New Antiexecutable: NoVirusThanks EXE Radar Pro

IDK...to gain more users?

 

I can look into this later for you. The installer is 220 mbs. It's going to take a moment to download. Good grief Comodo! You have to do something about your installer! This has been brought up so many times by users.

 

Still dont see the Webroot file under processes or anywhere else WRSA.exe. I have NVT and Webroot on default settings also.

The "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\WRusr.dll",* command was listed under whitelist command lines but not sure if the exe is supposed to show in processes in nvt.

Also even tho its not listed under processes Webroot seems to be running fine and scans are fine also, so probs just me being paranoid just seems weird that every thing else on system is listed but not the webroot exe

 

I'm still getting the driver handle error every so often (randomly) not sure why.

 

Hi
How i can fix problem with NVT + Sandboxie because when sandboxie is cleaning my sandbox NVT always jumps to allow/block process(cmd.exe) ??

 

Add this:

C:\Windows\system32\cmd.exe /c rmdir /s /q "?:\*\__Delete_*"

to Whitelist / CommandLine in NVT

 

@Peter2150

That was strange, when you uninstall and then install new ERP builds, ERP should recognise the whitelists/blacklists/etc from the previous version.

I'll run some more tests today to try to reproduce it.

@TyRidian

Adding a generic memory protection is a complex feature to add, and users will need to configure memory allow/deny for specific processes, plus it may create some issues with other programs if the user does not correctly configure the permissions to write/read the memory of another process. However I will dicuss it internally these days.

About the ERP as a service startup, that too has some pros and cons, ERP may run too early and block some needed-processes (AVs-related or similar) or maybe have problems loading the lists, etc. But of course I will run some tests in the next days to see if it is doable in a safe way.

@puff-m-d

I tried it now and it works here, but please note that if you add an already-present command-line, it will not show an error message or similar, it simply closes the "add new" window. So you may not see the command-line at the end of the list but if it is already present, it may be in another position. Try to add "ABC" as command-line string and see if it is added at the end of the list correctly.

@J_Whacka

I will add an option in the RMB of processes tab named "Export processes list to file", so I can check what are the running processes and other details.

@Overkill

I'll improve it in the next build.

@WalterWolf

Try to add the command-line string suggested by @iammike and let us know if that worked.

 

Hello Andreas,

Thanks for your reply. Your scenario worked for me this time. What I had done before was I had been prompted to a vulnerable process (command line) and meant to click Whitelist commandline, but by mistake clicked allow instead. I was almost certain it was not in the commandline whitelist, so I went and tried to add it manually. I did check and again almost certain it was not there. I wonder if by clicking allow first and then trying to add it caused the issue. I will try to recreate those same circumstances again in the near future so I can verify. As you said, it could have very well already been in the list but somehow I just overlooked it when checking for it. Thanks again...

 

I am getting this error as well randomly.

 

Thanks!

 

After I uninstalled ERP the tray icon was still running in the desktop toolbar, and I could navigate throughout the GUI. Windows said ERP was done uninstalling. Windows did not say I needed to perform a reboot to finish uninstalling ERP. It said the uninstall was complete. This seemed really strange to me that the tray icon, and GUI was still running. I decided to go ahead, and reboot anyways. After rebooting the tray icon was no longer running, but there were many orphaned files. ERP left orphaned files in the Program Files directory, and also in the appdata folder, or programdata folder. I'm not sure which one it was since I uninstalled ERP yesterday. Is this normal?

Edit: I was using Windows 7X64.

 

@Peter2150

I could reproduce your issue, it should be fixed now.

Will upload the new build tomorrow.

@Cutting_Edgetech

Did you closed EXERadar.exe before uninstalling it ?

If EXERadar.exe is not running, the uninstaller should delete all files (if they are not is use by other processes).

 

No, I did not close ERP before uninstalling it. Thank you for fixing this issue!

 

I uploaded the new build, download it from this link:
http://downloads.novirusthanks.org/files/EXERadar_Pro_x86_x64_v3.1_20042014_BUILD1_20042014_v4.exe

To update, follow these steps:

1) Close EXERadar (if it is running)
2) Uninstall EXERadar (you can keep your current settings)
3) Reboot the PC (needed)
4) Install the new build

What's new ?

+ Added option to minimize the application when started manually
+ Added option on the RMB of Whitelists and Vulnerable Processes to reset the lists to default
+ Added option on the RMB of Processes to export processes list to a file
+ Automatically remove the spaces when inserting activation code
+ Fixed issue of blank whitelists when the application is installed
+ Improved x64 and x86 services
+ Improved loading of kernel-mode driver
+ Improved uninstaller

Let me know how this new version works

 

Downloaded and running fine on vista 32 bit and windows 7 64 bit

 

I like the colored icons, great job Andreas

 

I will try it later because i removed sandboxie.
Thank you.

 

Andreas, I hope that popup alerts in the final version will have no visible boxes in each row.

 

Hello Andreas,

I can also verify the issue that I reported is also fixed.
Thanks !!!

 

installed, run fine, it is sad to say :

i don't have any issues since quite a long time, so i don't have much to say

 

ERP just keeps getting more & more pefectly perfecter.

 

When I launched ERP installer in Alert mode, I got 2 popups about .tmp files.
Is that expected since NVT is a trusted vendor?

 

@siketa

I am updating now the setup script to sign all .tmp files and also the uninstaller:
http://postimg.org/image/lnstpmtef/

Will upload a new build in a few