Discussion in 'other anti-malware software' started by sg09, Jun 3, 2011.
I guess you are using the v4.0 latest beta?
Yes and I will continue with it. Seems very up to task on this end.
Awesome, thank you!
I just tried to install version 3 and this is the error message I receive- Runtime error 216 at 000000000040BE35. Probably due to the fact that it hasn't been updated in over 5 years.
I am disappointed that I paid for this back in 2016 and have never received one update.
Did you try to install 'EXERadar_Pro_x86_x64_Trial_Setup.exe' from >
Yesterday, I installed EXERadar_Pro_x86_x64_Trial_Setup.exe = Runtime error 216.
Then I installed EXERadar_Pro_x86_x64_v3.1_24062015_BUILD1.exe from my saved files.
EXERadar_Pro_x86_x64_v3.1 appeared to install okay....UI appeared okay.... but, I could not get ERP 3.1 to prompt...as before.... IDK
Then I installed exe_radar_pro_4_setup_test32.exe from my saved files....appears to install & prompt....as before.
I'm back with OSArmor 1.5.2...now.
I think OSArmor is a post-exploit blocker(like a behaviour blocker) but can be very strong when you play with the advance mode. I love it
I have been using ERP 4 since it's early development days, but I would like to see continued development. I would like to see ERP monitor .dll executions as well. I believe most well coded persistent attacks have been using .dll injection for many years. If ERP is alerting to a threat executing a .exe, then the threat has probably already achieved the first part of it's attack chain, and ERP has stopped it from manipulating the system in some way. The threat may have a hard time continuing it's attack with ERP in it's way, but it has probably already injected into a process running on the system. I definitely would prefer to prevent process injection attacks by monitoring .dll executions.
I use AppGuard to protect against .dll executions from the user-space and programData folder. I believe ERP should also monitor.dll executions from the user-space and ProgramData folder. I believe NoVirusThanks didn't want to present the user with the additional prompts that monitoring .dlls would cause, but they could have just monitored executions of .dlls from the user-space and ProgramData folder. Monitoring the execution of .dlls from the user-space and ProgramData folder would stop most attacks in the wild that use .dll injection as part of their attack chain. Boy, do I miss the days of Online Armor when I truly felt like I had all my bases covered!
Yeah for me processguard
I disagree, ERP doesn't need this, it would become too complex. In fact, I have tested ERP on Win 10 and I didn't really enjoy the experience. The goal was to allow as many apps as possible, in order to reduce alerts, and I only wanted to block certain UWP apps. It was a pain to configure, plus screen position and columsize are not remembered. I'm still using ERP on Win 8.1, but it really needs to become less complex, rule making should become easier.
ERP seems to have a bug affecting the All List. Not all vulnerable executables from the ask and deny list are showing in the All List. Below are a few that are not listed in the All List. There are probably more than the one's listed below.
Is this software still continiue ?!
I think it's dead for now, because NVT focused all his attention on OSArmor which is more of a "set and forget" tool and can be used even by non-geeks, so it's not surprising. Perhaps NVT should add certain features from EXE Radar to OSArmor.
interestingly I compiled some modified iso with ntlite and NVT exe radar pro doesn't work at all, this happened to me once I installed zone alarm
which also have prompts, anyway it doesn't work for me on 20H2 on clean install, I wonder if it depends on some service, component or policy
to me its the other way around, see why OSA has bad comments and ratings on software distribution sites, the whitelisting is annoying and clunky, even at default the programme blocks too much for average user )
Where can I find a link to the latest beta, and how smoothly does it run on Windows 10 21H1 ?
I honestly wouldn't know. As @novirusthanks released test versions many of us at the time followed the development and progression of releases. Maybe some kept their beta test version installers or deleting the old ones. But since Windows 98 I keep/kept many security programs even in beta just on an outside chance one of those versions on another machine could prove useful. Currently is running like a charm on BOTH my Windows 8.1 (where it's been since day one release) and now on Windows 10 where it's proving itself helpful and efficient enough.
I currently use ERP v4.0 Beta (Build 31) and YES it runs perfect on my Windows 10 20h2. The final might been Build 32 but I lost track when OSA overtook the attention away from ERP.
The latest Test beta (test32) was released in March, 2019. I'm reluctant to provide a link because they don't want it shared, but Google might just help you locate it
Just my opinion, but I would not bother trialing it on latest Windows; it's too out of date. A much better option if you have Pro build of Windows 10 is to utilize SRP instead, and deploy a default-deny policy.
Even if you have only the Home version, you could use Andy Ful's Hard Configurator to utilize SRP, exccept it doesn't support DLL files.
Build 32 Beta Ver4. Just tried it. Works
Well you provided the spade work I'm somewhat surprised it still works, but unless there's further development on it, I'd be really leary about using it on latest Windows.
I use it on Windows 10 20H2 Home and while it might not be Mighty Dog, it's useful enough and solidly stable. And that's with Microsoft Defender on ALL settings as well as WVSX. Not a peep of a slowdown or otherwise. It just does what it did before (if any find it useful) before OSA nudged it over to the dusty shelf.
Well that's good. As mentioned above, though, too bad it doesn't monitor dll's.
TRUE! And Oh Man if only ERP was back in development AND "ADD" monitoring DLL's as well as some more TREATS that @novirusthanks is always been generous about.
Thanks @shmu26 for even bringing it up. I updated mine another notch to Build 32 which is indeed the last Beta Build that Andreas released.
If NVT ever does find they can resume active development on ERP again, it's my hope (seeing it too may go subscription based) that they enhance the whole of the GUI into today's more advanced & modern colorful themed flat faced SLEEK Look that many Softwares are bringing out anymore. IMHO that adds to the attraction of powerhouse features built into them and is a noteworthy selling point as well.
Thanks @EASTER and @wat0114 for your help.
I have been out of the loop with OSA. Last I remember, it did not have anti-exe capabilities, and was no replacement for ERP. What's up these days with OSA?
I tried it months ago on Windows 10 1909 and it gave me problems, the system would freeze. OSA is probably a better option at the moment, but it's not a whitelisting tool like EXE Radar of course. And I suspect that the last freeware version of OSA is giving me weird CPU spikes from the "System" process, so I have removed it.
That's a shame to learn @Rasheed187. Both OSA & ERP was a formidable combo I know you liked at one point during early development along with those subsequent beta releases where members/users like yourself troubleshooted and helped iron out difficulties that cropped up.
On a new machine with Windows 10 20H2 im running Build 32 (last known) works to perfection on it. As for OSA im terribly really on the fence at this time. Its absolutely chalked full of an extremely useful feature set but can't make up my mind (yet) whether to go AndyFul's route w/ Hard Configurator or OSA subscription based. I need more time to determine which choice is best.
It's being actively developed by NoVirusThanks, with a nominal yearly subscription fee.
Separate names with a comma.