NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
216
Here is a new v4.0 (pre-release) test22:
https://downloads.novirusthanks.org/files/exe_radar_pro_4_setup_test22.exe

*** Please do not share the download link, we will delete it when we'll release the official v4 ***

So far this is what's new compared to the previous pre-release:

+ Action = Ask executions now auto-check the cmdline checkbox inside the Alert window (along with Vulnerable Processes)
+ Fixed Learning Mode isn't retained after a reboot
+ Increased maximum number of Events displayed in the "Events-tab" to 10K
+ Fixed The window of the Expression Builder resizable, but the size is not remembered
+ Fixed Processes allowed via Alert Mode show wrong expression in Events

To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.

@Snickers102

Thansk for the suggestions, we'll take them into consideration for next builds.
 

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
216
Quick update:

Here is a new v4.0 (pre-release) test23:
https://downloads.novirusthanks.org/files/exe_radar_pro_4_setup_test23.exe

*** Please do not share the download link, we will delete it when we'll release the official v4 ***

So far this is what's new compared to the previous pre-release:

+ Added new signers to Trusted Vendors list
+ Auto-check the Command Line field also in "Expression Builder" if the user clicks on "Custom Rule" on "Alert Dialog" triggered by Action = Ask executions
+ Allow user to specify how many entries show in the Events-tab
+ Fixed small logic bug involving play Blocked sound
+ Select a custom WAV sound file for Alert-notifications
+ Select a custom WAV sound file for Block-notifications
+ Improved "Allow Known Safe Process Behaviors"
+ Minor fixes and optimizations

To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.

Screenshot:

new-erp.png
 

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
216
Here is a new v4.0 (pre-release) test24:
https://downloads.novirusthanks.org/files/exe_radar_pro_4_setup_test24.exe

*** Please do not share the download link, we will delete it when we'll release the official v4 ***

So far this is what's new compared to the previous pre-release:

+ Allow to disable protection temporarily for 10 minutes, 30 minutes, 1 hour via Tray Icon right-click menu
+ Added check for damaged/corrupt settings conf file (in which case default settings are re-applied)
+ Fixed When turning on Learning Mode, after a reboot it's set to Alert Mode, I would expect it to stay on Learning Mode
+ Fixed Saving of settings to conf file in particular situations
+ Minor fixes and optimizations

To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
 

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
216
Here is a new v4.0 (pre-release) test25:
https://downloads.novirusthanks.org/files/exe_radar_pro_4_setup_test25.exe

*** Please do not share the download link, we will delete it when we'll release the official v4 ***

So far this is what's new compared to the previous pre-release:

+ Updated "Home" tab
+ Fixed "Show Last N Events in Viewer"
+ On "Expression Builder" changed the name of "Like to" to "Like to (Wildcard)"
+ "Distinct To" re-added to Expression Builder to support already existing rules (via Editing). "Distinct To" is only dynamically removed from New rule creations (Add button on Rule Manager and Create Rule from Event in Events Tab). This allows for backwards compatibility for previously existing rules that used Distinct To and restricts the future use of it in New rules
+ Minor fixes and optimizations

To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
 

AtlBo

Level 28
Verified
Top poster
Content Creator
Well-known
Dec 29, 2014
1,704
Any chance we could see some kind of a tracking feature for processes and command-lines? This would be nice to allow the process but be alerted when it runs and then on the prompt see when it has been a parent for example and or see its command lines. User could get a chance to change their mind from the notice about a process. Thx. Going to take a look at the latest now :). Looking forward to seeing how it's doing now...
 

SHvFl

Level 35
Verified
Helper
Top poster
Content Creator
Well-known
Nov 19, 2014
2,338
Nice new home page. Looks nice.

@NoVirusThanks Can you please add a way to add trusted vendors by browsing to a signed file or from a running process?
 
  • Like
Reactions: shmu26
D

Deleted member 178

Nice new home page. Looks nice.

@NoVirusThanks Can you please add a way to add trusted vendors by browsing to a signed file or from a running process?
you can already:

- right click on a empty space in the TVL tab > select "extract signer from file"
 

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
216
Here is a new v4.0 (pre-release) test26:
https://downloads.novirusthanks.org/files/exe_radar_pro_4_setup_test26.exe

*** Please do not share the download link, we will delete it when we'll release the official v4 ***

Build 26
+ Added new vendors to default Trusted Vendors List
+ Fixed saving/loading of Unicode strings on Rules database
+ Fixed Truncate the category name if it is longer than 30 characters
+ Fixed When a Custom Rule is added via Alert dialog, act accordingly to selected action and close the Alert dialog
+ Added "File Information" in the Alert dialog
+ Added a new button "Scan running processes" on "Trusted Vendors" window
+ Added a new option "Disable Until Reboot" on trayicon -> Protection Modes -> "Disable protection" options
+ Improved "Allow Known Safe Process Behaviors"
+ Minor fixes and improvements

To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.

@SHvFl

Have added the text "* Use right-mouse-button for additional options" in the Trusted Vendors window.

Still no adding from running processes though so maybe that can be added.

Added, you can add selected vendors or all vendors from running processes.
 
Last edited:

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
216
A quick update:

Here is a new v4.0 (pre-release) test27:
https://downloads.novirusthanks.org/files/exe_radar_pro_4_setup_test27.exe

*** Please do not share the download link, we will delete it when we'll release the official v4 ***

Build 27
+ Fixed exporting of rules that contain unicode characters
+ On "Trusted Vendors" dialog the column "Signer" now shows the number of items, i.e "Signers (1234)"
+ Fixed Details shown in "File Information" on Alert Dialog are not trimmed
+ Improved "Allow Known Safe Process Behaviors"
+ Minor fixes and improvements

To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
 

Telos

Level 22
Verified
Top poster
Content Creator
Well-known
Jan 29, 2017
1,111
Im testing this for the first time and I will say I am impressed. I could probably take off Voodooshield with this running.
If you are testing this, absolutely disable VS.
 
  • Like
Reactions: Tiny
D

Deleted member 178

ERP is the king of anti-exe, clean, simple, efficient, no bloat added by useless features. When NVT released ERP v4 first screenshots; few days later, I laughed when i saw some trying to copy its rules editor. Pathetic.
 

shmu26

Level 85
Verified
Helper
Top poster
Content Creator
Well-known
Jul 3, 2015
8,117
ERP is the king of anti-exe, clean, simple, efficient, no bloat added by useless features. When NVT released ERP v4 first screenshots; few days later, I laughed when i saw some trying to copy its rules editor. Pathetic.
Right. Voodooshield would like to be what ERP is, but...
 
  • Like
Reactions: Deleted member 178

Michyon

Level 2
May 18, 2018
50
Can confirm, Voodooshield is massive bloatware (noticeable on the VM) compared to just having ERP. And less annoying and easier to manage. I am now running it on production machine (along with Bitdefender TS 2019 and OSA) and man feels like the perfect config.
 

shmu26

Level 85
Verified
Helper
Top poster
Content Creator
Well-known
Jul 3, 2015
8,117
But let's not forget that VoodooShield can help the user decide what's safe and what's not. It has Ai, it checks the file in VT, etc. ERP is geared specifically for advanced users, whereas Voodoo is also for regular users.
 

Digmor Crusher

Level 12
Verified
Top poster
Well-known
Jan 27, 2018
573
Can confirm, Voodooshield is massive bloatware (noticeable on the VM) compared to just having ERP. And less annoying and easier to manage. I am now running it on production machine (along with Bitdefender TS 2019 and OSA) and man feels like the perfect config.

First I've heard that VS is bloated, care to elaborate?
 
Top