New Antiexecutable: NoVirusThanks EXE Radar Pro

Discussion in 'other anti-malware software' started by sg09, Jun 3, 2011.

  1. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,277

    One key word here. Patience!!
     
  2. tonino

    tonino Registered Member

    Joined:
    Jan 2, 2017
    Posts:
    62
    Location:
    somewhere
    Hi!
    What about Smart Object Blocker?
     
  3. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,327
    Location:
    U.S.A. (South)
    It's like we're all kids again waiting for the next big piece of Candy from Andreas variety shop :argh:

    The guy knows how to drive a hard bargain with style.
     
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,654
    Not in this case.
    As long as an application is identified as a Vulnerable Process, the whitelist is not considered.

    "Specify Vulnerable application by hash", file has been changed = Not a vulnerable Process anymore, the whitelist is now checked and the user gets a "changed file"-prompt.
    "Specify Vulnerable application by process", = it's always a vulnerable Process (even after it was modified), the whitelist isn't checked and the user gets no "changed file"-prompt.

    For example add a whitelisted file to the Vulnerable Processes-list.
    After executing it, you'll get a "Vulnerable application"-prompt. After removing it from the regular whitelist, you'll get the same prompt again and not a "Unknown application detected"-prompt.
    ERP is looking into the Vulnerable Processes-list first and if it can find the process there, it doesn't even look into the whitelist ("the whitelist is not considered")

    "Specify Vulnerable application by process" (=without a hash) is less secure.
    But it is not yet implemented, we'll see.
    I think it can be made more secure, if ERP always checks the whitelist in addition :cautious:
    So the following problem can be mitigated:
     
  5. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,534
    Location:
    Mexico
    @mood

    Thanks for your great input!
    As usual. :thumb:
     
  6. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,327
    Location:
    U.S.A. (South)
    @mood

    Excellent point! And hopefully useful detail to be considered.
     
  7. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,346
    +1
     
  8. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,500
    Location:
    Under a bushel ...
    Yes, I hope Andreas follows the issue here.
     
  9. novirusthanks

    novirusthanks Developer

    Joined:
    Nov 5, 2010
    Posts:
    1,027
    Location:
    Italy
    @Windows_Security

    A rule builder is on the list.

    @Charyb @Alkajak

    We already finished the new "core" of ERP (kernel-mode driver, service, etc) some weeks ago, we need to dev "only" the GUI, management of rules, alert dialog, notification window, settings, and other few things. May have a public build to test on end of February or some weeks later.

    @bellgamin

    XP will be supported.

    @mood

    Good points, will see what we can do.

    @defconoi

    RegGuard will be updated for Windows 10 AU in these weeks.

    @tonino

    We'll release Smart Object Blocker as a service (no GUI) on these weeks.
     
  10. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,346
    sounds good!
     
  11. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,327
    Location:
    U.S.A. (South)
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    11,763
    Location:
    The Netherlands
    What the hell, I didn't see this one coming, sounds very exciting. :D
     
  13. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,463
    Location:
    Hawaii
    Grrreat!!! I hope you will have a NON-free version. I like to pay for good apps, so that they will be around for a looong time.
     
  14. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,536
    Location:
    USA
    Andreas, please keep the same design for the new GUI. ERP's GUI is extremely easy to navigate just the way it is. Tabs, and tabs inside of tabs is very user friendly.
     
  15. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,327
    Location:
    U.S.A. (South)
    Absolutely agree on this. Of course this end user frequently favors a useful GUI and this is one of the best IMO.
     
  16. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,717
    Location:
    Zagreb, Croatia
    I see nothing bad about current GUI. :)
     
  17. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,346
    I would like ERP to be smarter in recognizing similar command line strings, so the user won't have to edit them with wildcards so often.
     
  18. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    5,736
    Location:
    Europe then Asia
    rebuild from scratch = new product (as Emsisoft did with their suite) , so old ERP is dead, all must go again via alpha testing > closed beta-testing > public beta testing > Stable release; will take ages.
     
  19. Djigi

    Djigi Registered Member

    Joined:
    Aug 13, 2012
    Posts:
    554
    Location:
    Croatia
    ...but old version will still be usable like it is now :rolleyes:
     
  20. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,327
    Location:
    U.S.A. (South)
    Good Point but it might not take as long as some fear but is completely worthy of the concern when it comes to waiting.
     
  21. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,536
    Location:
    USA
    Thanks guys for confirming that i'm not alone in thinking there's not much that could be done to improve the current GUI.

    The only think I don't like about the current UI is the right click options on the tray icon. I don't like all the "time options" for the different Protection Modes. I don't think anyone will ever want to use those options, if they do then I think it will be rare. The only exception will be Learning Mode. If I choose a Protection Mode then that's what I want it to stay on until I decide to change it to something else. It just slows the user down in choosing between the different Protection Modes.
     
  22. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,534
    Location:
    Mexico
    Hi CE, I'm with you on this too.
     
  23. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,536
    Location:
    USA
    I think this is the one time that our preference will even represent the common user, though I doubt the common user will be using ERP.
     
  24. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,654
    but it should be still there for modes which are lowering the protection of ERP :cautious:
    because a user might "forget" to switch to a higher protection mode.
    But it can be removed for "Lockdown Mode", so we now have at least "Alert" and "Lockdown Mode" with no time options.

    Or:
    Let's remove all time options from the rightclick-menu and make 30 minutes the default (but the user can change the minutes in the settings)
    For example:
    Settings - Restore Protection:
    [X] Restore the Alert Mode after [30] minutes
    [ ] Restore the Lockdown Mode after [30] minutes
    [ ] Do not switch back to Alert Mode/Lockdown Mode
    =
    By default these modes are infinitely: Alert Mode and Lockdown Mode
    But if the user selects all other modes, ERP is switching back to the Alert Mode or Lockdown Mode after "30 minutes".
    Or the user can select the third option in the settings: "Do not switch back..." and all other selected modes are now "infinitely" too.
     
  25. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,534
    Location:
    Mexico
    Smart as usual @mood
    Your solution satisfies both worlds :thumb:
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.