New Antiexecutable: NoVirusThanks EXE Radar Pro

Someone here, a trusty member for me, told me ERP cmd line scanner was hard to read in the logs and sometimes it didn't catch all processes. I didn't test that by myself though. @novirusthanks should know if it will or it's been already improved in new beta version.

 

Fair enough.

 

BTW, I noticed that after updating Flash Player for Opera/Vivaldi, now cmd.exe gets blocked by ERP every time a Flash video get loaded. Did anyone notice this, and I supposed this isn't normal right?

 

Yup. If you see a legitimate running instance blocked in the event viewer, whitelist it.

 

It depends on the command-line and maybe you need to whitelist the command-line if you want to watch a video without an alert.

 

I forgot to look at the command line. It only happens when I switch off the Vivaldi sandbox, apparently the Flash player notices that it's not being sandboxed, but I don't see why it needs to run cmd.exe, I will continue to block it.

 

Is there any way to import a vulnerable list and not add every application manually? I.e. https://excubits.com/content/files/blacklist.txt

Or can anyone provide me with a good blacklist for vulnerable applications I can import in settings?

 

It's not possible AFAIK, but it's a good idea.

 

There is no such feature because there is no reason to have it, you import ERP settings into ERP, not settings from other softs.

The only way it could works is to import them from a .txt file. (a bit like Emsisoft web filter allows importing sites from a custom host file)

 

Think that's not gonna work. ERP needs to hash the executable. For this to happen ERP needs you to open the browse (file explorer) function, select the exe, one by one, and it will add it to the vulnerable section along their hashes.

 

Was @shadek maybe not asking if he could use someone else's exported file, someone who has already added all those vulnerable apps?

But I guess all other white/blacklists would have to be reset, and other settings examined. Plus the hashes of the vulnerable apps may not correspond. So too tricky, I'm sure. Better to start from scratch, even if it is time consuming.

Anyway, I would wait for ERP 2.0.

 

so do i. It will be the only one real anti-exe left, simple, granular, efficient and without useless features.

 

IMHO, it's time for Andreas to implement a new feature to import exes file names from a list, ERP will parse it and retrieve the filenames, browse for them in batch, add them in batch with hashes, path, date, etc., automatically.

 

Could be done easy , since you can scan a folder , why not read a txt file...question is " does classic users of ERP will need it so would it be worth it?" only Andreas will tell

 

I can tell too!: Yes, it's worth of it.

 

Thanks everyone for replying!

For me it's too troublesome to manually add all vulnerable processes. I just wondered if there was an easy way to do it, but it seems there is not. I suppose the default vulnerable processes will do.

 

It will. Not if you are kind of picky with security. I spent a year ago several hours adding and classifying vulnerable processes to have an easy to read list within ERP.

 

I wonder when the beta is going to be ready?

 

Remember only few security forum members like us knows about what are vulnerable processes and what they do, others don't have a clue of what we are talking about.

 

This is going to sound brash, and I only mean it with expressing anticipation, but sure wish and hope it comes through soon.

And the best part of ERP is it has performed top honors alongside every other security software that I run in tandem along with it like Ransom0ff + Comodo FW 10 etc.

I don't do voodoo or maleebytes not because they aren't to expectations but have taken (as I always do) a different route to applying layers that work best together on this end as currently set up.

ERP is the Watcher and Stopper anti-exe for me even if it does overlap a bit with others. Two heads are always better than one.

 

I hope plans are moving ahead.