A
NoVirusThanks EXE Radar Pro/Free
- Autor tematu OXYGEN THIEF
- Rozpoczęty
A
Anonymous
Kolejny wypuścik 
. Nie piszę oznaczenia wersji bo sam już się pogubiłem i nie nadążam za developerem 
. Nie piszę oznaczenia wersji bo sam już się pogubiłem i nie nadążam za developerem
Zaloguj
lub
Zarejestruj się
aby zobaczyć!
A
Anonymous
jak zwał tak zwał najnowszy wypust :
A
Anonymous
A
Anonymous
Screeny z wersji która powolutku nadchodzi
Coraz bliżej nowa wersja
Here is a preview of the "Rules" Tab:
As you can see, it is much easier now to manage rules because:
- You can sort by columns
- You can set a custom action (Allow\Deny\Ask)
- You can view when a rule was added and last updated
- You can add a custom comment on each rule
- You can categorize rules by adding custom categories
- You can enable\disable a rule
- There is a pagination (25 rules per page)
- You can easily search for a rule (expression)
- You can list rules by category and\or action
Here is a preview of the "Rule Editor":
On the next days I will upload the preview of the "Expression Builder".
Here is a preview of the "Rules" Tab:
Zaloguj
lub
Zarejestruj się
aby zobaczyć!
As you can see, it is much easier now to manage rules because:
- You can sort by columns
- You can set a custom action (Allow\Deny\Ask)
- You can view when a rule was added and last updated
- You can add a custom comment on each rule
- You can categorize rules by adding custom categories
- You can enable\disable a rule
- There is a pagination (25 rules per page)
- You can easily search for a rule (expression)
- You can list rules by category and\or action
Here is a preview of the "Rule Editor":
Zaloguj
lub
Zarejestruj się
aby zobaczyć!
On the next days I will upload the preview of the "Expression Builder".
Pojawiła się nowa wersja ERP v4.0 Beta 64-bit (First Release)
Zaloguj
lub
Zarejestruj się
aby zobaczyć!
Lista zmian dla bety wydanej dzisiaj
Zaloguj
lub
Zarejestruj się
aby zobaczyć!
Ciekawe jak będzie ze wsparciem dla starszych systemów. Z tego co widzę to Ichito wspomniał o W8 ktoś inny testuje na W7. Tak mi się wydawało, że mieli zamiar wsparcia dla nowszych systemów ale to raczej mylne wrażenie. Mimo wszystko tak jak sami piszą póki co to jest beta przeznaczona dla ludzi kumatych i tylko na wirtualne maszyny. Zaglądam do tematu na WS regularnie i praca idzie pełną parą. Oby im się udało 
Przyszedł czas na testowanie nowego NoVirusThanks Exe Radar v4.0
Here is the first public beta of ERP v4.0 (pre-release) test 1:
Zaloguj lub Zarejestruj się aby zobaczyć!
*** Please do not share the download link, we will delete it when we'll release the official v4.0 ***
This is the changelog so far (summarized):
+ Redesigned the application from scratch
+ Kernel-drivers are co-signed by MS
+ Allow to enable\disable\search\sort\categorize rules
+ Simplified the user interface
+ More detailed events that show also the triggered rule
+ Create rules grouping process fields (name, signer, cmdline, parent, etc)
+ Allow matching parent process AND child process
+ Support wildcard (? and * character) on each process field
+ Improved support for Limited User Accounts and Fast User Switching
+ Self-protection against process termination is auto-enabled
+ Only Task Manager is allowed to terminate the program
+ Improved support for Windows 10
How to handle Vulnerable Processes?
I create a new category in Rules, named like "Vulnerable Processes", and I add there all system processes commonly hijacked and misused by malware, example cmd.exe, powershell.exe, rundll32.exe, etc. I set the Action = Ask to be always notified when they are executed. Other system processes like vssadmin.exe, reg.exe, regini.exe, etc I prefer to set Action = Deny to automatically block them (I don't need them). As you can see from the screenshot below I added also the SysWOW64 versions (I'm on a 64-bit OS). To allow a vulnerable process I just create a new rule matching the process, the parent process (can be useful) and the command-line string. In some safe cases, I just match the parent process and the child (vulnerable) process, i.e C:\Program Files\Safe\Process.exe (parent) -> C:\WINDOWS\System32\cmd.exe (child), without matching the command-line.
*** Probably you may avoid matching the SHA1 hash of vulnerable processes, because lets say a malware copies cmd.exe to Temp folder, then when it is executed you would get an Alert Dialog because it is not anymore a system process but is considered as an unknown process. Moreover the ones I added are not even digitally signed by MS. ***
I exported my list of vulnerable processes (made quickly, you may add some more):
Zaloguj lub Zarejestruj się aby zobaczyć!
Just click on "Rules" -> "Import" and select this CSV file to import them.
Now that rules can be categorized you can just create new categories and put your custom rules there. One important thing, if you create a rule to allow all processes on C:\WINDOWS\* then it takes precedence on the Action = Ask so all processes in C:\WINDOWS\* will be allowed (also processes with Action = Ask). This first public beta should be pretty stable and you should familiarize with it easily, it has a simple interface to create and manage rules and to check events. The settings tab has a few important and simple option. The self-protection against process termination is enabled by default and can't be changed via the settings (it is not present there as option). Only task manager can terminate EXE Radar Pro processes.
Aktualnie sobie testuję i działa całkiem sprawnie 
, okno główne programu wywołuje się podwójnym klikiem na ikonkę w trayu.
, okno główne programu wywołuje się podwójnym klikiem na ikonkę w trayu.
Tomasz Bielski
Bardzo aktywny
Tenn program jest płatny czy darmowy?
Zaloguj
lub
Zarejestruj się
aby zobaczyć!
tu np piszą że trial.Podobne tematy:
