New Antiexecutable: NoVirusThanks EXE Radar Pro

Discussion in 'other anti-malware software' started by sg09, Jun 3, 2011.

  1. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    275
    Location:
    Island of Woman
    @mod or someone else, could you please help me whitelist zemana antilogger free in a secure way?
    no matter what I do and how many allow rules I set it still asks me for allow/deny for different zemana injections at process launch
    name: rundll32.exe
    path: C:\Windows\System32
    Hash: 7662A8D2F23C3474DEC6EF8E2B0365B0B86714EE
    C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll", InjectMe 5332

    I just want to achieve zemana ERP whitelisting by hash, path and signature
    but at each new process launch there is new zemana pop up from ERP (I tried various combinations)

    I want to use the old zemana antilogger as I deem it effective despite it being old
    plz tell me if you need more info on the process it is very important to me,
    best
     
    Last edited: Dec 16, 2019
  2. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,640
    Compare these alerts/blockings and find out what is changing each time - and replace it with a wildcard.
    I guess this is the case for the number after "InjectMe".
     
  3. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    275
    Location:
    Island of Woman
    @mood @guest or someone : how to to stop MSI installers by erp rule as Umbra mentioned it is possible (msi installer can be used as containers by malware makers)
    sry for so many questions the program is fascinating but the information is scarse

    I usually make a rule after it shows up in ERP (noob way), but MSI doesn't shows up to be edited for it blocks (by default) .exes
     
    Last edited: Dec 18, 2019
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.