New Antiexecutable: NoVirusThanks EXE Radar Pro

Thanks, and you can also use the Import/Export function in the program itself

 

That would only work though if the import function would recognize that the two categories had been merged and then would properly sort things out. It might not be a bad idea (if this is a concern) to backup the data and check just to make sure, especially when dealing with a beta version.

 

I must say, I am quite impressed

Good job, can't wait for a new or official build

 

Have you made changes to trust mode yet? like the lockdown modes where you have time options?

 

where is the new download link?

 

@Overkill

Sure, all protection modes (except the Alert Mode) can be enabled for 10 minutes, 30 minutes, 1 hour, until reboot (until the application is exited), permanently.

@everyone, @jmonge

New build 2 V10:
http://downloads.novirusthanks.org/files/EXERadar_Pro_x86_x64_v3.0_09092013_BUILD2_V10.exe

Please note that I updated only the x64 version.

Changelog:

The configuration wizard->custom configuration looks like this:
http://postimg.org/image/k7z81dr3r/

I removed all the other checkboxes because they can be easily changed from settings (I see they are redundant), in the custom configuration I wanted to only allow user to select what to whitelist to create the initial whitelist rules.

This build does not merge automatically the commandline strings present in CommandLineWhiteList.DB file with the ones present in CommandLineWhiteListWildcard.DB file, so you should do this manually for now. The DB file that is used now is CommandLineWhiteListWildcard.DB

I removed the tab "Advanced Options" in "Settings" window, and I added a new tab "External Devices". I removed the possibility to restore the protection, I think it is not needed anymore because now the user is able to select for how much time enable a protection mode, so has more control on this and can also enable permanently a protection mode.

Don't forget to test the restore/import/export settings/lists.

Let me know what you all think about the new changes and if you have other suggestions/bugs to report

 

When will the x86 version be ready? Thanks

 

The avast installer is still able to execute

 

thank you

 

+ Added option "View commandline string" in the popupmenu of Events tab
+ Added option "View commandline string" in the popupmenu of CommandLine tab

Very useful!

 

BUG

Go to Menu-Settings-Master Password.
Check "Password protect enabling of Disabled Mode".

Go to Import/Export and select Restore Default Settings.

Now, check Menu-Settings-Master Password settings.
"Password protect enabling of Disabled Mode" is still checked.
It should be unchecked.

Restoring default settings of other Master Password options works ok.

 

@Overkill

I should release the x86 version later in the afternoon.

@Jryder54

I have not yet fixed it, I will do that in the next build

@siketa

I could reproduce the issue, will fix that in few hours.

 

Andreas, what is the problem regarding avast?

 

It seems that in Windows 8+, sometimes, the setup file of Avast is executed without alerting ERP, I have not yet analyzed this behaviour, but I could reproduce it. After I have the x86 version ready, I will check it.

 

Thank you

 

Currently external devices can be blocked. What about adding blocking of internal folders and subfolders? I have a data only e drive. It would be nice to block file execution for that whole drive. It would even be better to do that and to allow exceptions for a time or permanently.

It may be the same thing. Allow wildcards in the blacklists so I could enter e:\*.

 

Is the description for the first item changed to

"Allow rundll32.exe to load system protected modules" ?



Thanks

 

I prefer the description that is already in the Settings.

 

This is the new build 11 (x86 version is updated):
http://downloads.novirusthanks.org/files/EXERadar_Pro_x86_x64_v3.0_09092013_BUILD2_V11.exe

Please remember:

@smith2006

Yes, I updated the text in the Settings window and I updated now also the changelog text.

@just_john

Sure, that can be done, an option would be to have the same Whitelist rules for the Blacklist (CommandLine, Parent Processes, Untrusted Folders, Path Comparison). Although I think that these features may not be needed, since with the Lockdown Mode Extreme you just need to set rules for allowed processes and all the rest is blocked, I would be interested to know how many users may benefit from these options added in the Blacklist ?

 

Master Password bug is fixed!

 

I only see use for being able to deny file execution on the data drive. I never thought of doing it before using ERP. It would also add a layer of defence against Cryptolocker. I guess I could also accomplish the same thing by changing the e drive security permissions to deny file execution.

 

Thanks