shmu26

Level 83
Verified
Trusted
Content Creator
NVT ERP - user can define vulnerable processes and add them to list. VooDooShield only has hard-coded list.

If you learn about vulnerable processes, then you can use NVT ERP to great effect to protect your system.

VooDooShield has some innovative features, but I think it will be another year before they get it all sorted out...
now that a lot of time has passed since the last update, would you recommend any particular manual changes to the vulnerable processes list, for windows 10 x64?
 
  • Like
Reactions: AtlBo

shmu26

Level 83
Verified
Trusted
Content Creator
I reinstalled beta version,
I took a look at settings, and I don't know exactly why, but I have a check in
"allow microsoft windows protected system processes"
"allow all software from program files folder"
"allow microsoft windows 8 start screen processes"

I also see that I have disabled trust of digital certificates, but enabled trusted vendors.
in list of vendors I see what looks like a combination of my software vendors, and a standard list from NVT. It's a relatively short list, in any case.

Does this look reasonable, or are my settings messed up?
It is in alert mode, and the computer is in a clean state.
 
  • Like
Reactions: AtlBo
D

Deleted member 178

It is ok, but if you are totally sure your system is clean:

- Delete all vendors except Microsoft, and those of your hardware.
- Then add C:\program files, C:\program files (x86), C:\Windows to the whitelist then shift to Lockdown Mode.

All the OS system files and installed programs will be allowed to run while everything else will be blocked ; this was my setting when i used ERP. Almost nothing can bypass this.
 

shmu26

Level 83
Verified
Trusted
Content Creator
like it.
anything that should be added to the vulnerable processes list?
 
  • Like
Reactions: AtlBo

shmu26

Level 83
Verified
Trusted
Content Creator
Ok. I just went through on this topic. I'm happy I found the free version. I have a few questions.
1, Do I need WinAntiRansom if I use the NVTERP ?
2, Do I need Zemana AntiKeylogger free if I use NVTERP ?


Zemana AntiKeylogger is running in the BG and NVTERP asks to block or allow in every few minutes.

Thanks :)
ransomware and keyloggers have to run processes. They will not be able to execute their processes if you have NVT ERP properly configured. You are protected from those types of problems without extra software.
 

void011

New Member
I use FreeDownloadManager which needs to install its extension to browser. Mine is Opera.
Eachtime I launch the browser, ERP (alert mode) always prompts for the command line calling FDM from parent process Opera, though I've already whitelisted the cmd line (I suppose it changes everytime).

How do I completely whitelist this?
 
  • Like
Reactions: AtlBo

shmu26

Level 83
Verified
Trusted
Content Creator
I use FreeDownloadManager which needs to install its extension to browser. Mine is Opera.
Eachtime I launch the browser, ERP (alert mode) always prompts for the command line calling FDM from parent process Opera, though I've already whitelisted the cmd line (I suppose it changes everytime).

How do I completely whitelist this?
whitelist the main exe file of FreeDownloadManager, put it in the tab "parent process".
 

Av Gurus

Level 29
Verified
Trusted
Malware Hunter
Does anybody know is this program is still in progres or not?
Too long is the same version in BETA.
 
  • Like
Reactions: AtlBo

shmu26

Level 83
Verified
Trusted
Content Creator
Does anybody know is this program is still in progres or not?
Too long is the same version in BETA.
it is not being actively developed as long as we know.
the dev seems to be working on other things.
But it still works pretty well.
(I personally am waiting for REHIPS to come out of closed beta, hopefully it will be even better)
 
  • Like
Reactions: AtlBo and Av Gurus

SHvFl

Level 35
Verified
Trusted
Content Creator
Does anybody know is this program is still in progres or not?
Too long is the same version in BETA.
Dev is gone for a while now. Someone said he had a project and when he is done with it he will be active again but i would not hold my breath.

(I personally am waiting for REHIPS to come out of closed beta, hopefully it will be even better)
It is!