Driver Radar Pro v1.5 (Freeware)

http://s10.postimg.org/83ebb91fb/driver_radar_pro1.png

I uploaded a new beta version of Driver Radar Pro v1.5:
http://downloads.novirusthanks.org/files/DrvRadarPro_Setup2.exe

These are the changes:

Feel free to report here feedbacks about its usage and if you find any issue.

 

Looks interesting, never realized you have so many tools available after properly exploring your product catalogue. Any vision to include some into ExeRadar Pro to enhance its capabilities or is there no need? Secondly, does Driver Radar offer any extra protection when used in conjuction with ERP or is it more of an ondemand verification tool?

Ragards.

 

Is this needed if erp is already installed?

 

@TS4H

We will discuss what and if to add new things to ERP very soon.

Driver Radar Pro is a real-time monitoring application that automatically blocks the loading of unknown kernel-mode drivers, useful to block rootkits.
It can be used in conjunction with ERP, as it monitors a different area.

@Overkill

It can be useful to block kernel-mode drivers, it uses only 16 MB of memory (service + gui).
Lets say you allow an executable file with ERP, and it then tries to load a kernel-mode driver (safe or unsafe), it is automatically blocked by Driver Radar Pro, if it is not whitelisted.
There is no alert dialog, Driver Radar Pro blocks by default the loading of any non-whitelisted kernel-mode driver.

 

Looking through my archive of previous downloads of NVT products, I have a found that I have the portable version of Drive Radar v1.3.10.

Is there a new portable version of this current beta?

I have found a link which is current for a portable version - hxxp://downloads.novirusthanks.org/files/portables/DrvRadarPro-Portable.zip, that appears from the digital signature, was released on April 22 2014. It is for version 1.4.

P.S. When I go to the webpage for Driver Radar, the various tabs for Screenshots, Details, Changelog do not work in Opera v12.15 Build 1748

 

C:\WINDOWS\system32\drivers\mbamswissarmy.sys got blocked .

Whitelisted it now but surely a lot of people use it and so I was surprised to see it blocked.

 

Works for me, you probably have extension problem.

 

@Tarnak

Since we have added support for LUA and FUS (using a service), we plan to remove the portable version.

I'll check the tabs with Opera to see why they not works.

@trott3r

Yes, that is normal, the program does not have a pre-built list of safe kernel-mode drivers that can be loaded.

Maybe we can add it, what do you think ?

 

Perhaps, not!

See my recent post in Wilders Polls section, regarding a similar problem, here, and reply to it, here

 

I still am using XP, and I run as Admin. LUA is not applicable, to me. I don't know what FUS means, but I would prefer to use a portable version, but if not, them's the breaks.

 

@Tarnak

We use Bootstrap as main framework in the website, can you confirm me that you had JavaScript enabled in Opera ?

 

I've just tested privazer site and it works, it even works on Opera 10, so ...

 

If I disable Ad Muncher before I go to the relevant page, then I can get the Tabs to work. Strange!

 

Yes.

 

Yes that would be a good idea to add in the common ones.

Wouldnt the start with windows option cause problems if there was not any prebuilt whitelisting?
Could give a negative impression of the product before they started using it.

 

@Tarnak

We use few CDNs (Content Delivery Networks), such as:
//netdna.bootstrapcdn.com/bootstrap/3.0.3/css/bootstrap.min.css
//cdnjs.cloudflare.com/ajax/libs/jquery/1.10.0/jquery.min.js
//netdna.bootstrapcdn.com/bootstrap/3.0.3/js/bootstrap.min.js
//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7/html5shiv.min.js
//cdnjs.cloudflare.com/ajax/libs/respond.js/1.1.0/respond.min.js

I suspect that Ad Muncher blocks them somehow and the tabs then are not working, just a guess anyway.

 

No biggie...I can work around it.

 

@trott3r

By default all legit and safe system-protected kernel-mode drivers are allowed.

Problem would be for other security software because their kernel-mode drivers would be blocked at least initially until the user whitelists them.

I will create a list of common kernel-mode drivers installed by other security software so they will be auto-whitelisted after Driver Radar Pro is first installed.

 

OK that would be a good idea

 

It uses alot more ram than erp

 

Another suggestion if i may.

In manage whitelist an added driver gets stored as the hash name which means nothing to regular users like me.
The name of the driver would be a better option.

 

Ah looks interesting and effective. I'll give it a try.

 

this tool may block some nasty rootkits in real time

 

I uploaded a new build that can be downloaded from here:
http://downloads.novirusthanks.org/files/DrvRadarPro_Setup2.exe

Uninstall the old version (removing the settings) and install this new version, a reboot is not needed.

Here is what's new:

+ Save also the file name and path when a driver is whitelisted
+ The whitelist window can now be maximized
+ Quickly configure the application with Configuration Wizard

In the configuration wizard, if you select "Recommended settings", it will scan the folder C:\WINDOWS\system32\drivers\ and whitelist all .sys files founds.

So this way all the other security software installed can successfully load their kernel-mode drivers.

Let me know how it works and if you have other suggestions.

 

Good to see software other than ExeRadar also in development.
Are you still developing Anti-Rootkit?
And is there a blog or something alerting to updates (preferably with changelogs) for your softwares?