profile
Re: CryptoPrevent discussion
« Reply #9 on: May 21, 2017, 08:02:02 PM »
I gave up on it a year or two ago because of all the updates.
4 versions from the 15th to the 19th! Sorry but that seems excessive. Poor coding. perhaps, on the part of the developer who has to keep fixing things.

Offline ky331

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 615
    • View Profile
Re: CryptoPrevent discussion
« Reply #10 on: May 26, 2017, 04:20:37 PM »
CryptoPrevent v8.0.4.0 (May 24th, 2017)

◾Fixed graphical issue with policy numbers applied being shown in the policy editor
◾Added additional email settings CLI ◦/emailusername=”user@addy.com”
◦/emailsamesendtofromaddy ◦or use the following together: ◦/emailfromaddy=”user@addy.com”
◦/emailsendtoaddy=”user@addy.com”


◦/emailpassword=”password”
◦/emailserver=”serverAddress”
◦/emailport=”portNumber”
◦/emailauthenable ◦(Add =0 to disable)

◦/emailstarttlsenable ◦(Add =0 to disable)

◦/emailsslenable ◦(Add =0 to disable)

◦/clientemailid=”Client ID to be added to Email Subject”
◦/emaillocksettings ◦(Add =0 to disable)
◦Only applies to Bulk or White-Label Editions


◾d7x Rule Variables now add environment variable as well as expanded paths ◦https://www.foolishit.com/d7x/killemall/rule-variables/

◾Revised how SRP protection locations are handled ◦Corrects issue where counts may have been off
◦Corrects issue where same policy may have been added more than once from CLI options

◾Added Debugging ability to the QuickAccess Notification Tray ◦Currently debugging information is fairly limited but this will improve over new revisions if additional debugging information is required
◦/debug when run from a command prompt with or without admin rights depending on the testing needed

◾Improved Multi-User support for QuickAccess Notification Tray
◾Bulk & White-Label Edition Installers Updated ◦Waits for installation to complete prior to showing finished  button on non-silent installations
◦Silent installations wait on installers completion if being scripted now as well
◦Fixed possible issues with systems not restarting after install when selected to do so from the Bulk-Creator
◦Debug mode will be enabled by default on all Bulk Edition installs for the installation portion only ◦This can be used to check for problems if something doesn’t work correctly in the Bulk Edition installation on a particular system


◾Fixed possible issue with HoneyPot Detection triggering on changing of protections

Offline ky331

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 615
    • View Profile
Re: CryptoPrevent discussion
« Reply #11 on: June 02, 2017, 10:07:16 AM »
CryptoPrevent v8.0.4.1 (June 1st, 2017)

◦Fixed graphical issue where verifying settings might not disappear on first run of application
◦Added additional HoneyPot Detection Rules
◦Added changes to HoneyPot Detection rules that may cause false positives
◦Added fix for possible issue with HoneyPot Detection not being able to verify current HoneyPot files
◦Possible fix for issues with CLI options possibly not starting services as expected
◦Fixed QuickAccess Notification Tray to update on the fly with protection changes
◦Added Restore Previous Protections option to Main GUI, QuickAccess Tray, and CLI option of /revertsettings
◦Possible fix for Monitor Service consuming large amounts of RAM
◦Minor performance improvements when handling SRP protections from GUI and CLI options





Offline ky331

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 615
    • View Profile
Re: CryptoPrevent discussion
« Reply #12 on: June 04, 2017, 03:32:37 PM »
CryptoPrevent v8.0.4.2 (June 3rd, 2017)

◾Major improvements in Memory usage across all executables (CryptoPrevent.exe, CryptoPreventMonSvc.exe, CryptoPreventNotification.exe), memory usage will decrease over time for the real-time as well as less usage on initial launches.
◾Corrected an issue where White-Label Creator was not updating the CryptoPrevent.exe launcher file in the includes folder which is used to create installers (you can delete this file and then re-open the WL Creator to force an update now)
◾SRP Whitelist is now sorted on initial loading and when updated
◾FolderWatch Custom Folders list is now sorted on initial loading and when updated
◾Fixed issue where services may not start via CLI options
◾Fixed issue where HoneyPot files might not be removed when FolderWatch has been disabled
◾Fixed issue where HoneyPot files might not be removed when Custom Folder is removed
◾Add/Removing Custom Folders to FolderWatch will no apply instantly
◾Fixed issue where services may be removed but not re-installed when changing various definition files or email settings

Offline darksurfer

  • Full Member
  • ***
  • Posts: 67
  • We are all One under the Internet Sun
    • View Profile
Re: CryptoPrevent discussion
« Reply #13 on: June 13, 2017, 01:17:07 PM »
For some odd reason, my computer--I have Windows 7--won't accept the version 8 of Cryptoprevent for installation, so I am still using version 7. I get "Unhandled Exception" error messages even though I have the latest Microsoft NET software. Anyone else have this problem. ::)


Offline ky331

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 615
    • View Profile
Re: CryptoPrevent discussion
« Reply #14 on: January 18, 2018, 12:09:35 PM »
CryptoPrevent  v9.0.0.0 (January 17th, 2018)

        User Interface Updated-adds additional explanation on features and functionality as well as streamlines options
        Maintenance options have been added which are powered by d7x technology (manually running maintenance is available under the Free and Premium versions, scheduling automated maintenance is a premium feature only)
        FolderWatch HoneyPot and the Quick Access tray are now available for usage under the free license; this makes all the protections CryptoPrevent provides free for personal usages
        Program Filter has been updated to work with additional file execution situations
        Corrected an issue where subscriptions keys may show as expired or invalid prior to subscription running out
        Updates have been completely re-written for performance and lower bandwidth usage
        Update feature has been added where CryptoPrevent will automatically apply any critical updates when opened (applies to the Free and Premium versions)
        Several performance improvements for CryptoPrevent and the Monitor service
        Several bug fixes for CryptoPrevent and the Monitor service