ExeWatch

Discussion in 'other anti-malware software' started by flatfly, Apr 23, 2012.

Thread Status:
Not open for further replies.
  1. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Version 1.21 has been released, which significantly improves dynamic detection of removable (USB) file systems.
    Some code cleanup was also performed, leading to even faster performance.
     
  2. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    Thanks a lot for the new releases and for adding that feature.. I am liking it very much and have finally integrated into my setup.
    You may like to see this. ;)
     
    Last edited: May 13, 2012
  3. kupo

    kupo Registered Member

    Joined:
    Jan 25, 2011
    Posts:
    1,121
    The great thing in this software is that it can fit in almost any kind of security setup. Thanks sven for making this software and for joining here. :D
     
  4. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Sujay, many thanks for the nice review.

    You're right about folders, there's no point in detecting them, they can't be executed anyway. This change will be made in the next version.
     
  5. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    Hello Sven, you are welcome and thanks for considering this change and made that available already :)
     
  6. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
    Nice job Sven :)
     
  7. genieautravail

    genieautravail Registered Member

    Joined:
    May 6, 2012
    Posts:
    109
    Hello Sven,

    Please, can you add alternatives to Windows + S keyboard shortcut.
    this shortcut is already used since long time by an application on my computer and I would like to keep my habits. :D
     
  8. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Hello,

    as my to-do list of feature requests and bugs to fix is getting longer each day, and I unfortunately can't afford to spend too much free time working on ExeWatch, I would like to announce a small change in how development will proceed.

    The application will remain totally free, and development will continue as usual.

    However, starting from now, I will accept to implement small customization requests in exchange for donations. I'm leaving the donation amounts to your own appreciation. Those requests, if deemed feasible and compatible with the design goals of ExeWatch, will be handled with high priority (often within 24h!), and I will provide the donator with a temporary link to download the resulting custom ExeWatch executable.

    Also please note that I may modify this strategy in the future, if things prove too impractical or donations are too scarce.

    Thanks for your understanding and support!
     
    Last edited: May 16, 2012
  9. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    71
    Nice news from an email I got from Sven today:

    "Release 126 should be out later today or tomorrow, with 2 main changes:

    - a new 'panic' mode, which, if triggered, will instantly quarantine (rename) any new executables. Only to be used if malicious activity is suspected
    - support for 16-bit (COM extension) executables"
     
  10. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
    Very good news :thumb:
     
  11. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    Great news indeed... Thanks Sven for keeping my suggestion :)

    Customized installer concept seems innovative and is welcome :)
     
  12. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Hi,

    version 1.26 is out, and now fully supports the .COM extension (16-bit executables) as well.

    The other planned feature, panic mode (suggested by sg09, thanks!)
    will take more time than expected to iron out the bugs, unfortunately.

    Cheers

    Sven
     
  13. genieautravail

    genieautravail Registered Member

    Joined:
    May 6, 2012
    Posts:
    109
    Sven,

    I'm ready to donating 10$ for a 'PRO' edition of ExeWatch with the following new features :

    Support for more types of files.
    The possibility to customize (choose) the keyboard shortcut as I want through a configuration file (cfg for example).

    Your opinion ? ;)
     
  14. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Sure, thanks for your interest! However I'm trying to keep ExeWatch a zero-configuration / "stealth & portable" type of app.

    So what I can do is make a custom build for you, with support for 8 extensions (versus 4 in the standard edition) and the keyboard shortcut of your choice, hard-coded in the application.

    8 extensions is the most I can support at this time due to performance limits of the real-time detection engine. I hope to be able to support more extensions in the future.

    If this sounds good, I will be glad to deliver this within 48 hours!
     
  15. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    Sven, take your time to develop the panic mode.. We can wait ;)
    In panic mode, Quarantine is a better option than renaming. Please add an option to open quarantine from tray menu.
     
  16. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Release 1.28 is out, featuring the new panic mode, which, if enabled, instantly renames new executables to a safe .OFF extension - nothing more, nothing less. Please note, this is a still a beta feature, use with care.

    Files are renamed in-place; a proper quarantine folder structure will be considered for implementation in a later release.
     
  17. Amin

    Amin Registered Member

    Joined:
    May 16, 2012
    Posts:
    437
    Location:
    UK
    hi

    Dear Sven good job.

    I really was thinking about if such a program exists and last week i saw this topic and followed the posts and finally found out : yessssss ! that's what i needed !! :D
    cuz u know most of the times i test the various malwares and like to know what is output of the malware , well, since one of the output is finding what files are created by malware and where, your program helps me a lot.. and i appreciate that Sven.

    and i wonder if u provide a custom list for extensions which i manually can insert my own extensions. for example i can have "lnk" or whatever.

    and another thing .. i had to create startup for it manually.. plz add an autostart for it dear Sven.. u are a smart guy i like you.:thumb:

    best regards:thumb:
     
  18. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    Great Sven !! :) Take your time. It would be better if you can create a hot key combination for panic mode because sometimes in some machines tray right click menu do not open. A safe hot-key combination like Ctrl+Shift+F6 would be nice.
     
  19. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Hi,

    thanks for your kind comments!
    Regarding for your request for LNK detection, yes this is no problem to implement,
    but as ExeWatch currently has no configuration file (as it was initially designed to
    only detect the EXE extension), I have offered custom builds of ExeWatch, watching
    the extensions of your choice, to users who donate (any amount is OK), as a sign of
    encouragement (see a few posts above).

    Please PM me if interested.
    Cheers,

    Sven
     
    Last edited: May 23, 2012
  20. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Sure, I'll try to add that (or better, a customizable hotkey) soon!
     
  21. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    Thanks Sven :)
     
  22. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,997
    Location:
    Poland - Cracow
    Hi Sven,
    could you tell me which extensions are detected in the latest version? I'm probably already lost in all this...
    And how "tricks" you implemented in EW? :)
     
  23. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Hi,

    as of the current release, the following extensions are supported:
    EXE
    COM
    SCR
    BAT


    I agree this and a few other things should be documented somewhere. Sorry, I couldn't take care of that yet due to too many projects and too little time :(
     
  24. genieautravail

    genieautravail Registered Member

    Joined:
    May 6, 2012
    Posts:
    109
    Hello everybody!

    Just to say that I have got MY special build today and that I'm very happy with MY new toy! :D
     
  25. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    nice to hear that :)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.