ExeWatch

Discussion in 'other anti-malware software' started by flatfly, Apr 23, 2012.

Thread Status:
Not open for further replies.
  1. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Many thanks for your kind donation and feedback!
     
  2. mattfrog

    mattfrog Registered Member

    Joined:
    Apr 3, 2012
    Posts:
    85
    Location:
    United Kingdom
    Sven,

    I'd like to offer to build you any web pages needed for exewatch if you do not have the time (free of charge of course).

    Let me know through PM if you are interested :argh:
     
  3. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Nice app, lite and active.

    Another small suggestion i like to offer is would be nifty if those "4 instant visusal alerts" that indicate a change is underway could be coded in some way to display a simple message within them like: ALERT-ACTIVITY-etc. if you get the drift.

    Keep up the good work. Nice job! :thumb:

    Regards EASTER
     
  4. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Hi, first of all sorry to reply so late - still dealing with some personal issues.

    Thanks a lot for your offer, that's very appreciated. Sure, I'd love to have the website look better and with more content. I'll think a lilttle bit more about the direction I would like the website to take, and then I'll PM (assuming you're still OK to do it).
     
  5. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Thanks for your feedback, I'm glad you like it. I'll be sure to look into your request. (Please note that as stated earlier, due to time constraints, I do give higher priority to donators for such requests.)
     
  6. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    Just tested the 'panic mode' on a Zeus drive-by, and the program consistently renamed the dropped executables.

    I had my concerns that it wouldn't be able to rename a file that was locked and trying to execute.

    Good work to the author :)
     
  7. tomazyk

    tomazyk Guest

    I can't get to the website. Is the site down? Can I get software from other sources?
     
  8. Baedric

    Baedric Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    163
    The site has been down for several days now. fyi
     
  9. tomazyk

    tomazyk Guest

    OK, so it's not me... Thanks for info!
     
  10. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Hi, sorry for the website downtime.

    I'm battling some tough RL problems and the last thing I needed is unexpected DNS issues! I've decided to relocate my web page to the following URL to solve the problem as quickly as possible:
    http://dre.redmartian.org/

    Sorry for the inconvenience, and expect a new update soon (hopefully)!
     
  11. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    Avira warns for HEURcrypted.E when download of exewatch
     
  12. Amin

    Amin Registered Member

    Joined:
    May 16, 2012
    Posts:
    437
    Location:
    UK
    natural.. avira is detecting it via Heuristic analysis and it causes more FPs

    just add it to exclusion list.

    Regards,
    Amin
     
  13. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    Most likely since I have H on max. Thanks! :)
     
  14. iammike

    iammike Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    345
    Location:
    SE Asia
    @svenfaw

    you offer the download from your website as a Zip file, but when downloaded it's not a zip but a exe file.

    But :thumb: :thumb:'s up for your great program.
     
  15. svenfaw

    svenfaw Registered Member

    Joined:
    May 7, 2012
    Posts:
    291
    Many thanks for your feedback.
    I have just fixed the Zip file issue that you kindly reported.
     
  16. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    How do I get it to autostart?
     
  17. iammike

    iammike Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    345
    Location:
    SE Asia
    ^ add a registry string value (REG_SZ) in

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

    with the following info

    Name: ExeWatch
    Data: Full Path to the ExeWatch executable
     
  18. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    Thanks for suggestion but I am not savvy enough. Will wait for Sven to fix so that it autoruns.
     
  19. iammike

    iammike Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    345
    Location:
    SE Asia
    ^ Another option would be

    Place a Shortcut to ExeWatch in

    C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Startup
     
  20. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    OK - it autostarts. I managed to put it under autostart. Dont know the difference between strtup and autostart functionwise for exewatch.

    Now - when do I use the panic-button? And what will Panic do to malware and also to my legit .exes?

    In the log there isnt an .exe file I recognize the name of?
     
  21. iammike

    iammike Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    345
    Location:
    SE Asia
    ExeWatch will only alert on creation of New Files, and the Panic Button will only affect newly created files (exe etc) by renaming them

    Use this with extreme caution as it could also rename Legitimate OS / Program Files.

    Did you install new programs ?

    Could you post some of the log file ? Please strip all sensitive data (like user name / computer name etc) from it before you post.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.