EXE Radar Pro v4 (Beta)

A

AMD1

Level 5
Verified
Aug 21, 2012
210
Umbra said:
@NoVirusThanks


Yes.

about options for alerts:

Option 1 is easier to handle for basic users, option 2 would be overwhelming for them.
Option 2 is better for more advanced users.

why not do both:
option 1 is the default then put an "advanced option" button in the alert dialog leading to option 2? :D

About the merging, i'm favorable to it, less windows to open, easier the use.
Click to expand...

I am a basic user and looking to learn more and I agree that "why not do both: option 1 is the default then put an "advanced option" button in the alert dialog leading to option 2? " covers both scenarios for basic and advanced users and would be the way to go
 
  • Like
Reactions: Sunshine-boy, AtlBo and Deleted member 178
A

AMD1

Level 5
Verified
Aug 21, 2012
210
@NVT
If V4 is to be a paid product, would there be an upgrade from V3 paid ?

NB I wasn't aware that V3 Beta was freeware or existed at the time I purchased a license for V3 (which I am quite happy I did by the way)
 
  • Like
Reactions: Sunshine-boy and AtlBo
A

AMD1

Level 5
Verified
Aug 21, 2012
210
NoVirusThanks said:
@Umbra

Good point, wrote that on the todo list :)

@AMD1

Sure, can rename that option to "Allow all software from the Programs File folder (x86 included)"
Click to expand...

Just so I understand, does this mean that any program which finds its way into the Programs File Folder (including x86) is whitelisted as opposed the whitelisting just those that reside in these folders when you whitelist them ?
 
  • Like
Reactions: AtlBo
Chimaira

Chimaira

Level 4
Verified
Well-known
Jan 5, 2018
163
NoVirusThanks said:
A few questions:

a) What do you think about this possible improvements for the Alert Dialog:

Option 1: We put "checks" on process fields that will be used when "Remember the action" is checked:

View attachment 181291

Option 2: We open "Rule Editor" when "Remember the action" is checked:

View attachment 181292
b) What do you think about joining "Rule Editor" and "Expression Builder":

View attachment 181293

@Umbra

You mean option to whitelist all .exe files on a folder and\or subfolders?

It is missing, we should add it soon.
Click to expand...
I like Umbra's suggestion about having both, I would also wonder about adding an option in the context menu so that you can right click on a program or installer, select the option and have it pull up one of the rule editor/expression builder menus.
 
  • Like
Reactions: AtlBo, Deleted member 178, harlan4096 and 1 other person
D

Deleted member 178

AMD1 said:
Just so I understand, does this mean that any program which finds its way into the Programs File Folder (including x86) is whitelisted as opposed the whitelisting just those that reside in these folders when you whitelist them ?
Click to expand...
seems the case.

i copied a portable apps into Program Files, no peep from ERP
 
  • Like
Reactions: Solarlynx
A

AMD1

Level 5
Verified
Aug 21, 2012
210
I have a program I use for work which resides in the C\ . How do I now whitelist all of the processes in that folder without having to whitelist them all individually when prompted ?
 
  • Like
Reactions: AtlBo
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Guys, be careful with learning mode, it will whitelist all your vulnerable processes. If you ran learning mode after populating your VPL, you will have to fix it.
That's the behavior I saw, anyways: learning mode whitelists the whole process -- not just the command line like it did in ERP 3
 
  • Like
Reactions: Sunshine-boy, Azure, _CyberGhosT_ and 3 others
A

AMD1

Level 5
Verified
Aug 21, 2012
210
Umbra said:
wait the next build :p

More seriously, if you can, put in in Program Files and tick "Allow all software in program files..."
Click to expand...

I cant change the default path unfortunately so will have to wait - in V3 it was easy just to browse to the folder and whitelist the processes including those in sub folders - hoping something similar can be added. For now, i have added a category and a rule with expression builder path ticked equal to C:\MyWorkProgram which seems to have worked but whether it's properly correct I don't know.
 
  • Like
Reactions: AtlBo and shmu26
NoVirusThanks

NoVirusThanks

From NoVirusThanks
Thread author
Verified
Developer
Well-known
Aug 23, 2012
293
@AMD1

For now, i have added a category and a rule with expression builder path ticked equal to C:\MyWorkProgram
Click to expand...

That is the correct way.

Additionally, you could sign all your programs with your Company's code sign (if you have it) and include Signer in the rule.

But it is fine as you did. To allow also processes in C:\MyWorkProgram\* (subfolders) just set the rule to "Like to" = C:\MyWorkProgram\*
 
  • Like
Reactions: AtlBo and shmu26
A

AMD1

Level 5
Verified
Aug 21, 2012
210
NoVirusThanks said:
@AMD1



That is the correct way.

Additionally, you could sign all your programs with your Company's code sign (if you have it) and include Signer in the rule.

But it is fine as you did. To allow also processes in C:\MyWorkProgram\* (subfolders) just set the rule to "Like to" = C:\MyWorkProgram\*
Click to expand...

Thanks that's the reassurance I needed that I was using the program as it should be used.
 
  • Like
Reactions: AtlBo and shmu26
codswollip

codswollip

Level 23
Content Creator
Well-known
Jan 29, 2017
1,201
AMD1 said:
Does the "Allow all software from the Programs File folder" also cover the Programs Files (x86) folder too ? If not, how does one exclude all these processes in one action.
Click to expand...
As a corollary to this... does this setting also include Programs Files folders outside the OS "C:\"partition... for example...

D:\Program Files\
D:\Program Files (x86)\

EDIT 1: I noticed that the Events log is purged with each reboot. Is that intentional? I didn't see an option in settings for that.
 
Last edited:
  • Like
Reactions: Sunshine-boy, AtlBo, shmu26 and 1 other person

Similar threads

danb
    • Like
    • +Reputation
Serious Discussion WDAC vs Kernel Mode Drivers
Replies
19
Views
1,441
General Security Discussions
danb
danb
D
    • Like
    • +Reputation
    • Love
For additional security/privacy: "MajorPrivacy" (upgraded from "PrivateWin10")
Replies
23
Views
1,844
System utilities
Digmor Crusher
Digmor Crusher
I
    • Like
    • +Reputation
New Update Little Snitch 6 for Mac (May 2024)
Replies
1
Views
516
Other security for Windows, Mac, Linux
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top