DigeratiPrime Posted December 13, 2006 Author Posted December 13, 2006 Nice! BTW I went and updated the guide to be sure it still applies. Winpooch 0.6.2 beta-------------------* Date : 03/11/2006* From version 0.6.1* Added reason Sys::KillProcess.* Added compatibility with many kernel version (36 new builds)* Added support of Windows Vista 32bits. (Not fully supported: for now Winpooch doesn't catch process creation).* Restored a feature for branch 0.5: can now hook and unhook processes.* Now save configuration in registry each time a setting is changed.* Fixed BSOD due to ExFreePool(NULL).* Fixed BSOD occuring when running out of memory.* Fixed memory leak in Winpooch.sys.* Fixed wrong error codes returned by hooks on NtQueryValueKey and NtSetValueKey.* Bug fix: scanning pattern weren't updated correctly.* Bug fix: now closes app-link if an IRP is cancel. This should fix system freeze at shutdown.* Bug fix: uninstaller now removes freshclam.logNext evolutions--------------- What you may expect for next versions :- 64-bit support.- Improvement of filters : - Regular expression support - Value list (useful for network ports) - Value range (also useful for network ports) - A service process (planned for branch 0.7)
Slimy Posted December 16, 2006 Posted December 16, 2006 FYI0.6.3 was released today. It sure was: http://www.msfn.org/comments.php?shownews=19057 Great guide, thanks for putting in the time!
DigeratiPrime Posted January 12, 2007 Author Posted January 12, 2007 havent tried it yet http://sourceforge.net/project/showfiles.php?group_id=122629Winpooch 0.6.4--------------* Date : 07/01/2007* From version 0.6.3* Added compatibility with many kernel version (24 new builds)* Bug fix: WatchObjs_Lock() used to always return STATUS_SUCCESS. This should fix bug 1622709.* Added a filter to allow csrss.exe to kill processes. Added a filter to ask user before writing a .sys in system32. You have to reset filter to add them.
Jeremy Posted January 18, 2007 Posted January 18, 2007 (edited) http://www.matousec.com/projects/windows-p...sts-results.phpThanks, Tarun. Edited January 18, 2007 by Jeremy
glentium Posted May 17, 2007 Posted May 17, 2007 Castlecops HIPS reviewcurrent version is 0.6.6: Very light in terms of resource usage and stable too.I use it in combo with SSM (System Safety Monitor) Free Edition and you're pretty much covered.@DigeratiPrime: Were you able to run WinPooch as a SERVICE successfully?
weEvil Posted January 2, 2008 Posted January 2, 2008 Winpooch works with XP SP3? I've been having issues. Says this version of windows is not supported.XP Pro SP3 v3264
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now