- Aug 17, 2013
- 1,905
EXE Radar Pro v4 (Beta)
- Thread starter NoVirusThanks
- Start date
- Aug 31, 2016
- 578
It does not work properly here. I have installed and uninstalled it several times, but nothing changes
View attachment 187614
do you have other security softs that could be preventing ERP from running?
- Nov 14, 2017
- 126
- Aug 31, 2016
- 578
How strange!I only have Windows Defender (default settings)
Thanks for answer
Have you tried turning off WD's realtime protection, exploit guard etc?
Is test 9 the first ERP beta you've installed or did test 8 (or any of the previous tests) work for you?
Do you use an admin account or standard user account?
- Mar 12, 2018
- 76
- Nov 14, 2017
- 126
Thanks again
Well, I've finally become paranoid. I have recovered several images from my system and still had the same problem, so I decided to do a clean installation of Windows and now everything works perfectly.
Thank you very much for your interest
- Aug 23, 2012
- 292
Here is a new v4.0 (pre-release) test10:
http://downloads.novirusthanks.org/files/exe_radar_pro_4_setup_test10.exe
*** Please do not share the download link, we will delete it when we'll release the official v4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed the link to lookup file sha1 on Virustotal on Events tab popup-menu
+ Fixed When clicking "Edit Expression" on "Rule Editor" it shows a warning message "You must enter a valid expression"
+ Fixed Wrong categories/Categories which are not applicable are being shown in the Alert Dialog
+ Fixed Cosmetic issue (Logfile related): Normally a "-" is shown in the logfile if the Expression or Category is empty
+ Fixed Changing of the column size in the Rules listview seems to have no effect ("ruleColumnX:") (but Events seems to work ["eventColumnX:"])
+ Fixed Windows Apps weren't allowed by the option "Allow Microsoft Windows Apps" in Settings tab
+ Fixed Possible Rules conflict -> moved Deny action checking to be before Ask action
+ Fixed The warning message "You must enter a valid expression" is present also on the Alert Dialog -> Custom Rule
+ Fixed Command-line string is empty for very long command-line strings
+ Improved allowing of safe process behaviors
+ "Vulnerable Processes" are now pre-loaded on the Rules tab when the program is first installed
+ Smarter way to handle signed processes not found in Trusted Vendors list while on "Learning Mode" -> if a signer is not present in Trusted Vendors list (when in Learning Mode), it is auto-added and enabled/checked
+ Added more signers on Trusted Vendors list
+ Added new option "Copy Selected Rule" -> The selected rule is "copied" on the newly created rule with same parameters
+ Added new option "Copy Selected Rule to Clipboard" -> It copies the selected rule to clipboard in XML format so can be easily pasted/shared on forums
+ Added new option "Locate Process File in Explorer" on Events tab
+ Added new option "Locate Parent Process File in Explorer" on Events tab
+ Added new option on Settings tab When on Lockdown Mode auto-block "Ask"-action processes (unchecked by default)
+ Minor fixes and optimizations
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
@Andytay70
If ERP runs fine but it doesn't detect new processes (Events tab remains always empty after you run processes), I suspect there is somehow a WD setting or something other (AV, HIPS, etc) that is preventing ERPv4 to communicate/load the kernel-mode driver (only guessing of course).
Can you retry with this new build? If it doesn't work, can you try to:
1) Uninstall ERPv4, then reboot
2) Disable the other security software (e.g WD, AV, HIPS, etc)
3) Now install ERPv4 and run a few programs
4) Check if processes executions are logged in Events tab
Let me know.
http://downloads.novirusthanks.org/files/exe_radar_pro_4_setup_test10.exe
*** Please do not share the download link, we will delete it when we'll release the official v4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed the link to lookup file sha1 on Virustotal on Events tab popup-menu
+ Fixed When clicking "Edit Expression" on "Rule Editor" it shows a warning message "You must enter a valid expression"
+ Fixed Wrong categories/Categories which are not applicable are being shown in the Alert Dialog
+ Fixed Cosmetic issue (Logfile related): Normally a "-" is shown in the logfile if the Expression or Category is empty
+ Fixed Changing of the column size in the Rules listview seems to have no effect ("ruleColumnX:") (but Events seems to work ["eventColumnX:"])
+ Fixed Windows Apps weren't allowed by the option "Allow Microsoft Windows Apps" in Settings tab
+ Fixed Possible Rules conflict -> moved Deny action checking to be before Ask action
+ Fixed The warning message "You must enter a valid expression" is present also on the Alert Dialog -> Custom Rule
+ Fixed Command-line string is empty for very long command-line strings
+ Improved allowing of safe process behaviors
+ "Vulnerable Processes" are now pre-loaded on the Rules tab when the program is first installed
+ Smarter way to handle signed processes not found in Trusted Vendors list while on "Learning Mode" -> if a signer is not present in Trusted Vendors list (when in Learning Mode), it is auto-added and enabled/checked
+ Added more signers on Trusted Vendors list
+ Added new option "Copy Selected Rule" -> The selected rule is "copied" on the newly created rule with same parameters
+ Added new option "Copy Selected Rule to Clipboard" -> It copies the selected rule to clipboard in XML format so can be easily pasted/shared on forums
+ Added new option "Locate Process File in Explorer" on Events tab
+ Added new option "Locate Parent Process File in Explorer" on Events tab
+ Added new option on Settings tab When on Lockdown Mode auto-block "Ask"-action processes (unchecked by default)
+ Minor fixes and optimizations
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
@Andytay70
If ERP runs fine but it doesn't detect new processes (Events tab remains always empty after you run processes), I suspect there is somehow a WD setting or something other (AV, HIPS, etc) that is preventing ERPv4 to communicate/load the kernel-mode driver (only guessing of course).
Can you retry with this new build? If it doesn't work, can you try to:
1) Uninstall ERPv4, then reboot
2) Disable the other security software (e.g WD, AV, HIPS, etc)
3) Now install ERPv4 and run a few programs
4) Check if processes executions are logged in Events tab
Let me know.
Exclude app per basis for security or exclude the vendor for usability and convenience.
You'll probably be fine either way
- Feb 24, 2017
- 1,661
you misunderstood me, i'm allowing the vendor but you can do it two ways, either add the signer to the Trusted signers list, or make an exclusion rule that only has the Signer specified.
same result, different places.
thank you for the wonderful update @NoVirusThanks
Ah okay, sorry. I misunderstood.
- Jul 6, 2015
- 737
All fine so far, I disabled Comodo HIPS and removed MB Anti-exploit. Thank you @NoVirusThanks
- Jul 6, 2015
- 737
App works like a charm until I re-install MB Anti-exploit and EXE Radar stops working!
Atleast i know what the issue is now!
Atleast i know what the issue is now!
- Dec 29, 2016
- 131
Is there any point in combining an anti exe with Comodo though?
- Jul 3, 2015
- 8,153
Some folks use Comodo for the firewall alone, and disable everything else.
which has nothing special...
- Aug 23, 2012
- 292
Here is a new v4.0 (pre-release) test11:
http://downloads.novirusthanks.org/files/exe_radar_pro_4_setup_test11.exe
*** Please do not share the download link, we will delete it when we'll release the official v4 ***
So far this is what's new compared to the previous pre-release:
+ Rename "Copy Selected Rule" on Rules tab to "Copy/Duplicate Selected Rule"
+ Added new signers to Trusted Vendors list
+ Added "Search Signer on Google" on popup-menu of "Trusted Vendors"
+ Added "Load Signers from File" on popup-menu of "Trusted Vendors"
+ Added "Export List to File" on popup-menu of "Trusted Vendors"
+ Added "Extract Vendor from File" on popup-menu of "Trusted Vendors"
+ Added "Search Signer on Google" on popup-menu of "Trusted Vendors"
+ Added "Search Signer on Google" on popup-menu of "Trusted Vendors"
+ Fixed count of Rules when Exporting them
+ Increased the pagination on Rules tab to 100 items per page
+ Function to add/update Trusted Vendors silently rejects any vendor that matches *Microsoft*
+ Fixed List of internal Vulnerable Processes are only automatically created when ERPv4 is "FirstRun"
+ Fixed List of internal Trusted Vendors are only automatically created when ERPv4 is "FirstRun"
+ Added manual popup menu under Rules Manager (Rules Listview) so internal list of Vulnerable Processes can be manually added back
+ Improved allowing of safe process behaviors
+ Minor fixes and optimizations
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
Here are some screenshots:
http://downloads.novirusthanks.org/files/exe_radar_pro_4_setup_test11.exe
*** Please do not share the download link, we will delete it when we'll release the official v4 ***
So far this is what's new compared to the previous pre-release:
+ Rename "Copy Selected Rule" on Rules tab to "Copy/Duplicate Selected Rule"
+ Added new signers to Trusted Vendors list
+ Added "Search Signer on Google" on popup-menu of "Trusted Vendors"
+ Added "Load Signers from File" on popup-menu of "Trusted Vendors"
+ Added "Export List to File" on popup-menu of "Trusted Vendors"
+ Added "Extract Vendor from File" on popup-menu of "Trusted Vendors"
+ Added "Search Signer on Google" on popup-menu of "Trusted Vendors"
+ Added "Search Signer on Google" on popup-menu of "Trusted Vendors"
+ Fixed count of Rules when Exporting them
+ Increased the pagination on Rules tab to 100 items per page
+ Function to add/update Trusted Vendors silently rejects any vendor that matches *Microsoft*
+ Fixed List of internal Vulnerable Processes are only automatically created when ERPv4 is "FirstRun"
+ Fixed List of internal Trusted Vendors are only automatically created when ERPv4 is "FirstRun"
+ Added manual popup menu under Rules Manager (Rules Listview) so internal list of Vulnerable Processes can be manually added back
+ Improved allowing of safe process behaviors
+ Minor fixes and optimizations
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
Here are some screenshots:
hi for some reason with this recent version norton is blocking it as a virus under temp just after clicking file to download.had to disable norton temporarily to download it.
Similar threads
