New Antiexecutable: NoVirusThanks EXE Radar Pro

Agree. I have to keep ERP on a leash when I install, or else it can break the install. It would be good to know what went thru... in case...

 

you have the popups/alerts/event logs for that, no ?

in this case would be useful indeed.

 

any clue why would i be getting totally random hard locks? aka PC totally freezes, screen stops, can't be brought back, force restart has to be done
the only consistent thing that i can see in the logs that is happening before this happens is Opera doing something
been getting these since i installed NVT EXE Pro hence i'm asking here

Spoiler: logs

Date/Time : 2018-05-25 22:13:11.272
Action : Allow/Program Files
Expression : -
Category : -
PID : 24080
Process : C:\Program Files\Opera\launcher.exe
Integrity Level: Medium
User/Domain :
System File : False
SHA1 : EECF44C84CFAB7621F1326D5F672561458CF4404
Signer : Opera Software AS
Command : "C:\Program Files\Opera\launcher.exe"
Parent : C:\Windows\explorer.exe
Parent SHA1 : 85B7615F829E9913BBFEF074825BAD92E626D30D
Parent Signer : Microsoft Windows


Date/Time : 2018-05-25 22:13:11.524
Action : Allow/Program Files
Expression : -
Category : -
PID : 18948
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Medium
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --ran-launcher --started-from-shortcut
Parent : C:\Program Files\Opera\launcher.exe
Parent SHA1 : EECF44C84CFAB7621F1326D5F672561458CF4404
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:11.949
Action : Allow/Program Files
Expression : -
Category : -
PID : 20880
Process : C:\Program Files\Opera\53.0.2907.68\opera_crashreporter.exe
Integrity Level: Medium
User/Domain :
System File : False
SHA1 : 9BC401F97FB57C3A2A4CADE6248021C814CA6676
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera_crashreporter.exe" --ran-launcher --started-from-shortcut --crash-reporter-parent-id=18948
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:12.190
Action : Allow/Program Files
Expression : -
Category : -
PID : 18840
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=gpu-process --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --service-request-channel-token=18975145B9FC44599895B557C338144E --mojo-platform-channel-handle=1520 --ignored=" --type=renderer " /prefetch:2
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:12.426
Action : Allow/Program Files
Expression : -
Category : -
PID : 8116
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=CDF59ED94F0DF6C7489457C271CAB769 --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=CDF59ED94F0DF6C7489457C271CAB769 --renderer-client-id=3 --mojo-platform-channel-handle=2816 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:12.552
Action : Allow/Program Files
Expression : -
Category : -
PID : 10248
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Medium
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=utility --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --lang=hu --no-sandbox --enable-quic --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --service-request-channel-token=9E60D8AC41DE2F1E1B825578AFA17014 --mojo-platform-channel-handle=3248 /prefetch:8
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:12.671
Action : Allow/Program Files
Expression : -
Category : -
PID : 24108
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=D6D4E7B1CE53B13A4A82A50E6428D17F --lang=hu --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=D6D4E7B1CE53B13A4A82A50E6428D17F --renderer-client-id=19 --mojo-platform-channel-handle=3796 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:12.817
Action : Allow/Program Files
Expression : -
Category : -
PID : 24192
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=08D46B142DF88F142EEED593647768F7 --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=08D46B142DF88F142EEED593647768F7 --renderer-client-id=6 --mojo-platform-channel-handle=4112 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:12.979
Action : Allow/Program Files
Expression : -
Category : -
PID : 21116
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=5B338A89BAC4E93555D97535F3ECD6B8 --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=5B338A89BAC4E93555D97535F3ECD6B8 --renderer-client-id=8 --mojo-platform-channel-handle=3728 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:13.131
Action : Allow/Program Files
Expression : -
Category : -
PID : 17740
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=6FB4F8437718E21DE95B092A2BB1175B --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=6FB4F8437718E21DE95B092A2BB1175B --renderer-client-id=10 --mojo-platform-channel-handle=4260 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:13.287
Action : Allow/Program Files
Expression : -
Category : -
PID : 23544
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=81CFCB975469F59E15B77DE6412E4DC7 --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=81CFCB975469F59E15B77DE6412E4DC7 --renderer-client-id=4 --mojo-platform-channel-handle=3780 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:13.514
Action : Allow/Program Files
Expression : -
Category : -
PID : 2648
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=607EEF8C7C5D8F0A449B00158148AD25 --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=607EEF8C7C5D8F0A449B00158148AD25 --renderer-client-id=9 --mojo-platform-channel-handle=4272 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:13.700
Action : Allow/Program Files
Expression : -
Category : -
PID : 13348
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=D3E7EE2614CB256E7A287D56011FDDD8 --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=D3E7EE2614CB256E7A287D56011FDDD8 --renderer-client-id=15 --mojo-platform-channel-handle=4288 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:13.858
Action : Allow/Program Files
Expression : -
Category : -
PID : 19160
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=88F7DE9A10EA69BCE71A72B50AA00845 --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=88F7DE9A10EA69BCE71A72B50AA00845 --renderer-client-id=7 --mojo-platform-channel-handle=4200 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:14.019
Action : Allow/Program Files
Expression : -
Category : -
PID : 23672
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=582E9569C3D68DDF194E7DD9C3590DCC --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=582E9569C3D68DDF194E7DD9C3590DCC --renderer-client-id=14 --mojo-platform-channel-handle=4356 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:14.248
Action : Allow/Program Files
Expression : -
Category : -
PID : 17064
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=F62DA2587ED09A1149FA6474803A37CF --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=F62DA2587ED09A1149FA6474803A37CF --renderer-client-id=12 --mojo-platform-channel-handle=4316 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:14.457
Action : Allow/Program Files
Expression : -
Category : -
PID : 24368
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=235121BA11612417135CEB1FD6CBA39B --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=235121BA11612417135CEB1FD6CBA39B --renderer-client-id=13 --mojo-platform-channel-handle=4336 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:14.641
Action : Allow/Program Files
Expression : -
Category : -
PID : 17092
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=D3BC8DEBDF693CBBDB2F4A39668E4805 --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=D3BC8DEBDF693CBBDB2F4A39668E4805 --renderer-client-id=16 --mojo-platform-channel-handle=4376 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:14.800
Action : Allow/Program Files
Expression : -
Category : -
PID : 24068
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=93E2BACFE7955B3A5B87D42A0337A1B6 --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=93E2BACFE7955B3A5B87D42A0337A1B6 --renderer-client-id=21 --mojo-platform-channel-handle=7776 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:14.969
Action : Allow/Program Files
Expression : -
Category : -
PID : 20948
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=D731944A144A4993F447381280C57B3D --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=D731944A144A4993F447381280C57B3D --renderer-client-id=11 --mojo-platform-channel-handle=4280 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:15.110
Action : Allow/Program Files
Expression : -
Category : -
PID : 7588
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=D4D1315CC6F72B804FB212744B6E7B9C --lang=hu --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=D4D1315CC6F72B804FB212744B6E7B9C --renderer-client-id=5 --mojo-platform-channel-handle=3760 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:15.659
Action : Allow/Program Files
Expression : -
Category : -
PID : 11680
Process : C:\Program Files\Opera\53.0.2907.68\opera_autoupdate.exe
Integrity Level: Medium
User/Domain :
System File : False
SHA1 : 83ED20C1365BBBEBEFFB362215557AFD3E2DA300
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera_autoupdate.exe" --host=https://autoupdate.geo.opera.com/ --pipeid --version=53.0.2907.68 --edition --lang=hu --producttype --requesttype=start --operadir="C:\Program Files\Opera\53.0.2907.68" --installdir="C:\Program Files\Opera" --profile="C:\Users\s\AppData\Roaming\Opera Software\Opera Stable" --installationdatadir="C:\Program Files\Opera" --firstrunver=52.0.2871.30 --firstrunts=1521754169
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:15.797
Action : Allow/Program Files
Expression : -
Category : -
PID : 12160
Process : C:\Program Files\Opera\launcher.exe
Integrity Level: System
User/Domain : SYSTEM/NT AUTHORITY
System File : False
SHA1 : EECF44C84CFAB7621F1326D5F672561458CF4404
Signer : Opera Software AS
Command : "C:\Program Files\Opera\launcher.exe" --scheduledautoupdate --autoupdaterequesttype=start --autoupdateoperaversion=53.0.2907.68
Parent : C:\Windows\System32\svchost.exe
Parent SHA1 : B3D7C886DC6607A50874E0ECF2B90CFC3C4B57B8
Parent Signer : Microsoft Windows Publisher


Date/Time : 2018-05-25 22:13:15.954
Action : Allow/System File
Expression : -
Category : -
PID : 3228
Process : C:\Windows\System32\wbem\WmiPrvSE.exe
Integrity Level: System
User/Domain : HÁLÓZATI SZOLGÁLTATÁS/NT AUTHORITY
System File : True
SHA1 : 08F57FD06BBD8063D5B828521654225952A8155E
Signer :
Command : C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
Parent : C:\Windows\System32\svchost.exe
Parent SHA1 : B3D7C886DC6607A50874E0ECF2B90CFC3C4B57B8
Parent Signer : Microsoft Windows Publisher


Date/Time : 2018-05-25 22:13:16.172
Action : Allow
Expression : [Proc.Signer = Opera Software AS] [Action = Allow]
Category : Alert Dialog
PID : 21760
Process : C:\Windows\Temp\opera autoupdate\installer.exe
Integrity Level: System
User/Domain : SYSTEM/NT AUTHORITY
System File : False
SHA1 : DFB8FFFE401A49C10CFA1511DCCFE96FEEC44658
Signer : Opera Software AS
Command : "C:\WINDOWS\TEMP\opera autoupdate\installer.exe" --version
Parent : C:\Program Files\Opera\launcher.exe
Parent SHA1 : EECF44C84CFAB7621F1326D5F672561458CF4404
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:16.462
Action : Allow/Program Files
Expression : -
Category : -
PID : 18700
Process : C:\Program Files\Opera\53.0.2907.68\opera_autoupdate.exe
Integrity Level: System
User/Domain : SYSTEM/NT AUTHORITY
System File : False
SHA1 : 83ED20C1365BBBEBEFFB362215557AFD3E2DA300
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera_autoupdate.exe" --host --pipeid=oauc_task_pipec750211ec0bf45fdee912602550782d7 --version=53.0.2907.68 --lang=hu --producttype --requesttype=start --downloaddir="C:\WINDOWS\TEMP\opera autoupdate" --operadir="C:\Program Files\Opera\53.0.2907.68" --installdir="C:\Program Files\Opera" --profile="C:\WINDOWS\TEMP\opera autoupdate" --nometrics --scheduledtask
Parent : C:\Program Files\Opera\launcher.exe
Parent SHA1 : EECF44C84CFAB7621F1326D5F672561458CF4404
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:17.999
Action : Allow/Program Files
Expression : -
Category : -
PID : 19788
Process : C:\Program Files\Opera\53.0.2907.68\opera.exe
Integrity Level: Low
User/Domain :
System File : False
SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1512,17550469803823152964,9426956387259347789,131072 --enable-features=ParallelDownloading --disable-features=SharedArrayBuffer --service-pipe-token=67247A04F8AE611A33DE9F9956DEE4B9 --lang=hu --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-featurerompt-on-risky-download=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=20880 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=67247A04F8AE611A33DE9F9956DEE4B9 --renderer-client-id=22 --mojo-platform-channel-handle=9620 /prefetch:1
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS


Date/Time : 2018-05-25 22:13:34.990
Action : Allow/Program Files
Expression : -
Category : -
PID : 20836
Process : C:\Program Files\Opera\53.0.2907.68\opera_autoupdate.exe
Integrity Level: Medium
User/Domain : s/DESKTOP-1M62NJA
System File : False
SHA1 : 83ED20C1365BBBEBEFFB362215557AFD3E2DA300
Signer : Opera Software AS
Command : "C:\Program Files\Opera\53.0.2907.68\opera_autoupdate.exe" --host=https://autoupdate.geo.opera.com/ --pipeid --version=53.0.2907.68 --edition --lang=hu --producttype --requesttype=shutdown --operadir="C:\Program Files\Opera\53.0.2907.68" --installdir="C:\Program Files\Opera" --profile="C:\Users\s\AppData\Roaming\Opera Software\Opera Stable" --installationdatadir="C:\Program Files\Opera" --firstrunver=52.0.2871.30 --firstrunts=1521754169
Parent : C:\Program Files\Opera\53.0.2907.68\opera.exe
Parent SHA1 : 4FE3AC2BD8D0E432FF06DE57AD65707385F83F57
Parent Signer : Opera Software AS

 

Administrators will want to use default deny. They will not want to leave security in the hands of end users. Users may answer incorrectly to prompts. Administrators could run in Audit Mode on a test system, or the actual system for several days so they can foresee problems before they occur.

 

I'm on build 3.1. No sandbox to test v4 with but I'm watching this thread with great interest. Thank you all who are testing and making great suggestions, and, of course, thanks to NVT for his fabulous work.

 

@novirusthanks
This has been fixed, but can this also be done with the notification window?
(Result would be: The notification window appears on top and if a different window is clicked it stays on top.)

 

So far all is well with this latest run and still haven't run into any issues.

For that matter not any suggestion to add at this stage either right now.

Looks like those are filling in where a user determines something might be useful to add on.

 

Here is a new v4.0 (pre-release) test16:
https://downloads.novirusthanks.org/files/exe_radar_pro_4_setup_test16.exe

*** Please do not share the download link, we will delete it when we'll release the official v4 ***

So far this is what's new compared to the previous pre-release:

+ Fixed The Alert Dialog sometimes goes behind other program's windows
+ Fixed The "Running Time" on the program's window Home page could be expanded to show: xx Days, xx Hours, etc.
+ Fixed Importing of rules suggestion: "99 rules have been imported, 1 rule was ignored" / "Some rules couldn't be imported" or something similar
+ Fixed Column-size in Events are not saved (if resized to 0px to hide them)
+ Fixed When on Learning Mode some duplicate rules are added
+ Fixed The notification dialog (when a process is blocked) should "stay" on top even after clicking into a different window
+ Fixed Remember the last opened folder for each OpenDialog separately
+ New popup option in Rules -> "Remove ALL Rules" -> This will remove all rules
+ On the main program window, when we press the ESC key we can "Hide Main Window"
+ Minor fixes and optimizations

To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.

@Cutting_Edgetech

We'll add "Passive Logging" option in the next build.

Correct, once we've sorted out most bugs and all functionalities are fine, we'll make the UI simpler.

@iammike

Should be fixed now.

We'll improve UI usability and elements positions soon (not a priority for now).

@Rasheed187

Yes, it should be fixed now.

@mekelek

Can't reproduce it here, if I'll notice something similar will report it here.

@mood

Should be fixed now.

 

After resizing of a column to 0px, the first char of the now hidden column appears in the adjacent column.
a) Column SHA1 has been resized to 0px
b) The Windows of ERP is minimzed and after bringing the GUI back:
c) The first char of the SHA1-column seems to appear in the Signer-column:

 

Issue: Instead of showing of Unicode Chars, "?????" is shown. In the case of MPC-BE:
Trusted Vendor:

Rule:


In the Events tab (and logfile) it is shown correctly:

Edit: While creating of a rule with "Create Rule from Event" = Unicode is correctly shown but after saving it and looking at the rule, the Unicode chars seems to be dismissed:
(this could mean, that [a] Unicode chars aren't saved properly into the file Rules.db or [b] they are correctly saved but are not properly read. Or some other component isn't handling Unicode correctly)

 

So, how stable would you all say the product has been so far?

 

security-wise it is quite stable, most of the reported bugs are cosmetics/GUI related.

 

Thanks for your answer.

 

Here is a new v4.0 (pre-release) test17:
https://downloads.novirusthanks.org/files/exe_radar_pro_4_setup_test17.exe

*** Please do not share the download link, we will delete it when we'll release the official v4 ***

So far this is what's new compared to the previous pre-release:

+ Fixed resizing of columns to 0px
+ Fixed unicode issue w/ signers in Trusted Vendors List and Rules tab
+ Added a Passive Mode (always allowed after ERP denies a process in any form) -> Right-click on system tray icon
+ Allow-action replaced by Exclude-action in Learning Mode
+ Fixed Re-Create Vulnerable Process Rules menu item functionality

To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.

@mood

Can you confirm the unicode issue related to Signer is fixed?

 

I don't about the rest of you but these few are some great new adjustments-functionality. They all are of course, but as things have been steadily rolling along and bug-a-boos raised to be addressed, it's those it's and and's added that solidify the whole works even more!!

 

It seems to be fixed for the Trusted Vendors List:


But the Rules Tab is still showing "Open Source Developer, ????????? ??????????"

Notification windows doesn't stay on top:
The following fix (added in beta16): "+ Fixed The notification dialog (when a process is blocked) should "stay" on top even after clicking into a different window"
doesn't work in beta 17. It is behind other windows if a different window is clicked:


Sound:
If the following option is enabled: "[X] Play a custom sound when a process is blocked", ERP is silent if a process is blocked.
(the other sound opton works)

Notification window blocks launching of processes:
= If the user is away while the notification window is displayed the system is stalling [no new processes will be launched] (until the user comes back and closes the notification window)

 

If the Idle Action -- Perform an action after N minutes of inactivity is ticked, and an idle value set, the notification dialogue is automatically acknowledged when the PC is idle (tested with 1 minute & Allow Once).

 

just for the record the hard locks i reported weren't caused by NVT EXE Pro.
didn't find the reason what's causing it yet tho.

 

This option affects the alert dialog, not the notification dialogue.
The notification dialogue is still displayed after several minutes of waittime and has to be closed by the user with a click on "Close".

 

Yes, you're right. Sorry! I confused the two dialogues.

 

@mood
I notice there's an option "Notification Dialog -- Do not auto-close notification dialog". On my system if this option is not ticked, the notification dialog closes automatically after a couple of seconds.

 

I think i have overlooked this option
But the thing is, it is good to have a notification dialog stay on the screen so the user is aware that "something has happened" in the meantime (the user comes back to the PC and can see the dialog; without the need to look at the logfile or "Events" each time to find out that something was blocked)
Auto-closing of the dialog contradicts the intention to have it stay on screen.
The ideal solution would be to do not let the notification dialogue block the launching of processes

 

Will this only work when the service is running? Because when I resize columns in Events and restart ERP, it's not saved. Keep in mind, I want it to be saved even after ERP restart, or isn't this possible? The thing is, most columns in Events are not interesting to me at all.

 

Maybe an option in the settings to hide certain columns would be good.