WinPatrol WAR (formally WinAntiRansom)

Status
Not open for further replies.
H

hjlbx

Thread author
But more seriously... this is why I opt for SRP default-deny.
  • I clean install OS (system is clean)
  • I install wanted softs (system is still clean)
  • I install SRP and lock down system (system is locked into clean state)
  • I do not introduce unknown\untrusted stuff to system
  • Everything that isn't allowed, is denied - with no reliance upon AV signatures, Authenticode, file reputation, HIPS, behavior blocker, Ai, etc, etc
  • What is allowed, but vulnerable, is restricted to Standard User access rights
I don't have to think about anything
I don't have to guess
I dont' have to flip a coin

However, even though that is all good and dandy, network security remains a huge security risk with its many vulnerabilities along the whole transmission chain.
 
  • Like
Reactions: Andy Ful, Solarquest, shukla44 and 6 others
H

hjlbx

Thread author
CMLew said:
Hmm.. Since WAR evolve to kinda of a full-fledge AM-kind, then where does WinPatrol stand? Is it going to merge with WAR?
Click to expand...

WinPatrol is a pseudo-HIPS; it shows creation of new services, Active-X components, auto-runs, etc on system.

WinAntiRansom is an anti-executable (which is a specific type of HIPS)\whitelisting soft; it blocks execution, provides user to allow\block, etc. It also has WinPrivacy integrated into it with anti-fingerprinting and Flash cookies.

WinAntiRansom + WinPatrol + decent adblocker is very solid physical system protection.

I suspect Bret will not combine WinPatrol and WinAntiRansom - but of course anything is possible. If most of his user\subsciber-base asked for them to be integrated then he would probably do it.
 
  • Like
Reactions: Solarquest, shukla44, askmark and 5 others
R

Rod McCarthy

Thread author
hjlbx said:
But more seriously... this is why I opt for SRP default-deny.
  • I clean install OS (system is clean)
  • I install wanted softs (system is still clean)
  • I install SRP and lock down system (system is locked into clean state)
  • I do not introduce unknown\untrusted stuff to system
  • Everything that isn't allowed, is denied - with no reliance upon AV signatures, Authenticode, file reputation, HIPS, behavior blocker, Ai, etc, etc
  • What is allowed, but vulnerable, is restricted to Standard User access rights
I don't have to think about anything
I don't have to guess
I dont' have to flip a coin

However, even though that is all good and dandy, network security remains a huge security risk with its many vulnerabilities along the whole transmission chain.
Click to expand...



I get lost in all the acronyms and abbreviations, so who is SRP?
 
  • Like
Reactions: Solarquest, _CyberGhosT_ and askmark
Tony Cole

Tony Cole

Level 27
Verified
May 11, 2014
1,639
Updated, but it constantly blocks Google Chrome, even if I whitelist Chrome it's still blocked. Chrome runs, but all extensions fail, even lastpass.
 
  • Like
Reactions: ForgottenSeer 55474
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Definitely a big challenge for WinPatrol; it will take little time to create mechanism ; because the scope of threats are widely covered.

When we say widely covered, the samples are at the stage to analyze carefully.
 
  • Like
Reactions: ForgottenSeer 55474 and shukla44
D

Deleted member 2913

Thread author
cruelsister said:
Point taken. But VS will use definition data from VT and in the absence of a Network connection will reject anything. WAR will indeed work without any connection to the Net (I published a video on this a few months ago), allowing good stuff while rejecting the potentially dubious.
That's why I would consider it closer to an anti-exe than a Cloud product like VS.
Click to expand...

hjlbx said:
The whole Cloud and signature thing is more and more problematic. Not taking a dig at Voodooshield, but just pointing out what most of us knew to be true in 1999...
Click to expand...
I dont agree regards VS...
VS is primarily an anti-exe & not a cloud product.
VS doesn't use VT definition data or VAi verdict to allow stuffs (It depends on VS Modes you are running)
In the absense of network connection, VS doesn't rejects anything...snapshot/whitelist files are allowed & rest you get alert to allow/block.

VS Modes -
ALWAYS ON - Snapshot/Whitelist files are only allowed, rest you get alert to allow/block (VT & VAi verdict on the alert to help make decision And are not used to auto-allow files)

SMART Mode ( Default) - "ON" & "OFF" -
Smart Mode "ON" - Snapshot/Whitelist files are only allowed, rest you get alert to allow/block (VT & VAi verdict on the alert to help make decision And are not used to auto-allow files)
SMART Mode "OFF" - I think files not detected are auto-allowed.

AUTOPILOT Mode - Files not detected are auto-allowed.
 
Last edited by a moderator:
  • Like
Reactions: shmu26 and askmark
R

Ray Redbad

Thread author
WinAntiRansom has been re-named WinPatrol WAR.

2016.12.626 - December 14th, 2016

downloads

• Added a Dashboard showing real time statistics.
-Number of Programs discovered, whitelisted programs, programs in quarantine.
-Number of PreEmptive, SafeZone, Network and Protected Registry actions for the day
-The most recent program detected on your computer.
-The full path the program most recently blocked program.
• Ability to enable/disable protection right from the Dashboard.
• Improved Program Discovery.
• Updated Artificial Intelligence Engine, improving detections and reducing false positives.
 
  • Like
Reactions: HarborFront, XhenEd and silversurfer
H

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,141
Ray Redbad said:
WinAntiRansom has been re-named WinPatrol WAR.

2016.12.626 - December 14th, 2016

downloads

• Added a Dashboard showing real time statistics.
-Number of Programs discovered, whitelisted programs, programs in quarantine.
-Number of PreEmptive, SafeZone, Network and Protected Registry actions for the day
-The most recent program detected on your computer.
-The full path the program most recently blocked program.
• Ability to enable/disable protection right from the Dashboard.
• Improved Program Discovery.
• Updated Artificial Intelligence Engine, improving detections and reducing false positives.
Click to expand...
I hope this new version can up the detection rate since the last poor review by PC Magazine here

WinPatrol WinAntiRansom

Maybe someone can test it out
 
  • Like
Reactions: XhenEd
R

Ray Redbad

Thread author
HarborFront said:
poor review by PC Magazine
Click to expand...
WAR's review was "poor" because of the tester. That can be said for much of Neil's work and I'm not alone in that opinion as anyone who's followed him for over a decade.
WinPatrol WAR (formerly WinAntiRansom)
WinPatrol WAR (formerly WinAntiRansom)

WAR did better than the new golly gee whiz bang MBAM3 in the just released PC Mag test.

Neil finally got around to it just in time for MBAM but not for WAR: "There's one small problem with these powerful, focused protection layers; they're tough to test."

Source: PC Magazine

PCmagWARvsMBAM3.jpg

I've been using WAR on three systems since early March. It rocks.
 
Last edited by a moderator:
R

Ray Redbad

Thread author
Ray Redbad said:
MBAM3
Click to expand...
No longer able to edit that post to correct myself: MB3.

Ray Redbad said:
Neil finally got around to it just in time for MBAM but not for WAR: "There's one small problem with these powerful, focused protection layers; they're tough to test."
Click to expand...
And in re-reading that, I should also add the Neil never goes back to update or revise or correct his previous reviews. So the "tough to test" epiphany that his techniques are invalid for this class of software will only trickle up. Products of previous reviews suffer with no venue for appeal.

In the meantime, posers who don't actually use the program(s) will regurgitate the misinformation as valid even upon being confronted with correction or logic.
 
Status
Not open for further replies.

Similar threads

Trident
    • Like
    • +Reputation
    • Thanks
Serious Discussion Decoding the Trend Micro Components and Protection Model
Replies
24
Views
2,983
Other security for Windows, Mac, Linux
Mahesh Sudula
Mahesh Sudula
Jack
    • Like
    • Applause
    • +Reputation
  • thread_type.competition
MalwareTips Giveaway 100 Free License Keys For Emsisoft Anti-Malware
Replies
14
Views
5,522
MalwareTips Giveaways
Jack
Jack
Victor M
New Update Chrome 124 Ubuntu 24.04 LTS Apparmor profile
Replies
1
Views
859
ChromeOS & Linux
Victor M
Victor M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top